Rappel des règles: - uniquement les annonces concernant les logiciels libres sont reproduites. - parfois, certaines annonces concernant le matériel sont également reproduites. - les annonces concernant les scripts PHP ne sont plus reproduites, il y en a tellement.
Parfois SecurityFocus n'est malheureusement pas très clair sur la qualité libre/non-libre des logiciels traités. Il y a eu plein de problèmes découverts sur le Cisco VPN 3000. Red Hat PXE Server DHCP Packet Denial Of Service Vulnerability BugTraq ID: 5596 Remote: Yes Date Published: Aug 30 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/5596 Summary: Red Hat Linux includes a Preboot eXecution Environment (PXE) server. PXE can be used to boot a Linux based system from a remote disk image. An error has been reported in the PXE server included with some versions of Red Hat. If certain DHCP packets are received by the server, it may crash. This may create a denial of service condition for legitimate systems which rely on the server. A restart may be required in order to regain normal functionality. In particular, this behavior has been reported to occur when DHCP packets generated by some Voice Over IP (VoIP) phone devices are received by the vulnerable server. FactoSystem Weblog Multiple SQL Injection Vulnerabilities BugTraq ID: 5600 Remote: Yes Date Published: Aug 31 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/5600 Summary: FactoSystem Weblog is a freely available, open source software package for weblogging and managing content. It is available for Microsoft Windows operating systems. A problem with FactoSystem could lead to a possible SQL injection attack. FactoSystem does not adequately filter special characters from requests. Because of this, it may be possible for a remote user to submit a request containing encoded special characters and SQL, and execute arbitrary commands. This could lead to execution of SQL commands in the security context of web database user. By passing custom requests through the authornumber, discussblurbid, name, and email fields in the author.asp, discuss.asp, and holdcomment.asp pages, an attacker could potentially execute SQL commands on the database backending the weblog. It is possible to pass special characters through the Weblog by sending them as their hex values. It should be noted that this problem affects systems that run IIS and have ASP enabled. This problem may allow an attacker to perform various functions on a vulnerable server, and could potentially lead to the retrieval of sensitive information. Dan Mueth ScrollKeeper Tempfile Symbolic Link Vulnerability BugTraq ID: 5602 Remote: No Date Published: Sep 02 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/5602 Summary: Dan Mueth ScrollKeeper is a documentation cataloging system that acts as a middle layer between applications and help browsers. When a ScrollKeeper aware browser makes a call to get a category tree using scrollkeeper-get-cl, the content list is passed through tempfiles in the /tmp directory with permissions of the current user. The tempfiles are named scrollkeeper-tempfile.[0-4]. While creating these tempfiles, scrollkeeper-get-cl will follow symbolic links. This could allow an attacker to overwrite files as the currently logged on user. Super Site Searcher Remote Command Execution Vulnerability BugTraq ID: 5605 Remote: Yes Date Published: Sep 03 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/5605 Summary: Super Site Searcher is a search engine script, implemented in Perl. It is intended to run on Unix and Linux variants. Super Site Searcher is prone to remote command execution. Shell metacharacters are not adequately filtered from query string parameters in a request to the vulnerable search engine script. In particular, the lack of input validation affects the "page" query string parameter, which is processed by "site_searcher.cgi". The parameter is used in a function which passes commands directly through the shell. A remote attacker may exploit this condition to execute arbitrary commands on the shell with the privileges of the webserver process, which will enable the attacker to gain local access to the underlying host. Simple Site Searcher, released by the same vendor, is also prone to this issue. - Pour poster une annonce: [EMAIL PROTECTED]