Vuoden 1997 tietoturvatiedotteet
- [ 2. 7.1997] elm-me+
- Vulnerability in elm
- [ 7. 7.1997] XFree86
- Vulnerability in XFree86
- [17. 4.1997] sperl
- Buffer overflow in sperl 5.003
- [16. 4.1997] php
- There is a vulnerability in PHP/FI, a NCSA httpd cgi enhancement
- [ 9. 4.1997] metamail
- It may be possible to make metamail execute arbitrary commands
- [ 7. 4.1997] amd
- amd ignores nodev option
- [25. 3.1997] inetd
- inetd passes privileged groups on to subprocesses
- [25. 3.1997] sendmail
- sendmail 8.8.5 follows hardlinks when writing /var/tmp/dead.letter
- [23. 3.1997] tftp
- tftpd allows retrieval of files with ".." in their path
- [ 4. 3.1997] superprobe
- SuperProbe (of XFree86) contains a number of buffer overflows
- [ 2. 3.1997] imap4
- The imapd, pop2d and pop3d servers allow remote, unauthenticated root access.
- [20. 2.1997] screen
- The "screen" program overflows when copying the gecos field.
- [13. 2.1997] nlspath
- libc NLSPATH buffer overflow
- [10. 2.1997] minicom
- standard buffer overrun(s) in minicom
- [ 6. 2.1997] rlogin
- rlogin doesn't check $TERM's length.
- [ 6. 2.1997] tar
- GNU tar sometimes unintentionally creates setuid-root executables.
- [27. 1.1997] talkd
- talkd does not check hostname length