[security] Security Advisories
Lorenzo Iannuzzi
nakis a libero.it
Dom 2 Maggio 2004 22:11:09 CEST
http://www.netwosix.org/adv14.html
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to
2.0.8, with socks5 traversal enabled, allows remote attackers to execute
arbitrary code.
http://www.debian.org/security/
Tatsuya Kinoshita discovered a vulnerability in flim, an emacs library
for working with internet messages, where temporary files were created
without taking appropriate precautions. This vulnerability could
potentially be exploited by a local user to overwrite files with the
privileges of the user running emacs. the 'chroot' option.
A vulnerability was discovered in rsync, a file transfer program,
whereby a remote user could cause an rsync daemon to write files
outside of the intended directory tree. This vulnerability is not
exploitable when the daemon is configured with the 'chroot' option.
--
Ciao e alla prossima!
Lorenzo
Maggiori informazioni sulla lista
security