- CA-2000-17: Input Validation Problem In rpc.statd
The CERT/CC has begun receiving reports of an input validation vulnerability in the rpc.statd program being exploited. This program is included, and often installed by default, in several popular Linux distributions.
- CA-2001-17: Check Point RDP Bypass Vulnerability
- CA-99-01 Trojan TCP Wrappers
The CERT Coordination Center has received confirmation that some copies of the source code for the TCP Wrappers tool (tcpd) were modified by an intruder and contain a Trojan horse. An intruder can gain unauthorized root access to any host running this Trojan horse version of TCP Wrappers.
- CA-99-05 Vulnerability in statd exposes vulnerability in automountd
Important new vendor information was added to this advisory, which describes two vulnerabilities, one in statd and one in automountd, that are being used together by intruders to gain access to vulnerable systems.
- CA-99-08 Buffer overflow vulnerability in rpc.cmsd
There is a buffer overflow vulnerability in the Calendar Manager Service Daemon, rpc.cmsd. This vulnerability allows remote and local users to execute arbitrary code with the privileges of cmsd, typically root. A tool to exploit this vulnerability has been publicly released.
- CA-99-11 Four Vulnerabilities in the Common Desktop Environment
Multiple vulnerabilities have been identified in some distributions of the Common Desktop Environment (CDE). These vulnerabilities are different from those discussed in CA-98.02.
- CA-99-12 Buffer Overflow in amd
There is a buffer overflow vulnerability in the logging facility of the amd daemon. By exploiting this vulnerability, remote intruders can execute arbitrary code as the user running the amd daemon (usually root).
- CA-99-13 Multiple Vulnerabilities in WU-FTPD
Three vulnerabilities have been identified in WU-FTPD and other ftp daemons based on the WU-FTPD source code. WU-FTPD is a common package used to provide File Transfer Protocol (FTP) services.
- CA-99-15 Buffer Overflows in SSH daemon and RSAREF2 Library
Some versions of sshd are vulnerable to a buffer overflow that can allow an intruder to influence certain variables internal to the program. This vulnerability alone does not allow an intruder to execute code. However, a vulnerability in RSAREF2 can be used in conjunction to allow remote intruder to execute arbitrary code.
- CiscoSecure Access Control Server for UNIX Remote Administration
In CiscoSecure Access Control Server (CiscoSecure ACS) for UNIX, versions``1.0 through 2.3.2, there is a database access protocol that could permit``unauthorized remote users to read and write the server database without``authentication. Depending on the network environment, this might permit``unauthorized users to modify the access policies enforced by the``CiscoSecure ACS.
[ 1 2 ]
11 Links, Oct 27, 2012
Learn About Linux
This domain could be yours:
Domains for Sale