The Grumpy Editor's guide to note-taking applications
Your editor is not always the most organized person. He is pretty sure he
still has a desk under the pile of papers, unpaid bills, and random
electronic components that surrounds his monitor - but he has not seen it
for some time. There are lots of sheets of paper full of handwritten notes
on that desk, but many of them have not seen the light of day for years.
There's probably some good stuff to be found in there, somewhere.
This is the information age, of course, and paper full of handwritten notes
is tremendously obsolete. Your editor's pen just doesn't have enough
fonts, and, besides, contemporary disk drives allow for the creation of
much higher piles of stuff. It's clearly time to go electronic.
There are numerous applications out there which are aimed at people trying
to create a digital note pile; your editor decided it was time to give a
few of them a try. As a way of narrowing the field somewhat, only
graphical applications were considered; command-line utilities, Emacs
modes, and so on were taken off the list. There's no shortage of web-based
wiki systems which can be employed in this role, but they are a topic for
another article some other time. Finally, there are a few systems which
are aimed at "mind mapping," which is a different objective entirely. Mind
mapping applications are on your editor's list to review, but, according to
his kids, your editor has lost his mind entirely and will thus have a hard
time mapping it.
Each application was looked at from a simple point of view: how well does
it support the tasks of quickly and easily creating, organizing, finding,
and using notes? There are, as we will see, a few approaches to this task.
xpad
There are a few applications which try to emulate the classic yellow pad of
sticky notes - but without the glue; xpad is one of those.
It maintains a series of little yellow windows, each of which can contain
simple text in a single font. The font and colors can be changed, but only
on a global basis. The first line of notes in each window becomes the
title for that window.
Like a number of note-taking applications, xpad puts an icon into the panel
task area. Simply clicking on that icon appears to do nothing - though
double-clicking causes all known notes to show up in the current
workspace. The right mouse button yields a menu with the titles of each
note window, along with "show all" and "close all" options. "Close all"
doesn't just close the windows, it causes the application to exit
completely.
There is an "edit lock" feature in xpad; it turns off editing on all
notes. There does not appear to be a way to lock a single window. There's
not a lot of other features available: no searching, no linking between
notes, no audio effects, etc. As a basic notepad, however, xpad seems good
enough.
xpostit
Xpostit may be the oldest of the applications reviewed by your editor. It
has no web page; it
would, in fact, appear to predate the web. It features those round Xaw
buttons which became briefly popular after X11R4 came out. Beyond that,
the interface is quite strange. Running xpostit pops up a single, small
(maybe 1.5cm square on your editor's display) window with a plaid,
presumably trademark-infringing design. Clicking on that window does
nothing until the right button is used, at which point the user is rewarded
with a menu allowing the creation of notes in several predefined sizes.
Note windows contain simple text in the ugliest monospace font the
developers could find. There is, beyond doubt, some X resource which can
be employed to change that font, but your editor, it must be said, has not
found messing around with X resources cool for some years now.
Xpostit is one of the few notes applications with a "save" button; most of
them save notes implicitly. There are no features of interest beyond the
provision of containers for bare text. There is no panel icon, and no way
to find a specific note beyond getting them all on-screen with "show all"
and starting to dig. In your editor's opinion, xpostit is an application
whose time has passed.
knotes
KNotes is a KDE-based notepad; like others, it is based on the little
yellow window concept. It has a more contemporary feel, however, and is
notably nicer to work with. The initial impression can be just a bit
off-putting, though, at least for those running KNotes outside of a KDE
desktop. KNotes puts up a shaped window without the usual window manager
decorations; instead, there is a yellow title bar with a red thumbtack in
it. The thumbtack does not appear to do anything other than function as a
cute example of the X11 shape extension. The title bar can be used to drag
the window around in the usual way, but employing the right button
does not yield the usual window manager menu; instead, most of the KNotes
functionality can be found there.
KNotes puts an icon in the task area; clicking on it gives a menu of note
titles. Selecting a title will move to the virtual desktop containing the
note (if any), a bit of a disorienting experience for users who are not
expecting it. Even worse, it remembers which desktop last contained a
note, and will put the note back in that desktop before moving.
The right mouse button gives a menu with a number of
options, including creating new notes, adjusting the ample (this is KDE,
after all) configuration options, and searching.
The search function is a valuable thing for a notes application to have;
once the number of notes gets large, it can get hard to remember where
something specific can be found. KNotes search is nice, in that it
searches through all notes and it supports regular expressions. There are
a couple of rough spots, though; if the next occurrence of the desired text
is in a window found on a different virtual desktop, it moves the desktop
rather than the window. Then it helpfully puts up a little "search for the
next occurrence?" dialog - directly on top of the window containing the
text the user was looking for.
There are a few features unique to KNotes. One of those is alarms, added
presumably so that the user can use notes as a simple appointment manager.
There is an option to send notes via email. It is also possible to send
notes directly to an instance of KNotes running on another system - though
the acceptance of notes over the network is (sensibly) turned off by
default. Notes can be locked on a per-note basis, preventing inadvertent
modification of notes when desired.
Another nice feature is that notes can be dismissed by hitting the escape
key. As a result, pulling up a note, adding a line, and making it go away
can be a very quick operation - and that, in turn, encourages the keeping
of good and complete notes. Without the desktop warping, KNotes would be
almost perfect as a simple, quick, capable, and visually attractive notes
manager.
It's worth noting (so to speak) that KNotes is also available as a
component of the Kontact organizer.
Running Kontact gives access to all of the notes created in KNotes, but it
appears that the full integration of this functionality is a work in
progress. Kontact notes windows look more like traditional text editing
windows; they do not appear to be intended to be left around the screen
like KNotes windows. Kontact does add a spelling checker, however. Even
so, in your editor's opinion, KNotes works better as a standalone
application at this time.
Tomboy
Tomboy is a GNOME and
Mono-based note-taking application which attempts to provide both
simplicity and useful features. Your editor has been using it for some
months now.
Tomboy places an icon on the panel - not in the task area. Clicking on
that icon yields a menu with the titles of the ten most recently modified
notes, along with create and search options. Unfortunately, your editor
seems to cycle through a set of about eleven notes, with the result that
the desired one is often not on the list. Selecting "search all notes"
brings up a dialog with all known notes and a simple search box. Typing
text into that box trims the list of notes to those containing matches.
There is no regular expression capability.
The escape key will dismiss a Tomboy window; combined with the panel icon,
this feature allows for quick note updates.
A feature unique to Tomboy - at least, among the applications reviewed here
- is the ability to link between notes. By highlighting a term, the user
can create a new note using that term as its title; thereafter, clicking on
the term will bring up the new note. There is also a backlink feature: the
tools menu includes a "what links here?" item which will give a list of
notes linking to the current one.
Tomboy has a fair number of options for decorating text with different
fonts, colors, sizes, etc. For the most part, there is not much use for
this capability in a note-taking application, but the ability to create
bold headers can be nice. It's also useful to be able to strike out text
to, for example, mark off completed items on a "to do" list. A long list
of crossed-out items just gives more satisfaction than simply deleting
them, somehow. Tomboy will also create bulleted lists when lines are typed
beginning with an asterisk.
Notes can be printed (a feature not supported by all applications) or
exported to HTML. There is a plugin mechanism which can be used to add
interesting functionality; current plugins offer integration with evolution
and bugzilla, for example. Tomboy also has a spelling checker which, by
default, decorates notes with lots of obnoxious red underlines. It is rare
that perfect spelling is required in a collection of personal notes,
however, so your editor is pleased that this feature can be turned off.
Overall, Tomboy is a nice application; your editor's biggest complaint
would be that its memory footprint is huge - even by GNOME standards. The
use of Mono cannot help in this regard; it is hard to imagine which
features in an application like this would really need the Mono framework
for their implementation. With a bit less baggage, Tomboy would be nearly
perfect.
BasKet
Finally, your editor played with BasKet, a KDE application which
celebrated its 1.0 release on February 12.
Unlike other note-taking applications, BasKet does all of its work within a
single window. At the top level, it maintains a tree of "baskets," each of
which can contain any number of notes. Only one "basket" can be viewed at
any given time. Baskets can be configured with up to three columns; notes
are then lined up in the columns. There is also a free-format mode, where
notes can be placed anywhere, even on top of each other. In your editor's
opinion, the proper metaphor might be a bulletin board - each "basket" is a
place where any number of things can be pinned and organized.
BasKet offers a great deal of control over fonts, sizes, weights, and so on.
There is a mechanism for attaching tags to notes; each tag brings with
it an icon and, perhaps, a set of heavy-handed color choices. Tagging an
item as "work," for example, turns the text a sort of dark yellow color.
There is an "insert image" operation which yields an empty note and a
dialog on how BasKet cannot do image editing. Dragging an image over from
konqueror does the expected thing - though your editor remains a little
mystified by the concept of "moving" (as opposed to "copying") an image
into the application. Baskets can also contain links, application
launchers, and other surprises.
The end result of all this stuff is that the BasKet window quickly turns
into a gaudy mess of wild colors and images. If your editor's word is not
sufficient on this fact, the BasKet screenshots page
should dispel any doubt. The BasKet developers are also enamored of
animated effects, tooltips, and the use of audio signals.
The display of any given basket can be narrowed to items marked with a
given tag. There is also a simple search mechanism which shows only the
notes containing a given string. No regular expressions are supported, and
the search only applies to the currently-displayed basket by default -
though there is an option to make it global.
There is a feature by which baskets can be globally bound to shortcut keys,
allowing them to be summoned by a single keystroke. Unfortunately, an
attempt to play
with that feature left your editor with a totally locked keyboard, a
situation which made the writing of this article rather more difficult than
it otherwise had to be. Logging in over the net and killing BasKet took
care of the problem. One assumes this behavior is not part of the original
design specification.
Summary
Of the applications reviewed, the first two (xpad and xpostit) are of
relatively little interest. They reflect the state of the desktop art as
it was several years in the past. Xpad is still a useful application, but
it has been surpassed by others.
BasKet is an interesting attempt to do new things with notes. For your
editor's needs, however, it is overkill. The whole point of note taking is
to collect ideas together, track things to do, etc. It doesn't need
images, colors, animations, sounds, and so on. BasKet seems to be more
directly aimed at people who care about making their notes collections look
cool. Your editor, who gave up any hope of looking cool back in high
school, does not need BasKet's features.
That leaves KNotes and Tomboy. Either is an entirely capable application.
The Tomboy feature set still seems like it is most directly focused on the
note-taking application; the search feature is nicer to use and linking
between notes is useful. But one could get the job done quite nicely with
either of these applications.
Comments (47 posted)
Avoiding the tar pit
This
Washington Post article is one of many expressing disappointment with
Microsoft's Vista release, which is famously late and which has failed to
live up to Microsoft's early promises. The article claims that the
problems are not specific to Microsoft:
The sad truth is that Microsoft's woes aren't unusual in this
industry. Large-scale software projects are perennially beset by
dashed hopes and bedeviling delays. They are as much a tar pit
today as they were 30 years ago, when a former IBM program manager
named Frederick P. Brooks Jr. applied that image to them in his
classic diagnosis of the programming field's troubles, "The
Mythical Man-Month."
In this context, it behooves us to ask: is there a free software tar pit in
our future? What can we do to avoid a grim future where we bog down, our
software collapsing under its own weight?
Looking at the state of the free software community now, it is tempting to
say that, so far, we have nicely avoided the tar pit. But have we? Here
are a few dates from the past which may be of interest:
- The 2.2.0 kernel was released on January 26, 1999.
- 2.4.0 came out on January 4, 2001.
- 2.5.1 - the beginning of the next development series - was released on
December 16, 2001
The 2.5 development series was stalled for almost one full year while 2.4
reached a state which actually approached stable. Overall, the process
from 2.2.0 to a stable 2.4 took almost three years; the kernel was in a
"feature freeze" state for about two of those years. This was a time when
quite a few people - many of them kernel developers - felt let down by the
development process. This, your editor would attest, was a tar pit era.
One might well argue that the kernel has not yet escaped that tar pit. Like
Vista, we lack a shiny new next-generation filesystem; the only credible
attempt at such a filesystem (reiser4) remains in a stalled,
feature-reduced state. It seems likely, however, that most observers would
agree that the tar pit has been left far behind. The kernel development
process has been humming along at a high pace, delivering interesting new
releases every few months. The same story can be seen in many other parts
of the free software community.
If we accept that things have gotten better, it can be interesting to look
at why. One hint can be found in the same article:
Without that discipline, too often, software teams get lost in what
are known in the field as "boil-the-ocean" projects -- vast schemes
to improve everything at once. That can be inspiring, but in the
end we might prefer that they hunker down and make incremental
improvements to rescue us from bugs and viruses and make our
computers easier to use. Idealistic software developers love to
dream about world-changing innovations; meanwhile, we wait and wait
for all the potholes to be fixed.
Any successful free software project must get good at fixing potholes; in
the worst case, users (and distributors) will do the job for themselves.
In a well-managed project, the people who are trying to improve the whole
world will not get in the way of the pothole fixers. There is no single
team, charged with all the development on a project, which can get bogged
down in that way.
A "well-managed project" must find a way to keep whole-world improvements
from stopping everything else, however. The older, multi-year kernel
process did not always succeed on that front; the attempt to improve the
entire kernel ended up bogging down the entire process. The new kernel
development model,
with its short release cycles, has caused some developers to complain that
it is no longer possible to make major changes that require a long time to
settle down. To the extent that this complaint is true, it should maybe be
seen as a good thing. By only merging changes which can be brought to a
releasable state within a month or two, the new process sidesteps the
tar pit and keeps the development machine running.
One of the key suggestions in The Mythical Man Month is the
formation of "surgical teams" to support the lead programmer(s). Some of
the team members - such as the clerk who "keys in" the code - seem a little
quaint now. But the idea that the people running the project (or parts of
it) need lieutenants, documentation writers, tool makers, etc. still makes
a lot of sense. Once upon a time, the kernel lacked much of that
structure, with everything concentrating on a single developer - Linus
Torvalds. Now there is a vast network of lieutenants. Quite a few
developers focus their effort not on the kernel, but on the tools used by
kernel developers. All that's missing are the clerks - and, perhaps,
the documentation writers.
One of the biggest anti-tar pit technologies used by the free software
community would have been hard for Mr. Brooks to imagine back in 1972:
multiple, independent development teams. Any project of any size has a
wide range of independent, sometimes conflicting development efforts
happening at the same time. If one group bogs down, the others continue
unhindered. The process may seem inefficient, given that a significant
portion of the work which is done may never survive to a stable release.
Throwing away code can be painful, but it is far less so than throwing away
the entire project.
Peer review is also missing from the Brooks landscape. But peer review
helps to ensure one of the things he thought was vital for a successful
project: a clear conceptual architecture for the project. That
architecture may take a surprising form: few free software projects have the
sort of extensive design documentation that he probably had in mind. But a
crowd of reviewers can help to ensure that new code is consistent with the
principles behind a project - and that it is maintainable into the future.
In this context, it is notable (and worrisome) that an increasing number of
proposed kernel features are finding themselves stalled by a lack of
reviews.
Finally, one should note that free software projects have mostly learned a
sure-fire way to avoid a failure to live up to their promises: they don't
make any. Vaporware tends to be scarce in this community; either the code
exists or it does not. Very few projects are truly controlled by one
corporation, so companies are also restrained in the promises they make
about future releases; they are in no position to ensure that those
promises are fulfilled. The relative freedom from marketing-driven
promises helps free software projects avoid disappointments - but it also
helps them to focus effort on objectives with a reasonable chance of
success.
To argue that the free software community is immune to the problems of
large-scale software development would be foolish. For all their growth,
many or most components of a system like Linux are still a fraction of the
size of their equivalents on certain proprietary systems. As our code base
grows, there will undoubtedly be new challenges for those who would
continue to develop it. But the free systems we have today must certainly
far exceed the size of System/360 when Mr. Brooks was managing it, and we
would appear to be going strong. With widespread community participation,
improving tools, and the willingness to change our development models in
response to real-world problems, we should be about to stay out of that
tar pit for some time yet.
Comments (57 posted)
Page editor: Jonathan Corbet
Security
Linux botnets
February 14, 2007
This article was contributed by Jake Edge.
Collections of subverted machines, called
botnets are typically
associated with Windows; thousands of zombie desktops sending spam and
causing other internet mayhem. Unfortunately, it is increasingly clear
that Linux boxes (as well as MacOS X and other UNIX boxes) are
participating in botnets, but in a bit of a twist, it is mostly servers
that have been subverted. Botnets are an enormous problem that
Vint Cerf recently
estimated
may involve up to one quarter of all internet connected computers. This
translates to a botnet controller's fondest wish: 150 million zombie machines
to rent to the highest bidder.
Desktops are usually infected with a bot by an email-borne virus or a
trojan attached to some application that the user installs, much like
adware and spyware infect machines. The bot software then connects to a
'command and control' (C&C) infrastructure, that often use Internet Relay
Chat (IRC) servers, to get instructions on what they should do. The 'owner'
of a botnet (known as a bot herder) can then instruct the bots to do whatever
they, or more likely their client, want. Because the traffic
generated from a botnet comes from all over the Internet, it is difficult
or impossible to recognize it for what it is. This allows botnets to be
used for spamming, distributed denial of service (DDOS) attacks, click fraud and
other malicious activities in a largely untraceable way.
The desktop infection methods are not typically as useful for Linux boxes
and so bot herders have turned to web application exploits as a means
for collecting subverted machines. Attacking servers has the additional
advantage that they are usually machines with much greater resources:
faster network connectivity, more storage, faster processors, etc. The attacks
are largely targeted at everyone's favorite Internet security whipping
boy, PHP applications. Open source PHP applications are the
main target as they are ubiquitous and typically easy to exploit as
some recent
research
indicates. An additional benefit of targeting a higher level application
is that it is a cross-platform exploit; the operating system and web server
software are immaterial if the target is a PHP application.
The easiest type of vulnerability to exploit is often
Remote File
Inclusion (RFI) which allows an attacker to run code on a
vulnerable server with the permissions of the webserver. Generally,
those permissions are sufficient to allow the bot to do anything the herder
might wish it to; sending email and other network traffic is not normally a privileged
activity. Even a cursory glance at the Bugtraq mailing list will reveal
numerous RFI vulnerabilities; they are reported regularly and each can lead
to bot exploitation if not patched.
Many different types of malware can be installed on a vulnerable machine,
depending on the intent of the herder. As with the exploit itself, the
installed code tends to be written in a scripting language so that it is
cross-platform. The malware can range from simple test tools
that indicate vulnerable servers to sophisticated shells that allow the
attacker to effectively login to the server and perform any allowed operation.
The most serious damage that these botnets have caused is to our
inbox; bots seem to be the preferred way to deliver spam these days.
Diligent anti-spam efforts tend to get spamming accounts or systems shut
down within hours but there is no easy way to shut down a spam-delivering botnet. A less
visible, but potentially more damaging effect is DDOS
attacks
on internet sites. By attacking a site and working their way up the
chain of DNS servers and registrars, a botnet can silence a site the herder
does not like or hold sites hostage until they pay a ransom.
Past efforts to thwart botnets have often focused on destroying the C&C
servers by shutting down the affected IRC sites, but botnets are
moving toward using HTTP for C&C which allows that traffic to hide amongst
the sea of similar traffic; it also has the advantage of getting through
most firewalls. Botnets will be a serious problem going forward, and Linux
systems are not immune to participation in them. The
financial incentive is large and the means of prevention are weak, at least
so far. As we have learned by trying to deal with spam, money makes our
adversaries much more inventive which makes long-term solutions hard to
come by.
Comments (31 posted)
Security news
An update on the Solaris telnet vulnerability
For those who are interested in the Solaris telnet vulnerability, Gadi
Evron has put together a comprehensive summary of the problem, how Sun
responded, where to get fixes, etc. "
Whatever my thoughts are on how silly, sad or funny this vulnerability is
(quaint really), how they use telnet (?!) and how Sun should be smacked on
the back of the head for it, I have to honestly admit Sun's response and
the level they were open to the community and industry on this without
too many PR/legal blocks getting in their way are very encouraging..."
Full Story (comments: 5)
New vulnerabilities
ImageMagick: buffer overflow
| Package(s): | imagemagick |
CVE #(s): | CVE-2007-0770
|
| Created: | February 12, 2007 |
Updated: | February 16, 2007 |
| Description: |
Vladimir Nadvornik discovered a buffer overflow in GraphicsMagick and
ImageMagick allows user-assisted attackers to cause a denial of service and
possibly execute execute arbitrary code via a PALM image that is not
properly handled by the ReadPALMImage function in coders/palm.c. |
| Alerts: |
|
Comments (1 posted)
MoinMoin: cross-site scripting
| Package(s): | moinmoin |
CVE #(s): | CVE-2007-0857
|
| Created: | February 12, 2007 |
Updated: | February 14, 2007 |
| Description: |
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before
1.5.7 allow remote attackers to inject arbitrary web script or HTML via (1)
the page info, or the page name in a (2) AttachFile, (3) RenamePage, or (4)
LocalSiteMap action. |
| Alerts: |
|
Comments (none posted)
rar: buffer overflow
| Package(s): | rar |
CVE #(s): | CVE-2007-0855
|
| Created: | February 14, 2007 |
Updated: | February 14, 2007 |
| Description: |
The rar archive utility contains a buffer overflow in its processing of password-protected archives. Version 3.7.3 contains the fix. |
| Alerts: |
|
Comments (none posted)
smb4k: multiple vulnerabilities
| Package(s): | smb4k |
CVE #(s): | CVE-2007-0472
CVE-2007-0473
CVE-2007-0474
CVE-2007-0475
|
| Created: | February 13, 2007 |
Updated: | March 12, 2007 |
| Description: |
The Smb4K
0.8.0 release announcement notes that several security weaknesses in
the utility programs (stack overflows / the use of strcpy instead of
strncpy / a design error in smb4k_kill) and in the Smb4KFileIO class (use
of mktemp instead of mkstemp for creation of the temporary files which
could lead to both a race and an information leak / a race in the code that
handles the lock file). Fixes for all of these issues are included in Smb4K
0.8.0 and in the patches that have been prepared for Smb4K 0.7.5 and
0.6.10a. Other versions are not supported anymore. |
| Alerts: |
|
Comments (none posted)
snort: denial of service
| Package(s): | snort |
CVE #(s): | CVE-2006-6931
|
| Created: | February 14, 2007 |
Updated: | March 1, 2007 |
| Description: |
From the Gentoo advisory: Randy Smith, Christian Estan and Somesh Jha discovered that the rule
matching algorithm of Snort can be exploited in a way known as a
"backtracking attack" to perform numerous time-consuming operations. Version 2.6.1.2 contains the fix. |
| Alerts: |
|
Comments (none posted)
twiki: arbitrary code execution
| Package(s): | twiki |
CVE #(s): | CVE-2007-0669
|
| Created: | February 12, 2007 |
Updated: | February 14, 2007 |
| Description: |
According to this
vendor security advisory, a vulnerability exists in the SessionPlugin
extension of the Wiki engine TWiki, version up to and including 4.1.0. The
vulnerability allows local users to cause TWiki to execute arbitrary Perl
code with the privileges of the web server process by creating CGI session
files on the local filesystem. |
| Alerts: |
|
Comments (none posted)
wordpress: multiple vulnerabilities
| Package(s): | wordpress |
CVE #(s): | CVE-2007-0262
CVE-2007-0539
CVE-2007-0541
|
| Created: | February 13, 2007 |
Updated: | February 14, 2007 |
| Description: |
Wordpress does not properly verify that the m parameter value has the
string data type, which allows remote attackers to obtain sensitive
information via an invalid m[] parameter, as demonstrated by obtaining the
path, and obtaining certain SQL information such as the table
prefix. (CVE-2007-0262)
WordPress before 2.1 allows remote attackers to cause a denial of service
(bandwidth or thread consumption) via pingback service calls with a source
URI that corresponds to a large file, which triggers a long download
session without a timeout constraint. (CVE-2007-0539)
WordPress allows remote attackers to determine the existence of arbitrary
files, and possibly read portions of certain files, via pingback service
calls with a source URI that corresponds to a local pathname, which
triggers different fault codes for existing and non-existing files, and in
certain configurations causes a brief file excerpt to be published as a
blog comment. (CVE-2007-0541) |
| Alerts: |
|
Comments (none posted)
Updated vulnerabilities
apache: cross-site scripting
| Package(s): | apache |
CVE #(s): | CVE-2006-3918
|
| Created: | August 9, 2006 |
Updated: | April 4, 2008 |
| Description: |
From the Red Hat advisory: "A bug was found in Apache where an invalid Expect header sent to the server
was returned to the user in an unescaped error message. This could
allow an attacker to perform a cross-site scripting attack if a victim was
tricked into connecting to a site and sending a carefully crafted Expect
header." |
| Alerts: |
|
Comments (none posted)
bcfg2: local password disclosure
| Package(s): | bcfg2 |
CVE #(s): | |
| Created: | February 1, 2007 |
Updated: | February 7, 2007 |
| Description: |
The bcfg2 configuration file has incorrect permissions, this can
be used for a local password disclosure to unprivileged users. |
| Alerts: |
|
Comments (none posted)
bind: denial of service
| Package(s): | bind |
CVE #(s): | CVE-2007-0493
CVE-2007-0494
|
| Created: | January 26, 2007 |
Updated: | March 14, 2007 |
| Description: |
The bind package is vulnerable to two remote denial of service attacks in
which attackers can cause the bind daemon to to crash or exit unexpectedly
by providing malformed data to the daemon in a DNS request. |
| Alerts: |
|
Comments (none posted)
bluez-utils: hidd vulnerability
| Package(s): | bluez-utils |
CVE #(s): | CVE-2006-6899
|
| Created: | January 16, 2007 |
Updated: | May 14, 2007 |
| Description: |
hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain
control of the Mouse and Keyboard Human Interface Device (HID) via a
certain configuration of two HID (PSM) endpoints, operating as a server,
aka HidAttack. |
| Alerts: |
|
Comments (none posted)
bugzilla: multiple vulnerabilities
| Package(s): | bugzilla |
CVE #(s): | CVE-2006-5453
CVE-2006-5454
CVE-2006-5455
|
| Created: | November 10, 2006 |
Updated: | August 28, 2007 |
| Description: |
Bugzilla has the following vulnerabilities:
Input data passed to various fields is not properly sanitized before
being passed back to users.
Users can gain unauthorized access to read attachment
descriptions while using diff mode.
HTTP GET and HTTP POST requests can be used to perform unauthorized
actions due to improper verification.
Input that is passed to showdependencygraph.cgi is not properly
sanitized before being returned to users. |
| Alerts: |
|
Comments (none posted)
busybox: insecure password generation
| Package(s): | busybox |
CVE #(s): | CVE-2006-1058
|
| Created: | May 5, 2006 |
Updated: | May 2, 2007 |
| Description: |
The BusyBox 1.1.1 passwd command does not use a proper salt when generating
passwords. This would create an instance where a brute force attack could
take very little time. |
| Alerts: |
|
Comments (2 posted)
cpio: arbitrary code execution
| Package(s): | cpio |
CVE #(s): | CVE-2005-4268
|
| Created: | January 2, 2006 |
Updated: | May 8, 2007 |
| Description: |
Richard Harms discovered that cpio did not sufficiently validate file
properties when creating archives. Files with e. g. a very large size
caused a buffer overflow. By tricking a user or an automatic backup
system into putting a specially crafted file into a cpio archive, a
local attacker could probably exploit this to execute arbitrary code
with the privileges of the target user (which is likely root in an
automatic backup system). |
| Alerts: |
|
Comments (none posted)
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
| Package(s): | cyrus-sasl |
CVE #(s): | CVE-2006-1721
|
| Created: | April 21, 2006 |
Updated: | September 4, 2007 |
| Description: |
Cyrus-SASL contains an unspecified vulnerability in the DIGEST-MD5
process that could lead to a Denial of Service. An attacker could possibly
exploit this vulnerability by sending specially crafted data stream to the
Cyrus-SASL server, resulting in a Denial of Service even if the attacker is
not able to authenticate. |
| Alerts: |
|
Comments (none posted)
dbus: denial of service
| Package(s): | dbus |
CVE #(s): | CVE-2006-6107
|
| Created: | December 15, 2006 |
Updated: | February 12, 2007 |
| Description: |
Unspecified vulnerability in the match_rule_equal function in bus/signals.c
in D-Bus before 1.0.2 allows local applications to remove match rules for
other applications and cause a denial of service (lost process messages). |
| Alerts: |
|
Comments (none posted)
dovecot: index cache file handling error
| Package(s): | dovecot |
CVE #(s): | CVE-2006-5973
|
| Created: | November 29, 2006 |
Updated: | May 8, 2007 |
| Description: |
The dovecot IMAP server has an error in its index cache file handling code which could be exploited by an authenticated user to execute arbitrary code. Only servers with the (non-default) mmap_disable=yes option setting are vulnerable. |
| Alerts: |
|
Comments (none posted)
fetchmail: password disclosure and DOS
| Package(s): | fetchmail |
CVE #(s): | CVE-2006-5867
CVE-2006-5974
|
| Created: | January 9, 2007 |
Updated: | March 16, 2007 |
| Description: |
Fetchmail suffers from a password disclosure vulnerability due to a failure to use secure protocols (advisory) and a denial of service vulnerability (advisory). |
| Alerts: |
|
Comments (none posted)
ffmpeg: buffer overflows
| Package(s): | ffmpeg |
CVE #(s): | CVE-2006-4799
CVE-2006-4800
|
| Created: | September 14, 2006 |
Updated: | May 28, 2007 |
| Description: |
the AVI processing code in FFmpeg has a number of buffer overflow
vulnerabilities.
If an attacker can trick a user into loading a specially crafted
crafted AVI, arbitrary code can be executed with the user's privileges. |
| Alerts: |
|
Comments (2 posted)
Mozilla stuff: multiple vulnerabilities
Comments (none posted)
freeradius: several vulnerabilities
| Package(s): | freeradius |
CVE #(s): | CVE-2005-4745
CVE-2005-4746
|
| Created: | August 8, 2006 |
Updated: | April 24, 2007 |
| Description: |
Several remote vulnerabilities have been discovered in freeradius, a
high-performance RADIUS server, which may lead to SQL injection or denial
of service. |
| Alerts: |
|
Comments (none posted)
freetype: integer overflows
| Package(s): | freetype |
CVE #(s): | CVE-2006-0747
CVE-2006-1861
CVE-2006-2493
CVE-2006-2661
CVE-2006-3467
|
| Created: | June 8, 2006 |
Updated: | October 10, 2007 |
| Description: |
The FreeType library has several integer overflow vulnerabilities.
If a user can be tricked into installing a specially
crafted font file, arbitrary code can be executed with the privilege
of the user. |
| Alerts: |
|
Comments (none posted)
ftpd: privilege escalation
| Package(s): | ftpd |
CVE #(s): | CVE-2006-5778
|
| Created: | November 10, 2006 |
Updated: | February 14, 2007 |
| Description: |
Ftpd is vulnerable to a privilege escalation attack,
an incorrect seteuid() call can be used by an FTP user to gain
unauthorized access to files or directories. |
| Alerts: |
|
Comments (none posted)
gcc: file overwrite vulnerability
| Package(s): | gcc |
CVE #(s): | CVE-2006-3619
|
| Created: | September 6, 2006 |
Updated: | March 14, 2008 |
| Description: |
The fastjar utility found in the GNU compiler collection does not perform adequate file path checking, allowing the creation or overwriting of files outside of the current directory tree. |
| Alerts: |
|
Comments (none posted)
gd: buffer overflow
| Package(s): | gd |
CVE #(s): | CVE-2007-0455
|
| Created: | February 7, 2007 |
Updated: | February 28, 2008 |
| Description: |
The gd graphics library contains a buffer overflow which could enable a remote attacker to execute arbitrary code. Note that various other packages include code from gd and could also be vulnerable. |
| Alerts: |
|
Comments (2 posted)
gdb: buffer overflow
| Package(s): | gdb |
CVE #(s): | CVE-2006-4146
|
| Created: | September 15, 2006 |
Updated: | June 12, 2007 |
| Description: |
A buffer overflow in dwarfread.c and dwarf2read.c debugging code in GNU
Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to
execute arbitrary code via a crafted file with a location block
(DW_FORM_block) that contains a large number of operations. |
| Alerts: |
|
Comments (none posted)
gdm: improper file permissions
| Package(s): | gdm |
CVE #(s): | CVE-2006-1057
|
| Created: | April 19, 2006 |
Updated: | May 2, 2007 |
| Description: |
The .ICEauthority file may be created with the wrong ownership and permissions; gdm 2.14.2 fixes the problem. |
| Alerts: |
|
Comments (none posted)
gnupg: stack overwrite
| Package(s): | gnupg |
CVE #(s): | CVE-2006-6235
|
| Created: | December 12, 2006 |
Updated: | March 13, 2007 |
| Description: |
A "stack overwrite" vulnerability in GnuPG (gpg) allows attackers to
execute arbitrary code via crafted OpenPGP packets that cause GnuPG to
dereference a function pointer from deallocated stack memory. |
| Alerts: |
|
Comments (3 posted)
gtk2: denial of service
| Package(s): | gtk2 |
CVE #(s): | CVE-2007-0010
|
| Created: | January 24, 2007 |
Updated: | February 8, 2007 |
| Description: |
From the Red Hat advisory: A bug was found in the way the gtk2 GdkPixbufLoader() function processed
invalid input. Applications linked against gtk2 could crash if they
loaded a malformed image file. |
| Alerts: |
|
Comments (1 posted)
gv: stack-based buffer overflow
| Package(s): | gv |
CVE #(s): | CVE-2006-5864
|
| Created: | November 20, 2006 |
Updated: | April 9, 2007 |
| Description: |
Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv
3.6.2, and possibly earlier versions, allows user-assisted attackers to
execute arbitrary code via a PostScript (PS) file with certain headers that
contain long comments, as demonstrated using the DocumentMedia header. |
| Alerts: |
|
Comments (none posted)
gzip: multiple vulnerabilities
| Package(s): | gzip |
CVE #(s): | CVE-2006-4334
CVE-2006-4335
CVE-2006-4336
CVE-2006-4337
CVE-2006-4338
|
| Created: | September 19, 2006 |
Updated: | June 1, 2007 |
| Description: |
Tavis Ormandy of the Google Security Team discovered two denial of service
flaws in the way gzip expanded archive files. If a victim expanded a
specially crafted archive, it could cause the gzip executable to hang or
crash.
Tavis Ormandy of the Google Security Team discovered several code execution
flaws in the way gzip expanded archive files. If a victim expanded a
specially crafted archive, it could cause the gzip executable to crash or
execute arbitrary code. |
| Alerts: |
|
Comments (1 posted)
horde-kronolith: local file inclusion
| Package(s): | horde-kronolith |
CVE #(s): | CVE-2006-6175
|
| Created: | January 17, 2007 |
Updated: | March 7, 2008 |
| Description: |
Kronolith contains a mistake in lib/FBView.php where a raw, unfiltered
string is used instead of a sanitized string to view local files. An
authenticated attacker could craft an HTTP GET request that uses directory
traversal techniques to execute any file on the web server as PHP code,
which could allow information disclosure or arbitrary code execution with
the rights of the user running the PHP application (usually the webserver
user). |
| Alerts: |
|
Comments (none posted)
imagemagick: buffer overflows
| Package(s): | imagemagick |
CVE #(s): | CVE-2006-5868
|
| Created: | November 28, 2006 |
Updated: | February 16, 2007 |
| Description: |
Daniel Kobras discovered multiple buffer overflows in ImageMagick's SGI
file format decoder. By tricking a user or an automated system into
processing a specially crafted SGI image, this could be exploited to
execute arbitrary code with the user's privileges. |
| Alerts: |
|
Comments (1 posted)
ImageMagick: buffer overflows
| Package(s): | ImageMagick |
CVE #(s): | CVE-2006-5456
|
| Created: | October 31, 2006 |
Updated: | March 8, 2007 |
| Description: |
Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick
6.0.7 allow user-assisted attackers to cause a denial of service and
possibly execute execute arbitrary code via (1) a DCM image that is not
properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a
PALM image that is not properly handled by the ReadPALMImage function in
coders/palm.c. |
| Alerts: |
|
Comments (2 posted)
imlib2: arbitrary code execution
| Package(s): | imlib2 |
CVE #(s): | CVE-2006-4806
CVE-2006-4807
CVE-2006-4808
CVE-2006-4809
|
| Created: | November 6, 2006 |
Updated: | August 13, 2007 |
| Description: |
M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the
validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user
were tricked into viewing or processing a specially crafted image with
an application that uses imlib2, the flaws could be exploited to execute
arbitrary code with the user's privileges. |
| Alerts: |
|
Comments (none posted)
java: multiple vulnerabilities
| Package(s): | java |
CVE #(s): | CVE-2006-4339
CVE-2006-4790
CVE-2006-6731
CVE-2006-6736
CVE-2006-6737
CVE-2006-6745
|
| Created: | January 18, 2007 |
Updated: | June 8, 2007 |
| Description: |
java has multiple vulnerabilities, these include:
an RSA exponent padding attack vulnerability, two vulnerabilities
which allow untrusted applets to access data in other applets,
vulnerabilities that involve applets gaining privileges due to
serialization bugs in the JRE and buffer overflows in the java image
handling routines that can give attackers read/write/execute capabilities
for local files. |
| Alerts: |
|
Comments (1 posted)
kdelibs: integer overflow
| Package(s): | kdelibs |
CVE #(s): | CVE-2006-4811
|
| Created: | October 18, 2006 |
Updated: | March 5, 2007 |
| Description: |
The KDE khtml library can pass untrusted parameters into Qt, allowing a hostile user to trigger an integer overflow there and execute arbitrary code. |
| Alerts: |
|
Comments (none posted)
kdelibs: cross-site scripting
| Package(s): | kdelibs konqeror |
CVE #(s): | CVE-2007-0537
|
| Created: | February 5, 2007 |
Updated: | August 13, 2007 |
| Description: |
Konqueror 3.5.5 does not properly parse HTML comments, which allows remote
attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS
protection schemes by embedding certain HTML tags within a comment, a
related issue to CVE-2007-0478. |
| Alerts: |
|
Comments (none posted)
kernel: multiple vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2006-5749
CVE-2006-4814
CVE-2006-6106
|
| Created: | January 5, 2007 |
Updated: | May 7, 2008 |
| Description: |
A security issue has been reported in Linux kernel due to an error in
drivers/isdn/i4l/isdn_ppp.c as the "isdn_ppp_ccp_reset_alloc_state()"
function never initializes an event timer before scheduling it with the
"add_timer()" function.
The mincore function in the kernel does not properly lock access to user
space, which has unspecified impact and attack vectors, possibly related to
a deadlock.
Another vulnerability has been reported in Linux kernel caused by a
boundary error within the handling of incoming CAPI messages in
net/bluetooth/cmtp/capi.c. This can be exploited to overwrite certain
Kernel data structures. |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2006-4623
|
| Created: | October 18, 2006 |
Updated: | November 14, 2007 |
| Description: |
The kernel DVB layer can be caused to crash with maliciously-formatted unidirectional lightweight encapsulation (ULE) data. |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2006-4535
CVE-2006-4538
|
| Created: | September 18, 2006 |
Updated: | December 3, 2007 |
| Description: |
Sridhar Samudrala discovered a local denial of service vulnerability
in the handling of SCTP sockets. By opening such a socket with a
special SO_LINGER value, a local attacker could exploit this to crash
the kernel. (CVE-2006-4535)
Kirill Korotaev discovered that the ELF loader on the ia64 and sparc
platforms did not sufficiently verify the memory layout. By attempting
to execute a specially crafted executable, a local user could exploit
this to crash the kernel. (CVE-2006-4538) |
| Alerts: |
|
Comments (none posted)
kernel: denial of service by memory consumption
| Package(s): | kernel |
CVE #(s): | CVE-2006-2936
|
| Created: | July 17, 2006 |
Updated: | November 14, 2007 |
| Description: |
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to
2.6.17, and possibly later versions, allows local users to cause a denial
of service (memory consumption) by writing more data to the serial port
than the driver can handle, which causes the data to be queued. |
| Alerts: |
|