Beveiligingsberichten voor 1998

[10 dec 1998] sshd
buffer overflow in logging
[ 7 dec 1998] fte-console
does not drop its root privileges
[26 nov 1998] fsp
creates user "ftp" unauthorized
[22 nov 1998] zgv
buffer overflows
[18 nov 1998] samba
unsafe temp files
[12 nov 1998] junkbuster
buffer overflows
[22 sep 1998] tcsh
buffer overflow with very long paths
[ 9 sep 1998] bash
problem with very long pathnames
[ 5 sep 1998] nslookup and dig
possible buffer overflows in nslookup and dig
[ 4 sep 1998] rpc.mountd
buffer overflow in mountd
[ 1 sep 1998] minicom
buffer overflows in minicom if suid
[29 aug 1998] seyon
root compromise
[28 aug 1998] sail
/tmp race in sail
[28 aug 1998] apache
vulnerable to a denial of service
[28 aug 1998] sendsys
remote denial of service if using sendsys report mechanism
[28 aug 1998] lprm
buffer overflows allowing local root access
[27 aug 1998] eperl
misinterprets ISINDEX queries
[27 aug 1998] ncurses
setuid ncurses programs allow opening arbitrary files
[27 aug 1998] mutt
malicious mails can execute arbitrary code
[27 aug 1998] cfingerd
potentially allows local root exploits
[27 aug 1998] faxsurvey
faxsurvey script executes arbitrary commands
[ 8 jul 1998] filerunner
opens files in /tmp in an insecure manner
[13 jun 1998] cxhextrix
buffer overflow, giving access to group games
[31 mei 1998] mailx
insecurely opens files in /tmp
[30 mei 1998] premail
opens files in /tmp insecurely
[30 mei 1998] kdebase
buffer overflow in klock, kvt saves config as root
[20 mei 1998] samba
buffer overflows
[14 mei 1998] gzip
gzexe allows running arbitrary programs
[13 mei 1998] shadow su
problem with su
[ 9 mei 1998] procps
file creation and corruption bug in XConsole
[ 8 mei 1998] super
displaying files despite lack of permissions
[ 8 mei 1998] irc
allows remote to send arbitrary characters to local terminal
[ 8 apr 1998] bind
buffer overflow causing potential remote root exploits, denial of service
[17 mrt 1998] perl
vulnerable to symlink attack
[17 mrt 1998] netstd
routed permits remote user file overwrite
[17 mrt 1998] lincity
potential buffer overruns
[17 mrt 1998] gzip
potential buffer overflow executable
[17 mrt 1998] gcc
vulnerable to symlink attack
[17 feb 1998] textutils
sort and tac vulnerable to symlink attack
[11 feb 1998] dwww
Shell meta-characters permitted
[12 jan 1998] sudo
sudo allowed users to run any root command
[12 jan 1998] smail
UUCP exploit under smail
[10 jan 1998] deliver
buffer overflow