Bollettini della sicurezza del 1998
- [10 dic 1998] sshd
- buffer overflow in logging
- [07 dic 1998] fte-console
- does not drop its root privileges
- [26 nov 1998] fsp
- creates user "ftp" unauthorized
- [22 nov 1998] zgv
- buffer overflows
- [18 nov 1998] samba
- unsafe temp files
- [12 nov 1998] junkbuster
- buffer overflows
- [22 set 1998] tcsh
- buffer overflow with very long paths
- [09 set 1998] bash
- problem with very long pathnames
- [05 set 1998] nslookup and dig
- possible buffer overflows in nslookup and dig
- [04 set 1998] rpc.mountd
- buffer overflow in mountd
- [01 set 1998] minicom
- buffer overflows in minicom if suid
- [29 ago 1998] seyon
- root compromise
- [28 ago 1998] sail
- /tmp race in sail
- [28 ago 1998] apache
- vulnerable to a denial of service
- [28 ago 1998] sendsys
- remote denial of service if using sendsys report mechanism
- [28 ago 1998] lprm
- buffer overflows allowing local root access
- [27 ago 1998] eperl
- misinterprets ISINDEX queries
- [27 ago 1998] ncurses
- setuid ncurses programs allow opening arbitrary files
- [27 ago 1998] mutt
- malicious mails can execute arbitrary code
- [27 ago 1998] cfingerd
- potentially allows local root exploits
- [27 ago 1998] faxsurvey
- faxsurvey script executes arbitrary commands
- [08 lug 1998] filerunner
- opens files in /tmp in an insecure manner
- [13 giu 1998] cxhextrix
- buffer overflow, giving access to group games
- [31 mag 1998] mailx
- insecurely opens files in /tmp
- [30 mag 1998] premail
- opens files in /tmp insecurely
- [30 mag 1998] kdebase
- buffer overflow in klock, kvt saves config as root
- [20 mag 1998] samba
- buffer overflows
- [14 mag 1998] gzip
- gzexe allows running arbitrary programs
- [13 mag 1998] shadow su
- problem with su
- [09 mag 1998] procps
- file creation and corruption bug in XConsole
- [08 mag 1998] super
- displaying files despite lack of permissions
- [08 mag 1998] irc
- allows remote to send arbitrary characters to local terminal
- [08 apr 1998] bind
- buffer overflow causing potential remote root exploits, denial of service
- [17 mar 1998] perl
- vulnerable to symlink attack
- [17 mar 1998] netstd
- routed permits remote user file overwrite
- [17 mar 1998] lincity
- potential buffer overruns
- [17 mar 1998] gzip
- potential buffer overflow executable
- [17 mar 1998] gcc
- vulnerable to symlink attack
- [17 feb 1998] textutils
- sort and tac vulnerable to symlink attack
- [11 feb 1998] dwww
- Shell meta-characters permitted
- [12 gen 1998] sudo
- sudo allowed users to run any root command
- [12 gen 1998] smail
- UUCP exploit under smail
- [10 gen 1998] deliver
- buffer overflow