Bezpečnostní zprávy z roku 1998
- [10.12.1998] sshd
- buffer overflow in logging
- [07.12.1998] fte-console
- does not drop its root privileges
- [26.11.1998] fsp
- creates user "ftp" unauthorized
- [22.11.1998] zgv
- buffer overflows
- [18.11.1998] samba
- unsafe temp files
- [12.11.1998] junkbuster
- buffer overflows
- [22.09.1998] tcsh
- buffer overflow with very long paths
- [09.09.1998] bash
- problem with very long pathnames
- [05.09.1998] nslookup and dig
- possible buffer overflows in nslookup and dig
- [04.09.1998] rpc.mountd
- buffer overflow in mountd
- [01.09.1998] minicom
- buffer overflows in minicom if suid
- [29.08.1998] seyon
- root compromise
- [28.08.1998] sail
- /tmp race in sail
- [28.08.1998] apache
- vulnerable to a denial of service
- [28.08.1998] sendsys
- remote denial of service if using sendsys report mechanism
- [28.08.1998] lprm
- buffer overflows allowing local root access
- [27.08.1998] eperl
- misinterprets ISINDEX queries
- [27.08.1998] ncurses
- setuid ncurses programs allow opening arbitrary files
- [27.08.1998] mutt
- malicious mails can execute arbitrary code
- [27.08.1998] cfingerd
- potentially allows local root exploits
- [27.08.1998] faxsurvey
- faxsurvey script executes arbitrary commands
- [08.07.1998] filerunner
- opens files in /tmp in an insecure manner
- [13.06.1998] cxhextrix
- buffer overflow, giving access to group games
- [31.05.1998] mailx
- insecurely opens files in /tmp
- [30.05.1998] premail
- opens files in /tmp insecurely
- [30.05.1998] kdebase
- buffer overflow in klock, kvt saves config as root
- [20.05.1998] samba
- buffer overflows
- [14.05.1998] gzip
- gzexe allows running arbitrary programs
- [13.05.1998] shadow su
- problem with su
- [09.05.1998] procps
- file creation and corruption bug in XConsole
- [08.05.1998] super
- displaying files despite lack of permissions
- [08.05.1998] irc
- allows remote to send arbitrary characters to local terminal
- [08.04.1998] bind
- buffer overflow causing potential remote root exploits, denial of service
- [17.03.1998] perl
- vulnerable to symlink attack
- [17.03.1998] netstd
- routed permits remote user file overwrite
- [17.03.1998] lincity
- potential buffer overruns
- [17.03.1998] gzip
- potential buffer overflow executable
- [17.03.1998] gcc
- vulnerable to symlink attack
- [17.02.1998] textutils
- sort and tac vulnerable to symlink attack
- [11.02.1998] dwww
- Shell meta-characters permitted
- [12.01.1998] sudo
- sudo allowed users to run any root command
- [12.01.1998] smail
- UUCP exploit under smail
- [10.01.1998] deliver
- buffer overflow