from the patchwork dept.
In the last days, several problems were found in common Linux and UNIX programs and services. Be sure to track the security mailinglist of your vendor or distributor and patch your system. Read on for an overview...
Pine is a common mailreader in the academic environment. All versions below 4.58 contains a buffer overflow which allows to execute any code with your userrights by simple sending a mail to you.
MySQL contains a buffer overflow in the password function. Please upgrade your MySQL-Installation in case you have users who are allowed to create users or change passwords.
Sendmail below version 8.12.10 contains a buffer overflow in the address verification routine. Please upgrade your sendmail installiation with your vendor's patch, the source for 8.12.10 or the patch for older versions.
OpenSSH seems to have some problems - roumor says, that some machines were hacked since august '03. Theo de Raat and his team is searching for the bug and found allready two of them. Please upgrade your SSH-Installation:BUGTRAQ and keep in touch with the acutal problems.
< | >