[security] Security Advisories
Lorenzo Iannuzzi
nakis a libero.it
Sab 17 Gen 2004 00:59:07 CET
http://www.openca.org/news/CAN-2004-0004.txt
A flaw in OpenCA before version 0.9.1.7 could cause OpenCA to accept a
signature from a certificate if the certificate's chain is trusted by
the chain directory of OpenCA.
http://www.openpkg.org/security.html
A bunch of vulnerabilities in tcpdump [0] were found and addressed
in the past. All of them are in the area of packet decoding. Faulty
decoder functions can result in denial of service attacks through
infinite loops, memory starvation and application crashes. In the
worst case arbitrary code execution is possible.
http://www.debian.org/security/
A vulnerability was discovered in Midnight Commander, a file manager,
whereby a malicious archive (such as a .tar file) could cause
arbitrary code to be executed if opened by Midnight Commander.
--
Ciao e alla prossima!
Lorenzo nakis a libero.it
-------------- parte successiva --------------
Un allegato non testuale è stato rimosso....
Nome: non disponibile
Tipo: application/pgp-signature
Dimensione: 244 bytes
Descrizione: non disponibile
Url: http://itlists.org/pipermail/security/attachments/20040117/8474f4ad/attachment.pgp
Maggiori informazioni sulla lista
security