Bugs
Niki Guldbrand
niki at lunar-linux.org
Mon Nov 17 14:48:19 GMT 2003
Hi all.
Time for some bugs again, and this time we have a glibc issue again...
I haven't had time to investigate this yet...
Bug number 40 has been taken back, after discussion with the author...
13. iproute
Vendor: Kuznetsov, Alexey et al
A vulnerability was reported in iproute. A local user may be
able to cause denial of service conditions.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2003/Nov/1008173.html
14. Glibc
Vendor: GNU [multiple authors]
A vulnerability was reported in glibc in the getifaddrs()
function. A local user may be able to cause denial of service
conditions on the system.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2003/Nov/1008170.html
34. UnAce
Vendor: winace.com
A buffer overflow vulnerability was reported in the UnAce file
decompression software. A remote or local user may be able to
cause arbitrary code to be executed in certain cases, but the
report did not confirm code execution.
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2003/Nov/1008143.html
40. PureFTPd
Vendor: PureFTPd.org
A denial of service vulnerability was reported in PureFTPd. A
remote user can trigger a buffer overflow and cause the target
server to crash. [Editor's note: The author of the report has
retracted his claim after further analysis of the code and
discussions with the vendor. This entry will be removed from our
database shortly.]
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2003/Nov/1008135.html
Niki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dbguin.lunar-linux.org/mailman/private/lunar-dev/attachments/20031117/5de0d3a0/attachment.bin
More information about the lunar-dev
mailing list