LWN.net Logo

LWN.net Weekly Edition for February 12, 2004

A grumpy user's browser review

An LWN editor's job requires spending vast amounts of time each day operating a web browser. As a result, we have become very sensitive to browser features which make it easier to get things done - or which get in the way. In an effort to find a better tool for the creation of LWN, your editor decided to spend some serious time working with some of the current crop of web browsers. With luck, it was hoped, the least evil browser could be identified and used on into the future.

One note before we get going: Konqueror is not included in this review. Konqueror is a highly capable browser (and file manager) which is worthy of consideration, but it suffers from one fatal flaw (from your editor's point of view): it will not run without the whole KDE infrastructure running behind it. Your editor is not currently a KDE user, so Konqueror is not an available option.

This effort was motivated at this time in particular by the announcement of the Mozilla Firefox 0.8 release. Firefox is the new name for the browser formerly known as "Firebird." Those who are curious about the name change can peruse the "brand name FAQ" and this weblog entry describing the lengthy process involved in changing the browser's name.

We'll start, however, with Galeon, which has been your editor's browser of choice for some time. Galeon has been slowly falling out of favor, however, since the 1.3 branch was begun and all the work that went into making 1.2.x a top-quality power user's browser was thrown away. Galeon 1.3 suffers from the GNOME "don't confuse those poor, helpless users by letting them configure things" disease - though it is possible to have more control if you know the proper secret gconf registry codes. Even so, some nice 1.2 features, such as the ability to configure the toolbar for maximal functionality in minimal space or remembering the preferred zoom level for each site, are still missing.

The real problem with 1.3.x, however, is the seemingly endless series of Weird Bugs. The bookmark editor has not worked well for a long time, and rearranging bookmarks can result in strange little windows with URLs in them floating across the screen long after the user has moved on to other tasks. The "type ahead find death grip" has caused your editor to put his fist through more than one monitor while attempting to fill in web forms. The browser grows without limit; it usually has to be killed and restarted around when it hits 200MB or the entire system slows to a crawl.

Despite all these complaints, Galeon has served well for a long time, and will be a hard browser to beat.

The Mozilla Firefox 0.8 release is easy to download in binary form and install. The initial impression it made was not the greatest, however; Firefox appears to be unable to find or use the beautiful Bitstream Vera antialiased fonts that Galeon uses so happily. The result is an ugly, hard-to-read screen which is reminiscent of the old Netscape 4.x days. Firefox behaves this way on Debian sid and Red Hat Linux 9 systems. Comments from others suggest that this is a problem that can be overcome, but it is clearly not a straightforward thing to do. Update: as noted by a few commenters, the fix is to install the "gtk2+xft" version; it can be found on the FTP site but is not mentioned on the download page.

The browser also makes an immediate impression, however, for its speed. Even when freshly started, current versions of Galeon are not so zippy on your editor's desktop. Firefox seems robust; a day's worth of serious browsing failed to turn up a single site which crashed the browser or which did not render properly. Most of the features one has come to expect in a modern browser (tabbed browsing, search fields, printing, bookmark editing, password management, javascript, history tracking with search, etc.) work well. Firefox gives a relatively high degree of control over things like popup windows and active content; there is a list of actions which can be allowed or denied to Javascript scripts, for example. Firefox has far more theme support than the other browsers reviewed.

The browser's process size appeared to stabilize at "only" 98MB; huge by any rational standards, but Galeon has a hard time putting up its splash screen with that much space. Firefox appears to have a solid base at this point.

That said, some things are missing. At the top of your editor's list is the ability to control image animation. One forgets how annoying the web can be with things bouncing around the screen; Firefox provides no evident way to turn animation off. The download manager is a little strange; it provides no way to place a file in an arbitrary directory at download time. Instead, you have to choose a single download directory via the configuration dialogs and everything will go there. By default, downloaded files go into the home directory. Control-T creates a new tab, as one might expect, but it comes up blank; Galeon's practice of bringing up the home page in new tabs seems preferable.

All of the above items would appear to be fixable with a (relatively) small amount of effort. Firefox may not be ready to displace Galeon from your editor's desktop, but it's not far from that point either.

Once this process was begun, it seemed logical to give Epiphany 1.07 a spin as well. Epiphany makes a first good impression; the toolbars are clean and don't take up a whole lot of space, and antialiased fonts are the rule. It's a nice-looking browser. Epiphany, like the other browsers, also offers the usual set of expected features.

Epiphany's configuration dialog is the most sparse of the three browsers reviewed here. It does provide control over the toolbars, which is nice, but many other things are missing - including that all-important control over image animation. There also does not appear to be any sort of explicit control over popup windows. Another obnoxious little limitation with Epiphany is that it does not allow a URL to be "pasted" into the browser with the middle mouse button - a feature supported by both Galeon and Firefox. Epiphany 1.07 suffers from the "typeahead find death grip." Given that many users probably do not use the typeahead find feature at all, it sure would be nice to have an (obvious) way to turn it off.

Epiphany also manifests some strange behavior when the user types a URL into the location field and there are multiple windows open: completion windows show up on each browser window and must be chased away individually. Epiphany grew to over 100MB during a day of testing, and appeared to be set to continue to inflate. It bloats far more slowly than Galeon, however. Beyond that, however, Epiphany seems stable; your editor could not make it crash.

Epiphany is closer to Galeon than Firefox in rendering speed: generally good enough, but not strikingly fast. To try to get a handle on things, we ran an ultra-scientific test: see how long each browser takes to render a local copy of this page, which consists of a huge table listing vulnerabilities and alerts from 2003. Epiphany and Galeon consistently required about 6.5 seconds to present the page; Firefox can do it in 5.4.

Perhaps the most striking realization from this whole exercise, however, is just how similar these three browsers are. The fact that they all use the Gecko rendering engine will certainly create a degree of uniformity, but the resemblance goes beyond that. Your editor often had to look carefully to see which browser was in use at any given time. To a great extent, they can be substituted for each other; the differences between them come down to little nits and pet peeves.

One might well wonder why three groups of people are working so hard to build complex applications which resemble each other so strongly. If we are going to have multiple Gecko-based browsers, it would make some sense for them to differentiate themselves somehow. Why can't one of them be the power user's browser, providing full control over every aspect of its operation without fear of confusing the user with too many configuration options? Couldn't one of them be an experimental browser, trying out interesting new ways of presenting the web to users? We could dedicate one project to each of those goals, and still have one trying to do the Same Old Stuff in the best way possible. As it is, each of the three browsers reviewed is an advanced and capable application, but it is increasingly hard to find a reason to choose one over another.

Comments (104 posted)

SCO update

SCO and IBM had a new day in court on February 6, when a hearing was held to determine whether SCO had complied with IBM's motion to compel discovery. IBM's position is that SCO has failed to comply. As of this writing, the judge has not made a ruling. The preliminary indications from the transcript of the hearing (available on Groklaw, of course) do not bode well for SCO, however.

IBM noted in court that SCO is no longer alleging any sort of disclosure of trade secrets on IBM's part. SCO did provide a small number of files and line numbers of Linux code which, it says, violates IBM's contract with SCO. These files were in the expected parts of the kernel: the read-copy-update code, the JFS filesystem, etc. In every case, the code in question was indisputably written by IBM, and is owned by IBM. Some of it is even patented by IBM.

In other words, as we have noted in the past, SCO has been pushed back to one of its original claims: that it has the right to control the disclosure of any code which has ever breathed the same air as SYSV Unix. IBM sees this, of course, and isn't making it easy. From the hearing:

The notion is, Your Honor, that somehow IBM is prohibited from disclosing that code because in some way it is derived from Unix System Five. What we asked for in our responses is that they tell us, if that is the theory, exactly where it is in Unix System Five that the code derives from.

The point, of course, is that code independently written by IBM does not derive from SYSV Unix at all. This point has been fairly clear to people who have been paying attention for some time. For the rest (i.e. SCO and the bulk of the news media), IBM has to work to get the idea across.

SCO has also requested permission to amend its complaint against IBM yet again. If this change is allowed, it will modify the case in some interesting ways. Much noise has been made in the wider media about the addition (finally) of a copyright infringement charge. This charge says nothing about IBM's contributions to Linux, however; instead, SCO claims infringement because IBM continues to distribute AIX despite having had its license "terminated" by SCO. Unless SCO can convince a court that IBM has breached its contracts with SCO, this charge will evaporate.

The charges of export violations have been fleshed out. It seems that SCO has concluded that IBM's contracts never gave it the right to distribute Unix code in India. Since Linux is clearly available in India, SCO concludes that its contract has been breached yet again.

Perhaps most amusing is the new claim of "interference with contract." Those who have been following this case will recall that Novell has made some interesting claims, including (1) that it still owns the Unix copyrights, and (2) that it has the right to keep SCO from terminating Unix licenses. SCO, it seems, sees the shadowy hand of IBM behind Novell's actions, and is now charging IBM with causing Novell to act the way it has. Novell's own interest in the success of Linux seemingly does not enter into this picture.

Finally, as noted above, the latest version of the complaint deletes the charge of "misappropriation of trade secrets" which had appeared in earlier versions.

Novell, meanwhile, has sent a new letter to SCO in an (undoubtedly IBM-directed) attempt to clarify its view of the "derived works" argument. Novell has dug up some old communications from AT&T regarding its interpretation of the Unix licenses and some changes the company made to make that interpretation more explicit:

AT&T then followed up by adding to section 2.01 a sentence clarifying that AT&T "claims no ownership interest in any portion of such a modification or derivative work that is not part of a SOFTWARE PRODUCT." Even more clearly, the August 1985 edition of $ echo explained that this "sentence was added to assure licensees that AT&T will claim no ownership in the software that they developed -- only the portion of the software developed by AT&T."

SCO's view of derived works never did seem likely to stand up in Court, but Novell has thrown up yet another obstacle in SCO's path. Novell also pulls out its "override clause" from the asset purchase agreement:

Accordingly, pursuant to Section 4.16(b) of the Asset Purchase Agreement, Novell hereby directs SCO to waive any purported right SCO may claim to require Sequent (or IBM as its successor) to treat Sequent Code as subject to the confidentiality obligations or use restrictions of Sequent's SVRX license.

Novell directs SCO to take these actions by noon, MDT, February 11, 2004, and to notify Novell that it has done so by that time.

That deadline has passed as of this writing. One assumes that SCO did not comply.

Novell has also filed a motion to dismiss SCO's "slander of title" suit against it, and another motion to move the case (in case it is not dismissed) to federal court.

For those who are curious about the Red Hat (Delaware) case: it remains on hold until the judge gets around to ruling on SCO's motion to dismiss the suit. The wheels of American justice never move particularly quickly, but Delaware seems to be especially slow.

The Open Source Development Labs has published another paper on SCO by Eben Moglen; it is available in PDF format. This one is about the Novell suit:

Even if one is unsympathetic to SCO, one can't help but feel sorry for the quandary its lawyers faced in deciding whether to sue Novell. Had they not done so, their client's ultimate fate would have been sealed. But suing Novell destroys SCO's licensing campaign for the present just as fully.

Finally, Don Marti has noted that the Canopy Group has removed all mention of SCO from its web site and appears to be generally backing away from SCO. Perhaps Canopy, too, sees the end of the game on the horizon.

Comments (7 posted)

OSDL Looks at Linux for the Data Center

February 11, 2004

This article was contributed by Joe 'Zonker' Brockmeier.

The Open Source Development Labs (OSDL) released their second capabilities document for Linux last week, and is asking for input. The Data Center Linux (DCL) Technical Capabilities 1.0 document is about 119 pages long (available in PDF) and defines and rates Linux capabilities needed for Linux in the data center. The DCL Technical Capabilities document is, to say the least, comprehensive.

This document has been quite some time in the making. The DCL working group was announced by OSDL in August, 2002. The document contains evaluations for hundreds of Linux features in eight categories; Scalability, performance, RAS (Reliability, Availability, Serviceability), manageability, clusters, standards, security and usability. The evaluations are ranked by maturity level, ranging from "investigation" for projects in the concept phase, to "completed" for features or projects that are available and fully adequate for customer needs. It provides quite a comprehensive picture of the state of Linux for use in the data center, and a roadmap of where it needs to go.

We spoke with OSDL CEO Stuart Cohen and OSDL strategic marketing manager Lynn de la Torre about the capabilities document, how it was put together, and what OSDL plans to accomplish with the capabilities document. According to de la Torre, the DCL Technical Capabilities document is designed to help OSDL and its members "solidify our priorities," with regards to Linux usage in the data center, and to get feedback on the priorities listed. She noted that OSDL was interested from hearing from the community at large on the priorities as laid out in the document.

We asked de la Torre how OSDL would try to see that the features outlined in the DCL Technical Capabilities document would be implemented, since OSDL doesn't have the resources to do all of the work itself. She said that it would be up to OSDL members and the community to work on the features needed for data center Linux.

What we're doing is trying to leverage our membership as much as possible. Our membership is growing and we are trying to really drive it from the point of view of the member companies. If we can all get on the same page, if you will, that's probably the best way we've come up with so far to do that.

De la Torre also acknowledged that the scope of this project was much more broad than the Carrier Grade Linux project:

Part of why we have to do a capabilities [document], in the first place and why we think the first step is prioritization, is exactly for that reason, which is that the data center is almost what I call 'boiling the ocean,' it's so broad yet we've gone so deep in our analysis. 350 items is a pretty large thing to look at, so obviously no technical project can address something that big so that's why we especially feel that prioritization is key to go forward.

She noted that OSDL is now looking for public feedback on its priorities for DCL. Anyone interested in participating in the working group can find the details here. She also said that the work done so far by OSDL's members indicates that Linux is ready for the data center, though more mature in some areas than others.

On edge and infrastructure, it's very mature. In database it's emerging and in some areas it's almost completely there...the overall message is that it's ready for the data center, especially if you look at 2.6 and some of the functionality in 2.6.

Since the DCL working group is following a similar path to the Carrier Grade Linux working group, we asked Cohen how successful the CGL project has been:

I think it's been very successful. If you just look at the number of RFCs around the world that telecommunications equipment manufacturers or carriers have been issuing related to carrier grade initiatives, it's been extensive. That work is really an outgrowth of work done by Nokia, Alcatel, Ericsson, Cisco, MontaVista, so... a number of industry players have been involved in that definition. That is the biggest reason that NTT joined, and we have many carriers and other telecommunications equipment manufacturers interested in participating because they want to take a leadership position in putting together those requirements and registrations and specifications going forward.

We also asked Cohen how OSDL's legal fund was progressing, and what happens to the money in the event that SCO doesn't sue anyone. Cohen said that OSDL has raised over $3 million so far with a goal of $10 million. If the money isn't used for legal fees, Cohen said that it will probably be kept in place until the board sub-committee in charge of the fund decides the "best use" for the fund.

For those more interested in Linux on the desktop, OSDL has also announced a working group for the Linux desktop. This is in the early stages of development, and Cohen says that anyone is welcome to join, once the project has been officially launched. Cohen said that OSDL would be having the kick-off meeting for the desktop group next week. Like the CGL and DCL working groups, participation should be open to anyone through the mailing lists.

Comments (none posted)

Page editor: Jonathan Corbet

Security

Security news

One thing we truly do better

This EEYE alert describes what looks like a fairly run-of-the-mill Microsoft vulnerability. It is a buffer overflow in the ASN.1 library; the list of software affected includes a few small things like NT 4.0, Windows 2000, Windows XP, Internet Explorer, Outlook, IIS, etc. It is said to be difficult to exploit, but that is not a statement that will bring comfort to many.

The interesting thing is that EEYE claims to have reported this vulnerability to Microsoft in July, 2003. Microsoft has only now responded with a fix. In other words, the company left its customers open to a known security bug for a good six months.

Free software suffers from far too many security vulnerabilities as well. Some of them are truly serious. Many of them are embarrassing. But it is rare indeed for a hole to remain unclosed for such a long time. Free software developers will, almost without exception, respond to problems much more quickly than that. They know that, should they fail to respond, the community will simply fix the problem for them. We have a lot of ground to cover before our security is even remotely good enough, but that should not stop us from taking some pride in the things we do right.

Comments (5 posted)

New vulnerabilities

gallery: code injection

Package(s):gallery CVE #(s):
Created:February 11, 2004 Updated:February 11, 2004
Description: Gallery (through versions 1.4.1) suffers from a PHP code injection vulnerability which can provide a remote attacker with access to the web server process.
Alerts:
Gentoo 200402-04 2004-02-11

Comments (none posted)

libtool - Insecure handling of temporary files

Package(s):libtool CVE #(s):
Created:February 5, 2004 Updated:March 8, 2004
Description: GNU libtool consists of a set of shell scripts used to build shared libraries.

Joseph S. Myers and Stefan Nordhausen independently found a vulnerability in the way the ltmain.sh script (which is part of the libtool package) creates temporary directories for its use.

A local attacker could exploit this vulnerability to change/delete arbitrary files in the system on behalf of the user who is calling the script. The vulnerability has been fixed in the 1.5.2 version of libtool.

Alerts:
OpenPKG OpenPKG-SA-2004.004 2004-03-08
Conectiva CLA-2004:811 2004-02-05

Comments (none posted)

mailman denial of service

Package(s):mailman CVE #(s):CAN-2003-0991
Created:February 9, 2004 Updated:May 25, 2004
Description: Matthew Galgoci of Red Hat discovered a Denial of Service (DoS) vulnerability in versions of Mailman prior to 2.1. An attacker could send a carefully-crafted message causing mailman to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0991 to this issue.
Alerts:
Conectiva CLA-2004:842 2004-05-25
Red Hat RHSA-2004:156-01 2004-04-14
Mandrake MDKSA-2004:013 2004-02-13
Red Hat RHSA-2004:019-01 2004-02-09

Comments (1 posted)

mailman: cross-site scripting vulnerabilities

Package(s):mailman CVE #(s):CAN-2003-0965 CAN-2003-0992
Created:February 6, 2004 Updated:March 5, 2004
Description: Dirk Mueller discovered a cross-site scripting bug in the admin interface in versions of Mailman 2.1 before 2.1.4. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0965 to this issue.

A cross-site scripting bug in the 'create' CGI script affects versions of Mailman 2.1 before 2.1.3. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0992 to this issue.

Alerts:
Fedora FEDORA-2004-060 2004-03-04
Debian DSA-436-2 2004-02-21
Debian DSA-436-1 2004-02-08
Red Hat RHSA-2004:020-01 2004-02-05

Comments (none posted)

monkeyd: denial of service

Package(s):monkeyd CVE #(s):
Created:February 11, 2004 Updated:February 11, 2004
Description: The monkeyd HTTP server suffers from a parsing bug which can be exploited to crash the server process. Upgrading to version 0.8.2 fixes the problem.
Alerts:
Gentoo 200402-03 2004-02-11

Comments (none posted)

mutt: buffer overflow

Package(s):mutt CVE #(s):CAN-2004-0078
Created:February 11, 2004 Updated:March 26, 2004
Description: mutt suffers from a buffer overflow in its "index menu" code. This overflow can be exploited via a hostile message to crash mutt and, perhaps, execute arbitrary code. Version 1.4.2 fixes the problem; see this advisory for details.
Alerts:
SCO Group CSSA-2004-013.0 2004-03-25
OpenPKG OpenPKG-SA-2004.005 2004-03-09
Netwosix NW-2004-0001 2004-02-16
Trustix 2004-0006 2004-02-13
Whitebox WBSA-2004:050-01 2004-02-12
Mandrake MDKSA-2004:010 2004-02-11
Slackware SSA:2004-043-01 2004-02-12
Red Hat RHSA-2004:051-01 2004-02-11
Red Hat RHSA-2004:050-01 2004-02-11
Fedora FEDORA-2004-061 2004-02-11

Comments (none posted)

PHP setting leaks from .htaccess files on virtual hosts

Package(s):php CVE #(s):
Created:February 9, 2004 Updated:February 11, 2004
Description: If the server configuration "php.ini" file has "register_globals = on" and a request is made to one virtual host (which has "php_admin_flag register_globals off") and the next request is sent to the another virtual host (which does not have the setting) through the same Apache child, the setting will persist.

Depending on the server and site, an attacker may be able to exploit global variables to gain access to reserved areas, such as MySQL passwords, or this vulnerability may simply cause a lack of functionality. As a result, users are urged to upgrade their PHP installations.

Alerts:
Gentoo 200402-01 2004-02-07

Comments (none posted)

XFree86: buffer overflow

Package(s):XFree86 CVE #(s):CAN-2004-0083 CAN-2004-0084 CAN-2004-0106
Created:February 11, 2004 Updated:February 23, 2004
Description: The XFree86 code which reads "fonts.alias" files suffers from a buffer overflow which may be turned into a local root exploit; see this advisory for details.
Alerts:
SuSE SuSE-SA:2004:006 2004-02-23
Debian DSA-443-1 2004-02-19
Conectiva CLA-2004:821 2004-02-20
Whitebox WBSA-2004:061-01 2004-02-17
Red Hat RHSA-2004:061-01 2004-02-13
Fedora FEDORA-2004-069 2004-02-13
Mandrake MDKSA-2004:012 2004-02-14
Red Hat RHSA-2004:060-01 2004-02-13
Red Hat RHSA-2004:059-01 2004-02-13
Immunix IMNX-2004-73-002-01 2004-02-12
Slackware SSA:2004-043-02 2004-02-12
Gentoo 200402-02 2004-02-11

Comments (none posted)

Updated vulnerabilities

apache: buffer overflows in mod_alias, mod_rewrite

Package(s):apache CVE #(s):CAN-2003-0542 CAN-2003-0789
Created:October 28, 2003 Updated:February 13, 2004
Description: André Malo discovered buffer overflows in the mod_alias and mod_rewrite modules of the Apache webserver. These occurred if a regular expression with more than 9 capturing parenthesis was configured. To exploit this, an attacker would need to be able to locally create a carefully crafted configuration file (.htaccess or httpd.conf). CAN-2003-0542

Another buffer overflow in Apache 2.0.47 and earlier in mod_cgid's mishandling of CGI redirect paths could result in CGI output going to the wrong client when a threaded MPM is used. CAN-2003-0789.

Alerts:
Whitebox WBSA-2004:015-01 2004-02-12
Fedora FEDORA-2003-004 2004-01-08
Red Hat RHSA-2003:405-00 2003-12-18
Red Hat RHSA-2003:320-01 2003-12-16
Red Hat RHSA-2003:360-01 2003-12-10
Gentoo 200310-03 2003-10-28
Trustix 2003-0041 2003-11-15
Conectiva CLA-2003:775 2003-11-05
Slackware SSA:2003-308-01 2003-11-03
EnGarde ESA-20031105-030 2003-11-05
Mandrake MDKSA-2003:103 2003-11-03
Gentoo 200310-04 2003-10-31
Immunix IMNX-2003-7+-025-01 2003-10-28
OpenPKG OpenPKG-SA-2003.046 2003-10-28

Comments (none posted)

apache2: Denial of Service vulnerability

Package(s):apache2 CVE #(s):
Created:September 29, 2003 Updated:March 25, 2004
Description: A problem was discovered in Apache2 where CGI scripts that write more than 4k to the standard error stream will hang the script's execution. This problem can lead to a denial of service situation. See this bug report for additional details.
Alerts:
Gentoo 200403-04 2004-03-22
Netwosix NW-2004-0006 2004-03-25
Mandrake MDKSA-2003:096-1 2003-10-24
Mandrake MDKSA-2003:096 2003-09-26

Comments (none posted)

bind: cache poisoning

Package(s):bind CVE #(s):CAN-2003-0914
Created:November 26, 2003 Updated:February 19, 2004
Description: A cache poisoning vulnerability in BIND may be exploited causing a temporary denial of service until the bad record expires from the cache.
Alerts:
SCO Group CSSA-2004-003.0 2004-02-19
Debian DSA-409-1 2004-01-05
SuSE SuSE-SA:2003:047 2003-11-28
Trustix 2003-0044 2003-11-27
Immunix IMNX-2003-7+-024-01 2003-10-27
EnGarde ESA-20031126-031 2003-11-26

Comments (none posted)

crawl: buffer overflow

Package(s):crawl CVE #(s):CAN-2004-0103
Created:February 3, 2004 Updated:February 4, 2004
Description: Steve Kemp from the GNU/Linux audit project discovered a problem in crawl, another console based dungeon exploration game, in the vein of nethack and rogue. The program uses several environment variables as inputs but doesn't apply a size check before copying one of them into a fixed size buffer.
Alerts:
Debian DSA-432-1 2004-02-03

Comments (none posted)

CUPS: denial of service

Package(s):CUPS CVE #(s):CAN-2003-0788
Created:November 3, 2003 Updated:March 4, 2004
Description: Paul Mitcheson reported a situation where the CUPS Internet Printing Protocol (IPP) implementation in CUPS versions prior to 1.1.19 would get into a busy loop. This could result in a denial of service. In order to exploit this bug an attacker would need to have the ability to make a TCP connection to the IPP port (by default 631).
Alerts:
SCO Group CSSA-2004-012.0 2004-03-03
Conectiva CLA-2003:779 2003-11-07
Mandrake MDKSA-2003:104 2003-11-05
Red Hat RHSA-2003:275-01 2003-11-03

Comments (none posted)

cvs: possible root compromise

Package(s):cvs CVE #(s):CAN-2003-0977
Created:December 29, 2003 Updated:February 13, 2004
Description: Stable CVS 1.11.11 has been released, adding code to the CVS server to prevent it from continuing as root after a user login, as an extra failsafe against a compromise of the CVSROOT/passwd file.
Alerts:
Whitebox WBSA-2004:004-01 2004-02-12
Fedora-Legacy FLSA:1207 2004-01-28
Conectiva CLA-2004:808 2004-01-20
Debian DSA-422-1 2004-01-13
Red Hat RHSA-2004:003-01 2004-01-09
Gentoo 200312-08 2003-12-28

Comments (none posted)

ethereal: protocol dissector and other vulnerabilities

Package(s):ethereal CVE #(s):CAN-2003-0925 CAN-2003-0926 CAN-2003-0927 CAN-2003-1012 CAN-2003-1013
Created:December 18, 2003 Updated:February 13, 2004
Description: Serious issues have been discovered in two ethereal protocol dissectors. Both vulnerabilities will make the Ethereal application crash. The Q.931 vulnerability also affects Tethereal. It is not known if either vulnerability can be used to make Ethereal or Tethereal run arbitrary code. (CAN-2003-1012 and CAN-2003-1013)
Alerts:
Whitebox WBSA-2004:002-01 2004-02-12
Fedora-Legacy FLSA:1193 2004-01-31
Red Hat RHSA-2004:002-01 2004-01-05
Mandrake MDKSA-2004:002 2004-01-13
Conectiva CLA-2004:801 2004-01-07
Red Hat RHSA-2004:001-01 2004-01-07
Debian DSA-407-1 2004-01-05
Fedora FEDORA-2003-040 2003-12-18

Comments (none posted)

Filename disclosure vulnerability in fam

Package(s):fam CVE #(s):CAN-2002-0875
Created:August 19, 2002 Updated:January 5, 2005
Description: "fam" (file alteration monitor) watches files and directories for changes and lets interested applications know when something happens. This package has a flaw in its group handling that blocks some legitimate operations while, at the same time, exposing the names of files that should otherwise be invisible.
Alerts:
Red Hat RHSA-2005:005-01 2005-01-05
Debian DSA-154-1 2002-08-15

Comments (none posted)

fetchmail may crash on specially crafted message

Package(s):fetchmail CVE #(s):CAN-2003-0792
Created:October 16, 2003 Updated:April 8, 2004
Description: A bug was discovered in fetchmail 6.2.4 where a specially crafted email message can cause fetchmail to crash.
Alerts:
OpenPKG OpenPKG-SA-2004.012 2004-04-08
Gentoo 200403-10 2004-03-30
Netwosix NW-2004-0002 2004-02-20
SCO Group CSSA-2004-004.0 2004-02-19
Slackware SSA:2003-300-02 2003-10-22
Mandrake MDKSA-2003:101 2003-10-16

Comments (none posted)

fileutils/wu-ftpd: denial of service

Package(s):fileutils CVE #(s):CAN-2003-0854
Created:October 22, 2003 Updated:March 2, 2004
Description: There is, it seems, an integer overflow vulnerability in "ls" which can be exploited via wu-ftpd to create a denial of service situation. See this advisory from Georgi Guninski for details.
Alerts:
SCO Group CSSA-2004-006.0 2004-03-01
Trustix 2003-0042 2003-11-15
Mandrake MDKSA-2003:106 2003-11-12
Red Hat RHSA-2003:309-01 2003-11-03
Immunix IMNX-2003-7+-026-01 2003-10-31
Conectiva CLA-2003:771 2003-10-24
Conectiva CLA-2003:768 2003-10-22

Comments (none posted)

gaim: remote overflows

Package(s):gaim CVE #(s):CAN-2004-0006 CAN-2004-0007 CAN-2004-0008
Created:January 26, 2004 Updated:February 16, 2004
Description: Stefan Esser has discovered several vulnerabilities in Gaim 0.75. This advisory has details of 12 separate vulnerabilities.
Alerts:
Fedora FEDORA-2004-070 2004-02-16
Whitebox WBSA-2004:033-01 2004-02-12
Conectiva CLA-2004:813 2004-02-10
Red Hat RHSA-2004:045-01 2004-02-09
Debian DSA-434-1 2004-02-05
Mandrake MDKSA-2004:006-1 2004-01-30
SuSE SuSE-SA:2004:004 2004-01-29
Gentoo 200401-04 2004-01-27
Mandrake MDKSA-2004:006 2004-01-26
Slackware SSA:2004-026-01 2004-01-26
Red Hat RHSA-2004:033-01 2004-01-23
Red Hat RHSA-2004:032-01 2004-01-23

Comments (none posted)

glibc: DNS stub resolvers contain buffer overflow vulnerability

Package(s):glibc CVE #(s):CAN-2002-1146
Created:November 7, 2002 Updated:February 5, 2004
Description: DNS stub resolvers from multiple vendors contain a buffer overflow vulnerability. The impact of this vulnerability appears to be limited to denial of service. (See CERT Vulnerability Note VU#738331)

The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, uses the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).

Alerts:
Mandrake MDKSA-2004:009 2004-02-04
Red Hat RHSA-2002:197-09 2002-11-06
Red Hat RHSA-2002:197-06 2002-10-03

Comments (none posted)

GnuPG: ElGamal signing keys compromised

Package(s):gnupg CVE #(s):CAN-2003-0971
Created:November 28, 2003 Updated:March 3, 2004
Description: A severe vulnerability was discovered in GnuPG by Phong Nguyen relating to ElGamal sign+encrypt keys. This email message from Werner Koch contains more information. "Phong Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal keys for signing. This is a significant security failure which can lead to a compromise of almost all ElGamal keys used for signing. Note that this is a real world vulnerability which will reveal your private key within a few seconds."
Alerts:
SCO Group CSSA-2004-009.0 2004-03-02
Debian DSA-429-2 2004-02-13
Debian DSA-429-1 2004-01-26
Gentoo 200312-05 2003-12-12
Fedora FEDORA-2003-025 2003-12-10
Red Hat RHSA-2003:395-01 2003-12-10
Red Hat RHSA-2003:390-01 2003-12-10
Conectiva CLA-2003:798 2003-12-09
SuSE SuSE-SA:2003:048 2003-12-03
Mandrake MDKSA-2003:109 2003-11-28

Comments (3 posted)

gtkhtml: malformed messages cause crash

Package(s):gtkhtml CVE #(s):CAN-2003-0133 CAN-2003-0541
Created:April 14, 2003 Updated:April 18, 2005
Description: GtkHTML is the HTML rendering widget used by the Evolution mail reader.

GtkHTML supplied with versions of Evolution prior to 1.2.4 contain a bug when handling HTML messages. Alan Cox discovered that certain malformed messages could cause the Evolution mail component to crash.

Alerts:
Debian DSA-710-1 2005-04-18
Mandrake MDKSA-2003:093 2003-09-18
Conectiva CLA-2003:737 2003-09-12
Red Hat RHSA-2003:264-01 2003-09-09
Mandrake MDKSA-2003:046 2003-04-15
Red Hat RHSA-2003:126-01 2003-04-14

Comments (none posted)

iproute: local denial of service

Package(s):iproute net-tools CVE #(s):CAN-2003-0856
Created:November 25, 2003 Updated:December 14, 2004
Description: The iproute utility is susceptible to spoofed netlink messages sent by local users, with the result that denial of service attacks are possible.
Alerts:
Mandrake MDKSA-2004:148 2004-12-13
Fedora FEDORA-2004-154 2004-06-03
Fedora FEDORA-2004-115 2004-05-11
Debian DSA-492-1 2004-04-18
Gentoo 200404-10 2004-04-09
Red Hat RHSA-2003:316-01 2003-11-24

Comments (none posted)

kdepim: VCF file information reader vulnerability

Package(s):kdepim CVE #(s):CAN-2003-0988
Created:January 15, 2004 Updated:May 26, 2004
Description: KDE has issued a security advisory for all versions of kdepim as distributed with KDE versions 3.1.0 through 3.1.4 inclusive. A carefully crafted .VCF file potentially enables local attackers to compromise the privacy of a victim's data or execute arbitrary commands with the victim's privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0988 to this issue.
Alerts:
Fedora FEDORA-2004-133 2004-05-19
Gentoo 200404-02 2004-04-06
Whitebox WBSA-2004:005-01 2004-02-12
Conectiva CLA-2004:810 2004-01-20
Slackware SSA:2004-014-01 2004-01-14
Mandrake MDKSA-2004:003 2004-01-14
Red Hat RHSA-2004:006-01 2004-01-07

Comments (none posted)

kernel: privilege vulnerability on AMD64

Package(s):kernel CVE #(s):CAN-2004-0001
Created:January 16, 2004 Updated:February 17, 2004
Description: On AMD64 systems, a fix was made to the eflags checking in 32-bit ptrace emulation that could have allowed local users to elevate their privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0001 to this issue.
Alerts:
Gentoo 200402-06 2004-02-17
Red Hat RHSA-2004:017-01 2004-01-13

Comments (none posted)

kernel: local root exploit in 2.4.22

Package(s):kernel CVE #(s):CAN-2003-0961
Created:December 1, 2003 Updated:April 5, 2004
Description: A vulnerability was discovered in the Linux kernel versions 2.4.22 and previous. A flaw in bounds checking in the do_brk() function can allow a local attacker to gain root privileges. This vulnerability is known to be exploitable.

The 2.4.23 kernel contains the fix. For more details on how this vulnerability works, see this LWN article.

Alerts:
Debian DSA-475-1 2004-04-05
Debian DSA-470-1 2004-04-01
Debian DSA-442-1 2004-02-19
Debian DSA-433-1 2004-02-04
Debian DSA-423-1 2004-01-15
Red Hat RHSA-2003:368-01 2003-12-19
Conectiva CLA-2003:796 2003-12-05
Gentoo 200312-02 2003-12-04
SuSE SuSE-SA:2003:049 2003-12-04
Yellow Dog YDU-20031203-1 2003-12-03
Red Hat RHSA-2003:389-01 2003-12-01
Fedora FEDORA-2003-026 2003-12-02
Slackware SSA:2003-336-01 2003-12-01
Red Hat RHSA-2003:392-00 2003-12-01
Trustix 2003-0046 2003-12-01
Mandrake MDKSA-2003:110 2003-12-01
Debian DSA-403-1 2003-12-01

Comments (1 posted)

kernel-utils: setuid vulnerability

Package(s):kernel-utils CVE #(s):CAN-2003-0019
Created:February 7, 2003 Updated:January 21, 2005
Description: The kernel-utils package contains several utilities that can be used to control the kernel or machine hardware. In Red Hat Linux 8.0 this package contains user mode linux (UML) utilities.

The uml_net utility in kernel-utils packages with Red Hat Linux 8.0 was incorrectly shipped setuid root. This could allow local users to control certain network interfaces, add and remove arp entries and routes, and put interfaces in and out of promiscuous mode.

All users of the kernel-utils package should update to these packages that contain a version of uml_net that is not setuid root.

Alternatively, as a work-around to this vulnerability issue the following command as root:

chmod -s /usr/bin/uml_net

Alerts:
Red Hat RHSA-2003:056-08 2003-02-07

Comments (none posted)

lftp buffer overflows

Package(s):lftp CVE #(s):CAN-2003-0963
Created:December 15, 2003 Updated:February 13, 2004
Description: According to this advisory versions of lftp prior to 2.6.10 are vulnerable to two exploitable buffer overflow problems. Both occur when you connect to a web server with lftp using HTTP or HTTPS, and then use lftp's "ls" or "rels" commands on specially prepared directories on the web server.
Alerts:
Whitebox WBSA-2003:404-01 2003-12-17
Conectiva CLA-2004:800 2004-01-06
Debian DSA-406-1 2004-01-05
Gentoo 200312-07 2003-12-16
OpenPKG OpenPKG-SA-2003.053 2003-12-17
Red Hat RHSA-2003:404-01 2003-12-16
Red Hat RHSA-2003:403-01 2003-12-16
Mandrake MDKSA-2003:116 2003-12-15
Fedora FEDORA-2003-034 2003-12-15
SuSE SuSE-SA:2003:051 2003-12-15
Immunix IMNX-2003-73-002-01 2003-12-09
Slackware SSA:2003-346-01 2003-12-12

Comments (none posted)

libpng, libpng3: buffer overflow

Package(s):libpng, libpng3 CVE #(s):CAN-2002-1363
Created:December 19, 2002 Updated:July 14, 2004
Description: Glenn Randers-Pehrson discovered a problem in connection with 16-bit samples from libpng, an interface for reading and writing PNG (Portable Network Graphics) format files. The starting offsets for the loops are calculated incorrectly which causes a buffer overrun beyond the beginning of the row buffer.
Alerts:
Gentoo 200407-06 2004-07-08
OpenPKG OpenPKG-SA-2004.030 2004-07-06
Mandrake MDKSA-2004:063 2004-06-29
Whitebox WBSA-2004:249-01 2004-06-21
Fedora FEDORA-2004-176 2004-06-18
Fedora FEDORA-2004-174 2004-06-18
Fedora FEDORA-2004-175 2004-06-18
Fedora FEDORA-2004-173 2004-06-18
Red Hat RHSA-2004:249-01 2004-06-18
Conectiva CLA-2003:564 2003-01-23
Mandrake MDKSA-2003:008 2003-01-20
OpenPKG OpenPKG-SA-2003.001 2003-01-15
Yellow Dog YDU-20030114-2 2002-01-14
SuSE SuSE-SA:2003:0004 2003-01-14
Red Hat RHSA-2003:006-06 2003-01-09
Debian DSA-213-1 2002-12-19

Comments (none posted)

mc: arbitrary code execution

Package(s):mc CVE #(s):CAN-2003-1023
Created:January 16, 2004 Updated:April 5, 2004
Description: A vulnerability was discovered in Midnight Commander, a file manager, whereby a malicious archive (such as a .tar file) could cause arbitrary code to be executed if opened by Midnight Commander.
Alerts:
OpenPKG OpenPKG-SA-2004.009 2004-04-05
Gentoo 200403-09 2004-03-29
Conectiva CLA-2004:833 2004-03-31
SCO Group CSSA-2004-014.0 2004-03-25
Whitebox WBSA-2004:035-01 2004-02-12
Fedora FEDORA-2004-058 2004-02-09
Red Hat RHSA-2004:035-01 2004-01-19
Mandrake MDKSA-2004:007 2004-01-26
Red Hat RHSA-2004:034-01 2004-01-19
Debian DSA-424-1 2004-01-16

Comments (none posted)

mikmod: buffer overflow

Package(s):mikmod CVE #(s):CAN-2003-0427
Created:June 16, 2003 Updated:June 16, 2005
Description: Ingo Saitz discovered a bug in mikmod whereby a long filename inside an archive file can overflow a buffer when the archive is being read by mikmod.
Alerts:
Fedora FEDORA-2005-405 2005-06-16
Red Hat RHSA-2005:506-01 2005-06-13
Fedora FEDORA-2005-404 2005-06-09
Gentoo 200307-01 2003-07-02
Debian DSA-320-1 2003-06-13

Comments (none posted)

mod_python: denial of service vulnerability

Package(s):mod_python CVE #(s):CAN-2003-0973
Created:January 27, 2004 Updated:October 4, 2004
Description: Apache's mod_python module could crash the httpd process if a specific, malformed query string was sent.

The Apache Foundation has reported that mod_python may be prone to Denial of Service attacks when handling a malformed query. Mod_python 2.7.9 was released to fix the vulnerability, however, because the vulnerability has not been fully fixed, version 2.7.10 has been released.

Users of mod_python 3.0.4 are not affected by this vulnerability.

Alerts:
Fedora-Legacy FLSA:1325 2004-10-03
Conectiva CLA-2004:837 2004-04-12
Whitebox WBSA-2004:058-01 2004-03-01
Debian DSA-452-1 2004-02-29
Red Hat RHSA-2004:058-01 2004-02-26
Red Hat RHSA-2004:063-01 2004-02-26
Gentoo 200401-03 2004-01-27

Comments (none posted)

mpg123: heap overflow

Package(s):mpg123 CVE #(s):CAN-2003-0865
Created:November 12, 2003 Updated:February 19, 2004
Description: Versions of mpg123 through 0.59s contain a heap overflow which may be exploited remotely (by a hostile server). See this advisory for details.
Alerts:
SCO Group CSSA-2004-002.0 2004-02-19
Debian DSA-435-1 2004-02-06
Conectiva CLA-2003:781 2003-11-12

Comments (none posted)

mpg321: format string vulnerability

Package(s):mpg321 CVE #(s):CAN-2003-0969
Created:January 6, 2004 Updated:March 28, 2005
Description: A vulnerability was discovered in mpg321, a command-line mp3 player, whereby user-supplied strings were passed to printf(3) unsafely. This vulnerability could be exploited by a remote attacker to overwrite memory, and possibly execute arbitrary code. In order for this vulnerability to be exploited, mpg321 would need to play a malicious mp3 file (including via HTTP streaming).
Alerts:
Gentoo 200503-34 2005-03-28
Debian DSA-411-1 2004-01-05

Comments (none posted)

mplayer: remotely exploitable buffer overflow vulnerability

Package(s):mplayer CVE #(s):CAN-2003-0835
Created:September 29, 2003 Updated:April 6, 2004
Description: A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful ASX header, and trick MPlayer into executing arbitrary code upon parsing that header. Read the full advisory for details.
Alerts:
Mandrake MDKSA-2004:026 2004-04-05
Gentoo 200403-13 2004-03-31
Conectiva CLA-2003:760 2003-10-06
Mandrake MDKSA-2003:097 2003-09-30
Gentoo 200309-15 2003-09-27

Comments (none posted)

Nessus NASL scripting engine security issues

Package(s):nessus CVE #(s):
Created:May 27, 2003 Updated:August 12, 2004
Description: Some some vulnerabilities exsist in the Nessus NASL scripting engine. To exploit these flaws, an attacker would need to have a valid Nessus account as well as the ability to upload arbitrary Nessus plugins in the Nessus server (this option is disabled by default) or he/she would need to trick a user somehow into running a specially crafted nasl script. Read the full advisory for additional information.
Alerts:
Gentoo 200305-10 2003-05-27

Comments (none posted)

netpbm: insecure temporary files

Package(s):netpbm CVE #(s):CAN-2003-0924
Created:January 19, 2004 Updated:December 29, 2004
Description: netpbm is graphics conversion toolkit made up of a large number of single-purpose programs. Many of these programs were found to create temporary files in an insecure manner, which could allow a local attacker to overwrite files with the privileges of the user invoking a vulnerable netpbm tool.
Alerts:
Conectiva CLA-2004:909 2004-12-29
Gentoo 200410-02 2004-10-04
Mandrake MDKSA-2004:011-1 2004-09-27
Whitebox WBSA-2004:031-01 2004-02-12
Mandrake MDKSA-2004:011 2004-02-11
Red Hat RHSA-2004:030-01 2004-02-05
Fedora FEDORA-2004-068 2004-02-06
Red Hat RHSA-2004:031-01 2004-01-22
Debian DSA-426-1 2004-01-18

Comments (1 posted)

Net-SNMP: security bugs in versions before 5.0.9

Package(s):Net-SNMP CVE #(s):CAN-2003-0935
Created:December 2, 2003 Updated:February 13, 2004
Description: The Net-SNMP project includes various Simple Network Management Protocol (SNMP) tools. A security issue in Net-SNMP versions before 5.0.9 could allow an existing user/community to gain access to data in MIB objects that were explicitly excluded from their view.

Version 5.0.9 of Net-SNMP is not vulnerable to this issue. In addition, Net-SNMP 5.0.9 fixes a number of other minor bugs.

Alerts:
Whitebox WBSA-2004:023-01 2004-02-12
Red Hat RHSA-2004:023-01 2004-01-15
Mandrake MDKSA-2003:115 2003-12-11
Red Hat RHSA-2003:335-01 2003-12-02

Comments (none posted)

nfs-utils xlog() off-by-one bug

Package(s):nfs-utils CVE #(s):CAN-2003-0252
Created:July 14, 2003 Updated:March 8, 2004
Description: Linux NFS utils package contains remotely exploitable off-by-one bug. A local or remote attacker could exploit this vulnerability by sending specially crafted request to rpc.mountd daemon. See this BugTraq post for more details.
Alerts:
Trustix TSLSA-2004-0009 2004-03-05
SCO Group CSSA-2003-037.0 2003-11-17
Conectiva CLA-2003:700 2003-07-22
Mandrake MDKSA-2003:076 2003-07-21
Gentoo 200307-07 2003-07-19
Yellow Dog YDU-20030718-1 2003-07-18
Slackware SSA:2003-195-01b 2003-07-15
Immunix IMNX-2003-7+-018-01 2003-07-14
SuSE SuSE-SA:2003:031 2003-07-15
Slackware SSA:2003-195-01 2003-07-14
Debian DSA-349-1 2003-07-14
Red Hat RHSA-2003:206-01 2003-07-14

Comments (none posted)

openssh: timing attack leads to information disclosure

Package(s):openssh CVE #(s):CAN-2003-0190
Created:May 2, 2003 Updated:November 30, 2004
Description: From the advisory: "During a pen-test we stumbled across a nasty bug in OpenSSH-portable with PAM support enabled (via the --with-pam configure script switch). This bug allows a remote attacker to identify valid users on vulnerable systems, through a simple timing attack. The vulnerability is easy to exploit and may have high severity, if combined with poor password policies and other security problems that allow local privilege escalation."
Alerts:
Ubuntu USN-34-1 2004-11-30
OpenPKG OpenPKG-SA-2003.035 2003-08-06
Red Hat RHSA-2003:222-01 2003-07-29
Gentoo 200305-02 2003-05-13
Gentoo 200305-01 2002-03-05

Comments (1 posted)

perl information leak

Package(s):perl CVE #(s):CAN-2003-0618
Created:February 2, 2004 Updated:April 21, 2004
Description: Paul Szabo discovered a number of bugs in suidperl, a helper program to run perl scripts with setuid privileges. By exploiting these bugs, an attacker could abuse suidperl to discover information about files (such as testing for their existence and some of their permissions) that should not be accessible to unprivileged users.
Alerts:
Debian DSA-431-2 2004-04-16
Debian DSA-431-1 2004-02-01

Comments (none posted)

postfix: denial of service vulnerabilities

Package(s):postfix CVE #(s):CAN-2003-0468 CAN-2003-0540
Created:August 5, 2003 Updated:May 27, 2004
Description: The postfix MTA, versions through 1.1.12 (but not 2.0) is subject to two remotely exploitable denial of service vulnerabilities; see this advisory from Michal Zalewski for details.
Alerts:
Mandrake MDKA-2004:028 2004-05-26
Trustix 2003-0029 2003-08-04
Mandrake MDKSA-2003:081 2003-08-04
EnGarde ESA-20030804-019 2003-08-04
Conectiva CLA-2003:717 2003-08-04
SuSE SuSE-SA:2003:033 2003-08-04
Red Hat RHSA-2003:251-01 2003-08-04
Debian DSA-363-1 2003-08-03

Comments (none posted)

rsync - remotely exploitable heap overflow

Package(s):rsync CVE #(s):CAN-2003-0962
Created:December 4, 2003 Updated:March 3, 2004
Description: An advisory has gone out warning of a remotely exploitable heap overflow vulnerability in rsync versions 2.5.6 and prior. If you are running an rsync server, you will want to apply a distributor patch or upgrade to 2.5.7 in the near future.
Alerts:
SCO Group CSSA-2004-010.0 2004-03-02
Immunix IMNX-2003-73-001-01 2003-12-05
Mandrake MDKSA-2003:111 2003-12-04
Red Hat RHSA-2003:399-01 2003-12-04
Red Hat RHSA-2003:398-01 2003-12-04
Fedora FEDORA-2003-030 2003-12-04
Conectiva CLA-2003:794 2003-12-04
Gentoo 200312-03 2003-12-04
EnGarde ESA-20031204-032 2003-12-04
Debian DSA-404-1 2003-12-04
OpenPKG OpenPKG-SA-2003.051 2003-12-04
SuSE SuSE-SA:2003:050 2003-12-04
Trustix 2003-0048 2003-12-04
Slackware SSA:2003-337-01 2003-12-03

Comments (none posted)

Multiple-use vulnerability in Safe.pm

Package(s):Safe.pm CVE #(s):CAN-2002-1323
Created:October 9, 2002 Updated:February 20, 2004
Description: usePerl has a description of a vulnerability in the Safe.pm Perl module. It seems that if a Safe compartment is used more than once, it ceases to be safe. The problem is fixed in Safe 2.08.
Alerts:
SCO Group CSSA-2004-007.0 2004-02-20
Gentoo 200212-6 2002-12-20
Trustix 2002-0087 2002-12-19
OpenPKG OpenPKG-SA-2002.014 2002-12-16
Debian DSA-208-1 2002-12-12

Comments (none posted)

sane-backends: several vulnerabilities

Package(s):sane-backends CVE #(s):CAN-2003-0773 CAN-2003-0774 CAN-2003-0775 CAN-2003-0776 CAN-2003-0777 CAN-2003-0778
Created:September 11, 2003 Updated:February 20, 2004
Description