Рекомендації по безпеці за 1997 рік

[02 лип 1997 р.] elm-me+
Vulnerability in elm
[07 лип 1997 р.] XFree86
Vulnerability in XFree86
[17 кві 1997 р.] sperl
Buffer overflow in sperl 5.003
[16 кві 1997 р.] php
There is a vulnerability in PHP/FI, a NCSA httpd cgi enhancement
[09 кві 1997 р.] metamail
It may be possible to make metamail execute arbitrary commands
[07 кві 1997 р.] amd
amd ignores nodev option
[25 бер 1997 р.] inetd
inetd passes privileged groups on to subprocesses
[25 бер 1997 р.] sendmail
sendmail 8.8.5 follows hardlinks when writing /var/tmp/dead.letter
[23 бер 1997 р.] tftp
tftpd allows retrieval of files with ".." in their path
[04 бер 1997 р.] superprobe
SuperProbe (of XFree86) contains a number of buffer overflows
[02 бер 1997 р.] imap4
The imapd, pop2d and pop3d servers allow remote, unauthenticated root access.
[20 лют 1997 р.] screen
The "screen" program overflows when copying the gecos field.
[13 лют 1997 р.] nlspath
libc NLSPATH buffer overflow
[10 лют 1997 р.] minicom
standard buffer overrun(s) in minicom
[06 лют 1997 р.] rlogin
rlogin doesn't check $TERM's length.
[06 лют 1997 р.] tar
GNU tar sometimes unintentionally creates setuid-root executables.
[27 січ 1997 р.] talkd
talkd does not check hostname length