Vuoden 1997 tietoturvatiedotteet

[ 2. 7.1997] elm-me+
Vulnerability in elm
[ 7. 7.1997] XFree86
Vulnerability in XFree86
[17. 4.1997] sperl
Buffer overflow in sperl 5.003
[16. 4.1997] php
There is a vulnerability in PHP/FI, a NCSA httpd cgi enhancement
[ 9. 4.1997] metamail
It may be possible to make metamail execute arbitrary commands
[ 7. 4.1997] amd
amd ignores nodev option
[25. 3.1997] inetd
inetd passes privileged groups on to subprocesses
[25. 3.1997] sendmail
sendmail 8.8.5 follows hardlinks when writing /var/tmp/dead.letter
[23. 3.1997] tftp
tftpd allows retrieval of files with ".." in their path
[ 4. 3.1997] superprobe
SuperProbe (of XFree86) contains a number of buffer overflows
[ 2. 3.1997] imap4
The imapd, pop2d and pop3d servers allow remote, unauthenticated root access.
[20. 2.1997] screen
The "screen" program overflows when copying the gecos field.
[13. 2.1997] nlspath
libc NLSPATH buffer overflow
[10. 2.1997] minicom
standard buffer overrun(s) in minicom
[ 6. 2.1997] rlogin
rlogin doesn't check $TERM's length.
[ 6. 2.1997] tar
GNU tar sometimes unintentionally creates setuid-root executables.
[27. 1.1997] talkd
talkd does not check hostname length