[security] Security updates from Red Hat and Trustix
Lorenzo Iannuzzi
nakis a libero.it
Ven 23 Gen 2004 11:23:04 CET
http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml
The default installation of Cisco voice products on the IBM platform
will install the Director Agent in an unsecure state, leaving the
Director services vulnerable to remote administration control and/or
Denial of Service attacks. The vulnerabilities can be mitigated by
configuration changes and Cisco is providing a repair script that will
close the vulnerable ports and put the Director agent in secure state
without requiring an upgrade.
http://lwn.net/Articles/67213/
Red Hat has issued a security update to mc fixing a remotely
exploitable buffer overflow in the virtual filesystem code.
Trustix has updated slocate fixing a buffer overflow which could give a
local attacker access to the list of all files on the system.
--
Ciao e alla prossima!
Lorenzo nakis a libero.it
-------------- parte successiva --------------
Un allegato non testuale è stato rimosso....
Nome: non disponibile
Tipo: application/pgp-signature
Dimensione: 244 bytes
Descrizione: non disponibile
Url: http://itlists.org/pipermail/security/attachments/20040123/a9788bef/attachment.pgp
Maggiori informazioni sulla lista
security