♦ Password
♦ Mailsetup
♦ Info
♦ Workstations
  ♣ Linux
  ♣ MacOS
♦ E-Mail
♦ Chat
♦ Files
♦ Backups
♦ Printers
♦ Network
♦ Statistics
♦ Downloads
♦ Links
♦ Newsletter
♦ Submit
♦ Search
♦ Linux

  Linux / UNIX security update
Linux Posted by Beat Rubischon on Thursday September 18, @10:33AM
from the patchwork dept.
In the last days, several problems were found in common Linux and UNIX programs and services. Be sure to track the security mailinglist of your vendor or distributor and patch your system. Read on for an overview...

Pine is a common mailreader in the academic environment. All versions below 4.58 contains a buffer overflow which allows to execute any code with your userrights by simple sending a mail to you.

MySQL contains a buffer overflow in the password function. Please upgrade your MySQL-Installation in case you have users who are allowed to create users or change passwords.

KDE contains a bug in KDM, the K Display Manager. Please upgrade your KDE-installation in case you are using KDE's graphical login.

Sendmail below version 8.12.10 contains a buffer overflow in the address verification routine. Please upgrade your sendmail installiation with your vendor's patch, the source for 8.12.10 or the patch for older versions.

OpenSSH seems to have some problems - roumor says, that some machines were hacked since august '03. Theo de Raat and his team is searching for the bug and found allready two of them. Please upgrade your SSH-Installation:

Please register yourself in the security mailinglists of your vendor / distributor or BUGTRAQ and keep in touch with the acutal problems.

<  |  >


  Related Links
  • Articles on Linux
  • Also by Beat Rubischon
  • Contact author
  • The Fine Print: The following comments are owned by whoever posted them.
    ( Reply )

    © 2003 ISG, Departement Physik, ETH Zürich, <>