Beveiligingsberichten voor 1998
- [10 dec 1998] sshd
- buffer overflow in logging
- [ 7 dec 1998] fte-console
- does not drop its root privileges
- [26 nov 1998] fsp
- creates user "ftp" unauthorized
- [22 nov 1998] zgv
- buffer overflows
- [18 nov 1998] samba
- unsafe temp files
- [12 nov 1998] junkbuster
- buffer overflows
- [22 sep 1998] tcsh
- buffer overflow with very long paths
- [ 9 sep 1998] bash
- problem with very long pathnames
- [ 5 sep 1998] nslookup and dig
- possible buffer overflows in nslookup and dig
- [ 4 sep 1998] rpc.mountd
- buffer overflow in mountd
- [ 1 sep 1998] minicom
- buffer overflows in minicom if suid
- [29 aug 1998] seyon
- root compromise
- [28 aug 1998] sail
- /tmp race in sail
- [28 aug 1998] apache
- vulnerable to a denial of service
- [28 aug 1998] sendsys
- remote denial of service if using sendsys report mechanism
- [28 aug 1998] lprm
- buffer overflows allowing local root access
- [27 aug 1998] eperl
- misinterprets ISINDEX queries
- [27 aug 1998] ncurses
- setuid ncurses programs allow opening arbitrary files
- [27 aug 1998] mutt
- malicious mails can execute arbitrary code
- [27 aug 1998] cfingerd
- potentially allows local root exploits
- [27 aug 1998] faxsurvey
- faxsurvey script executes arbitrary commands
- [ 8 jul 1998] filerunner
- opens files in /tmp in an insecure manner
- [13 jun 1998] cxhextrix
- buffer overflow, giving access to group games
- [31 mei 1998] mailx
- insecurely opens files in /tmp
- [30 mei 1998] premail
- opens files in /tmp insecurely
- [30 mei 1998] kdebase
- buffer overflow in klock, kvt saves config as root
- [20 mei 1998] samba
- buffer overflows
- [14 mei 1998] gzip
- gzexe allows running arbitrary programs
- [13 mei 1998] shadow su
- problem with su
- [ 9 mei 1998] procps
- file creation and corruption bug in XConsole
- [ 8 mei 1998] super
- displaying files despite lack of permissions
- [ 8 mei 1998] irc
- allows remote to send arbitrary characters to local terminal
- [ 8 apr 1998] bind
- buffer overflow causing potential remote root exploits, denial of service
- [17 mrt 1998] perl
- vulnerable to symlink attack
- [17 mrt 1998] netstd
- routed permits remote user file overwrite
- [17 mrt 1998] lincity
- potential buffer overruns
- [17 mrt 1998] gzip
- potential buffer overflow executable
- [17 mrt 1998] gcc
- vulnerable to symlink attack
- [17 feb 1998] textutils
- sort and tac vulnerable to symlink attack
- [11 feb 1998] dwww
- Shell meta-characters permitted
- [12 jan 1998] sudo
- sudo allowed users to run any root command
- [12 jan 1998] smail
- UUCP exploit under smail
- [10 jan 1998] deliver
- buffer overflow
