LinuxDevCenter.com

oreilly.comSafari Books Online.Conferences.

We've expanded our Linux news coverage and improved our search! Search for all things Linux across O'Reilly!

Search
Search Tips

advertisement

Listen Print Subscribe to Linux Subscribe to Newsletters

Remote Root Exploit in QPopper
Pages: 1, 2

Fpf

The Fpf kernel module alters the Linux TCP/IP stack so that it emulates other operating systems TCP/IP fingerprints and appears to applications such as nmap or queso to be a different OS. A bug in Fpf causes the kernel to panic when the IP stack receives a fragmented packet.



Users should watch for a new version of Fpf that fixes this problem.

HPUX kmmodreg

The HPUX utility kmmodreg has a symbolic-link race condition that an attacker can use to overwrite or create arbitrary files.

Users should install patch PHCO_24112 as soon as possible.

BestCrypt

BestCrypt allows users to create an encrypted loopback file system. The Linux version of BestCrypt has a vulnerability in the set user ID root utility bctool that can be used to execute arbitrary code with the permissions of the root user.

Users of BestCrypt should remove the set user ID bit from bctool and upgrade to version 0.8 as soon as possible.

Qpopper

Qpopper, a server for POP mail, has a buffer overflow that may be exploitable to execute arbitrary code as the root user.

Users should upgrade to version 4.0.3 or newer of Qpopper as soon as possible.

exim

The Message Transfer Agent exim has a format-string vulnerability that may be exploitable if headers_check_syntax has been turned on.

Users of exim should watch for a patch.

TIAtunnel

TIAtunnel, an IRC relay or bouncer, has a remotely executable buffer overflow that can be used by an attacker to execute arbitrary code on the server with the permissions of the user executing TIAtunnel. An automated exploit for this vulnerability has been released.

Users should watch for an updated version of TIAtunnel and should consider turning TIAtunnel off until it has been fixed.

Red Hat's xinetd

xinetd, under Red Hat Linux 7 and 7.1, is started with a umask of 0. This will cause applications xinetd starts that do not set their own umask to create world-writable files. It has also been reported that there is a potential buffer overflow in the version of xinetd distributed with Red Hat Linux 7.

Affected users should upgrade xinetd to the latest package available from Red Hat.

ispell

The ispell spell-checking program is vulnerable to a symbolic-link race condition attack. This vulnerability may be used to overwrite files with the permissions of the user executing ispell.

Users should upgrade to a patched version of ispell.

VirtualCart Shopping Cart

The VirtualCart Shopping Cart web-based application has a bug that can be exploited by an attacker to execute arbitrary code with the permissions of the user running the web server.

Users of VirtualCart Shopping Cart should contact the vendor for a patch.

Return to the Linux DevCenter.




Tagged Articles

Be the first to post this article to del.icio.us

Sponsored Resources

  • Inside Lightroom
Advertisement

Sponsored by:

O'Reilly Media

©2009, O'Reilly Media, Inc.
(707) 827-7000 / (800) 998-9938
All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. 		About O'Reilly
Academic Solutions
Authors
Contacts
Customer Service
Jobs
Newsletters
O'Reilly Labs
Press Room
Privacy Policy
RSS Feeds
Terms of Service
User Groups
Writing for O'Reilly
Content Archive
Business Technology
Computer Technology
Google
Microsoft
Mobile
Network
Operating System
Digital Photography
Programming
Software
Web
Web Design
 More O'Reilly Sites
O'Reilly Radar
Ignite
Tools of Change for Publishing
Digital Media
Inside iPhone
O'Reilly FYI
makezine.com
craftzine.com
hackszine.com
perl.com
xml.com

Partner Sites
InsideRIA
java.net
O'Reilly Insights on Forbes.com