FTP Buffer Overflows
Pages: 1, 2
The Solaris Xsun application has a buffer overflow that can be exploited by a local user to execute arbitrary code with elevated permissions. The SPARC version of Solaris has Xsun installed "set user group root," while the X86 versions of Solaris have Xsun installed "set user ID root."
If Xsun is executed via
xdm, users can remove the set user ID and set group ID bits without losing any functionality. Users
should watch the Sun web site for a patch.
A set of problems in the Alcatel ADSL-Ethernet bridge can allow a remote attacker to modify the bridge's configuration, upload new firmware, and stop it from communicating with the ADSL provider. The following problems have been reported. By default, these devices ship with no password set; if the password was set by the user, it can be retrieved by an attacker using TFTP. There is also a cryptographic back door that can be used to bypass the password and other security features.
Users should check the Alcatel web site for updated firmware.
Alerts this week:
HylaFAX is an application used to send and receive facsimiles, and send alphanumeric pages. It has been reported that there is a format string bug in HylaFAX that may be exploited to gain root privileges.
Anyone using HylaFAX should watch for confirmation and a fix for this problem.
Cfingerd, a configurable replacement for the finger daemon, has a
format string vulnerability that can be used by a remote attacker to
obtain root privileges. This vulnerability affects version 1.4.3 and
cfingerd should disable the daemon until a fix has been made
to the software.
Buffer overflows have been found in SCO OpenServer 5.0.00 through 5.0.6. Applications found to have buffer overflows include:
All administrators of affected SCO OpenServer systems should install the SSE072B patch dated April 11, 2001.
Trend Micro Interscan VirusWall, a real-time virus detection and clean-up tool that runs on Linux and other Unix systems, has several bugs that could allow a remote attacker to obtain root privileges.
Users should upgrade to Interscan VirusWall version 3.6 as soon as possible.
Read more Security Alerts columns.
Return to the Linux DevCenter.