[security] Security Advisories
Lorenzo Iannuzzi
nakis a libero.it
Ven 13 Feb 2004 00:33:55 CET
http://www.sgi.com/support/security/
SGI has released Patch 10050: SGI Advanced Linux Environment security
update #10, which includes updated RPMs for SGI ProPack v2.3 for the SGI
Altix family of systems, in response to the following security issues:
Updated slocate packages fix vulnerabilities
http://rhn.redhat.com/errata/RHSA-2004-041.html
Updated util-linux packages fix information leak
http://rhn.redhat.com/errata/RHSA-2004-056.html
Updated mc packages resolve buffer overflow vulnerability
http://rhn.redhat.com/errata/RHSA-2004-035.html
Updated NetPBM packages fix multiple temporary file vulnerabilities
http://rhn.redhat.com/errata/RHSA-2004-031.html
Updated Gaim packages fix security vulnerabilities
http://rhn.redhat.com/errata/RHSA-2004-045.html
Updated mailman packages close DoS vulnerability
http://rhn.redhat.com/errata/RHSA-2004-019.html
http://www.debian.org/security/
A vulnerability was discovered in cgiemail, a CGI program used to
email the contentsof an HTML form, whereby it could be used to send
email to arbitrary addresses. This type of vulnerability is commonly
exploited to send unsolicited commercial email (spam).
http://www.microsoft.com/technet/security/bulletin/MS04-007.asp
Microsoft has release Security Bulletin MS04-007 to address vulnerabilities
in the ASN.1 parsing component of the Windows Operating Systems. This
component is used by several applications for transmission of data across
the network. Some examples of applications which make use of ASN.1 include
Internet Explorer and IIS for certificate parsing, NTLMv2 authentication,
Kerberos authentication, ISAKMP, LDAP and Exchange.
--
Ciao e alla prossima!
Lorenzo nakis a libero.it
Ci sono 10 tipi di persone al mondo. Quelle che comprendono
i binari e quelle che non li comprendono.
-------------- parte successiva --------------
Un allegato non testuale è stato rimosso....
Nome: non disponibile
Tipo: application/pgp-signature
Dimensione: 244 bytes
Descrizione: non disponibile
Url: http://itlists.org/pipermail/security/attachments/20040213/892116df/attachment.pgp
Maggiori informazioni sulla lista
security