A grumpy editor's calendar search
Your editor is, at times, a creature of habit. Many, many years ago, back
when Tcl and Tk were new and exciting, he discovered a simple calendar
called "ical" and he has been using it ever since. ical may be old and
![[ical]](/images/ns/calss/ical-sm.png)
unmaintained, but it
works. It provides a basic calendar,
appointment book, and task list without taking up too much screen space or
system resources. Its interface is quick and does not require lots of
clicking and form filling. It does exactly what it needs to do.
Creatures of habit, perhaps, should not run Debian unstable on their
desktops. Your editor has learned to scrutinize every dist-upgrade
carefully before turning it loose, but he missed the one that deleted ical
from his system. Some investigation turned up that, in fact, ical has not
been part of Debian for some time; it had been removed as being obsolete,
unmaintained, and superseded by better alternatives. ical was able to
continue to exist for years, however, until some recent change in unstable
forced its removal.
After scrambling to copy his calendar file to another system, your editor
decided it was time to investigate some of these newer, better
alternatives. The results, it must be said, were somewhat disappointing.
The new crop of desktop calendars may be impressive to look at, but few of
them have achieved the straightforward ease of use and unobtrusiveness that
ical had almost fifteen years ago. Fortunately, the news is not all bad.
The first stop in such a search almost has to be Evolution.
Ximian's high-profile groupware system is, doubtless, highly useful for
busy people who must juggle meetings and share their schedules with
others. One of the big advantages of working for a small operation like
LWN, however, is that scheduling a meeting is a simple matter of finding a
table at a local brewpub, and Evolution can't help with that. For one
whose goal is a simple calendar manager, and who has no desire to switch to
a new email client, Evolution brings a great deal of heavyweight baggage
for little gain. The calendar interface is difficult to navigate around
in; your editor never did succeed in reproducing the calendar view found on
the Evolution
screen shots page. Evolution 1.4 also crashed several times while
being tested. Evolution may be an impressive piece of software, but it is
not appropriate to consider as a replacement for ical.
The word is that Evolution 2.0 will feature a much-improved calendar
manager, and the underlying infrastructure will make it easier to create
independent, standalone calendar applications.
The next logical place to look is KOrganizer, the KDE calendar
application. KOrganizer it must be said, is a nice calendar manager. The
default layout wastes a lot of space, but a bit of edge dragging fixes
that. KOrganizer allows for relatively painless entry of events, and it
understands the concept of events which are attached to a day, but which
have no particular time (e.g. "wedding anniversary: have a present or sleep
on the couch"). Alarms are nicely configurable, though your editor noted
that the alarm windows had a tendency to pop up underneath the KOrganizer
window on his (non-KDE) desktop.
There is one nice ical feature that KOrganizer lacks: the ability to add
events without dealing with dialog windows. With ical, it's simply a
matter of dragging an entry over the relevant time period and typing in the
info. With KOrganizer (and a number of other calendar managers), you have
to set the times in special dialog fields. KOrganizer 3.2 has improved
things somewhat by allowing the time range to be set with the mouse, but it
requires an explicit configuration option and still puts up a dialog for
the event description. In the modern, graphical,
direct manipulation world, the dialog window should be unnecessary if the
more complex features (custom alarms, recurrence) are not being used.
Another possibility is a package called plan, which is a calendar manager
based on Motif. Plan has the basic necessary features; it can handle
appointments (but appears to lack a task list). It requires a separate
daemon to handle
alarms, and complains if that daemon is not running when it starts up. It
has two basic views, being full-month and one week; there is no way to get
the "this month calendar and today's events" view that many other calendar
managers offer. Event entry is relatively unfriendly, requiring dates and
times to be typed into form blanks. Plan works as a basic calendar, but
fails to inspire enthusiasm.
A simple, but cute entry is gDeskCal. This
calendar is meant to sit on (and blend into) the desktop; it uses alpha
blending to make itself inconspicuous, and comes with several different
"skins" which can be used to change its appearance. gDeskCal has a simple
appointment manager, and it can read Evolution appointments as well.
Hovering the mouse over a given day will yield a transient window listing
that day's appointments. There is no alarm capability, however.
Your editor was also pointed at "xcal", which is available as a Debian
package but which appears to lack a web page. Anybody who wonders what
life was like when the Athena Widget Set was new should give xcal a try.
Anybody wanting a modern calendar application should look elsewhere,
however.
The final stop on this tour is GNOME-PIM.
This calendar manager, like KOrganizer, handles all of the basic tasks and
provides a number of useful views. Unlike KOrganizer, GNOME-PIM allows
entry and management of calendar entries directly in the main window,
without dialogs. Also unlike KOrganizer, it lacks "no specific time"
events. Unlike ical, GNOME-PIM does not have a flag on events saying
whether that event should cause the day to be highlighted on the one-month
calendar view. There are certain types of events ("it's trash day") that
are nice to get
reminders for, but which don't really qualify as special events. GNOME-PIM
has a lot of potential, but it suffers from a big problem: development
activity appears to have come to a stop, and there has not been a GNOME-PIM
release since the end of 2002. The last thing a grumpy editor needs is to
commit himself to another unmaintained calendar application.
The winner is fairly clear: the only application which is competitive
as an ical replacement appears to be KOrganizer. The KDE developers have
done a top-quality job of creating a focused, highly-configurable calendar
manager which brings in a (relative) minimum of unneeded baggage. Your
editor will miss the quickness and simplicity of ical, but KOrganizer will
get the job done. Let us hope, however, that the developers of graphical
applications will not forget the users who are not interested in massive,
do-everything applications. It should always be possible to find, say, a
reasonably functional calendar without dragging in email clients, web
servers, and other unrelated stuff. The old Unix guideline - a tool should
do one job, and do it well - is best not forgotten.
Comments (70 posted)
Linux a la Carte
Progeny is proposing a
different way
to look at Linux distributions.
According to
Progeny's Ian Murdock, the traditional Linux distribution follows a
"top-down" "one-size-fits-all" model that doesn't meet the needs of many
Linux users.
For those who view Linux not as a product but as a platform on which to
build their own products, the monolithic nature of the typical distribution
is a particularly bad fit. The typical Linux-as-product distribution
optimizes for breadth--because it is "one-size-fits-all", it needs to
include a huge assortment of features and technologies to satisfy the
widest possible audience, only a few of which may be important to any given
project (and the few that are important will always vary). Ideally, for
Linux-as-platform users, a distribution should optimize for depth, i.e., to
excel in those few features and technologies important to the project at
hand.
The new approach, then, is to "componentize" Linux by allowing the user to
choose only the bits that they need. We spoke with Murdock about Progeny's
plans for componentized Linux to see where the company is headed. Is
componentized Linux yet another Linux distribution?
Emphatically not, according to Murdock:
One thing that's very important to point out, it's not a distribution per
se -- it's more of a template above an existing distribution like Red Hat
or Debian...someone can come in and say 'this is what I want' and then it
becomes a question of 'which distribution foundation do I want under that?'
... It's a much smaller job to come in and say 'I want an LSB 2.0-compliant
runtime and Active Directory integration module' instead of having to go in
to Debian to figure out what packages you need.
Besides, Progeny has already been there and done that with regards to the
distribution business. The company started with Progeny Linux, a
"commercialized" version of Debian, and eventually moved on to a business
model of helping other companies customize Linux to fit their
needs. Customization, according to Murdock, often involved a lot of time
removing components from "monolithic" distributions that their customers
had started with -- which in turn led to the concept of componentized
Linux.
For users who are interested in seeing componentized Linux in action,
Progeny has released "Componentized Linux Core" ISOs based on Debian
Sarge. There are two ISO images available, only the first is necessary to
perform an install -- the second contains the remainder of source code for
the distribution that didn't fit on the first ISO. They provide an early
glimpse of the concept, though the release is a bit short on actual
components. The Componentized Linux Core uses Progeny's Anaconda for Debian
installer and allows the user to install a short list of components:
XFree86 4.2, GNOME 2.4, a 2.4 or 2.6 kernel, and an LSB runtime and devel
component.
Why is Progeny making Componentized Linux public now? For one thing, the
company is looking to highlight Progeny's approach to customizing
Linux. Murdock also said that he's noticed a number of people developing
custom distributions, and that they'd like to give something back to the
community -- and to prevent others in the community from having to re-do
the same work that Progeny has already done. He also said that he hopes
that Progeny will be able to build a community around Componentized Linux
that will help the project evolve to everyone's benefit. Murdock noted that
the response thus far has been positive:
I think it's a concept that resonates with people, because Linux is a
fundamentally different OS. The leading commercial distributions are
looking more and more like the proprietary OSes that they are
replacing...people are looking at this and saying 'it's a good fit, and
it'll save me a lot of time.'
Though Progeny's first release is based on Debian, Murdock said that the
company also hopes to have a Fedora-based Componentized Linux and
"possibly more than that."
It will be interesting to see if the à la Carte approach gains
widespread appeal. No doubt, part of the distribution proliferation problem
stems from the difficulty of customizing "major" distributions to specific
tasks. Instead of seeing hundreds of different Linux distributions -- each
with their own installer, administration tools and assorted quirks --
perhaps we could look forward to a day when most distributions utilize a
single common core and distinguish themselves through package
repositories. For users who have had to master multiple distributions,
package formats and admin tools, it's an attractive prospect indeed.
Comments (7 posted)
SCO and Public Perception
Mark Barrenechea, a senior vice president in charge of product
development at CA, said the SCO licenses weren't bought but were
"thrown in" as part of a settlement CA reached last August with
Canopy.
--Dow Jones
The word from CA would appear to be clear: the company did not go out
looking for "Linux licenses" from the SCO Group. Instead, the Canopy
Group, SCO's largest stockholder, decided to toss the licenses in as part
of an apparently unrelated settlement some months ago. It must have seemed
like a good idea at the time; it was an easy way to claim that a large
company had obtained licenses from SCO.
Given the subsequent revelations, one would expect the press to be looking
into false statements of "Linux license" sales. There is also the
interesting question of just why the Canopy Group felt the need to push
Linux licenses in this way. Canopy claims to not be a part of SCO's
crusade, but events like this suggest otherwise. Instead, however, we got
headlines like:
For quite some time now, the SCO Group has been very well treated by the
media. Many of its claims have gone unchallenged, and even the company's
goofiest statements get wide coverage. Thus we hear that Darl
McBride's enemies are out to kill him, but important little details,
like the fact that SCO dropped the trade secret claims that were at the
core of its initial suit against IBM, somehow don't get covered. One can
only guess that SCO v. IBM as a "David v. Goliath" story makes for better
headlines.
Even so, the world beyond the free software community is clearly beginning
to figure things out. Consider the latest from
the Motley Fool:
With dwindling cash and the entire industry ready to fight, the
company looks like it's treading thin ice during spring melt. Given
the ham-fisted efforts of its law team, and its haphazard legal
strategy, I wouldn't bet that any amount of litigation will keep
SCO above water.
The questions asked by reporters at the March 3
conference call are also telling: they aren't buying it anymore. To
really see how the SCO PR battle is going, however, one should take a look
at the company's stock price.
Anybody who was paying attention during the dotcom bubble knows better than
to attribute too much rationality to stock prices. That notwithstanding,
a stock market is an efficient machine for integrating the opinions of a
large number of unrelated people. SCO's stock price peaked briefly at
$22.29 in October, when the BayStar deal was announced. At that time, the
company's market capitalization was a little over $300 million. Given
that SCO has no business left other than its Linux-related litigation, its
stock can be seen as a sort of call option on SCO's lawsuits. Even at its
peak, SCO's stock price represented a perceived chance of collection of
less than 10%. If the company were truly set to collect billions, it would
not be valued in the millions.
As this article was being written, SCO's stock has fallen below $10/share
for the first time since July. The value of the call option is clearly
declining.
Since stock prices are interesting as an indicator of public perception, we
have prepared an annotated chart correlating
the company's stock price against various events from the last year. It
shows how the public view of SCO has gone up and down and the correlation
with the actions of SCO and others. SCO may yet manage to engineer another
increase in its stock price, but it seems unlikely to get anywhere near the
highs of last October. If SCO's actions are truly part of a stock scam, it
would appear to have failed.
Most readers will be familiar with the Halloween X
memo leaked to Eric Raymond. The memo is for real, but SCO claims that
its author, outside consultant Mike Anderer, misunderstood the situation.
It has, regardless, caused the wider world to look again at Microsoft's
relationship to SCO, and may have played a part in the recent stock
decline.
Meanwhile, SCO has filed its memo
in opposition of Novell's motion to dismiss the "slander of title"
suit. SCO maintains that the asset purchase agreement was sufficient to
transfer the Unix copyrights, and that it has, indeed, suffered damages
from Novell's actions. SCO is also trying to get the case moved back to
Utah state court after Novell moved it to the Federal court. The Federal
court is the same one which is hearing the IBM case; perhaps SCO has
decided it no longer wishes to try its luck there.
Comments (4 posted)
EU Intellectual Property Rights Directive passed
On March 9 the European Parliament passed, without amendment, the "Intellectual
Property Rights Enforcement" directive under fast-track procedures. This
directive, which worries free software advocates and others (see
this FFII page for
the details), is expected to be passed by the European Commission shortly.
At that point, the battle shifts to the individual EU member states, each
of which must pass its own implementation legislation. Concerned Europeans
will certainly want to pay attention to what is happening in their
countries as this process goes forward.
Comments (none posted)
Page editor: Jonathan Corbet
Security
Security news
Fighting spam in the courts
Reading legal filings has never been your editor's idea of a good time, and
many of the filings which have gone his way over the last year have been
less fun than usual. So it has been a bit of a relief to read complaints
with titles like "Microsoft Corporation v. John Does 1-50 d/b/a Super
Viagra Group." The big ISPs are figuring out that spam is costing them
money; as a result, Microsoft, AOL, Earthlink, and Yahoo have filed a set
of lawsuits aimed at those who, they say, have sent spam into their
systems.
These suits have been trumpeted as the first application of the
much-maligned U.S. "CAN-SPAM" act. The complaints (most of which can be
found on
FindLaw) do, indeed, cite this act, but they also bring many other
counts and could easily have been filed before that act was passed.
Microsoft's complaint, for example, alleges "trespass to chattels,"
"conversion," violation of the Washington electronic mail act, violation of
the federal computer fraud and abuse act, Lanham act violations, and more.
AOL's complaint brings in violations of the Virginia computer crimes act,
dealing in falsified bulk email software (Virginia law, again), conspiracy
to commit trespass of chattels, and more. The CAN-SPAM act, clearly, is
only part of the picture.
The filings are good for publicity and as a way to look like something is
being done, but it remains to be seen whether they will accomplish anything
against spam. The fact that the complaints are filed against over 100
"John Does" makes one problem clear: these ISPs still do not have a clear
idea of who they are fighting. They claim that, armed with subpoenas, they
can follow the money trails starting with the manufacturers of the products
being pitched and track down the spammers from there. Perhaps, but it
would be a mistake to assume that the people involved will be easily found,
or that it will be easy to prove that they, in particular, sent the
messages in question.
That said, legal action is likely to be an important part of the fight
against spam in the future. With luck, a squad of expensive corporate
lawyers can help to push spammers further underground and make it harder to
actually earn money by sending junk email. There are reasons to worry too,
however; anti-spam laws are, to a great extent, being used to squelch a
certain type of unpleasant speech. It is not that hard to imagine those
laws being used to shut down other types of speech which powerful groups
find distasteful, much like domain name laws and procedures have been used
to pull the plug on consumer and satire sites. Making spammers
uncomfortable is a good thing; let's just hope this effort stops there.
Comments (2 posted)
New vulnerabilities
gdk-pixbuf: buffer overflow
| Package(s): | gdk-pixbuf |
CVE #(s): | CAN-2004-0111
|
| Created: | March 10, 2004 |
Updated: | March 16, 2004 |
| Description: |
Versions of gdk-pixbuf prior to 0.20 contain a vulnerability which can be exploited, via a malicious BMP file, to crash Evolution. |
| Alerts: |
|
Comments (none posted)
kdelibs: cookie disclosure
| Package(s): | kdelibs |
CVE #(s): | CAN-2003-0592
|
| Created: | March 10, 2004 |
Updated: | August 24, 2004 |
| Description: |
kdelibs (and, thus, Konqueror) has a vulnerability where a hostile server can force the disclosure of cookies that should not be presented to it. KDE versions 3.1.3 and later contain a fix. |
| Alerts: |
|
Comments (none posted)
mozilla: multiple vulnerabilties
| Package(s): | mozilla |
CVE #(s): | CAN-2003-0594
CAN-2003-0564
|
| Created: | March 10, 2004 |
Updated: | August 19, 2004 |
| Description: |
Mozilla 1.4 contains a few vulnerabilities, including disclosure of cookies to the wrong server, a scripting vulnerability which can allow an attacker to run arbitrary code, and an S/MIME vulnerability which can lead to remote denial of service or code execution attacks. |
| Alerts: |
|
Comments (none posted)
python: buffer overflow
| Package(s): | python |
CVE #(s): | CAN-2004-0150
|
| Created: | March 10, 2004 |
Updated: | October 11, 2004 |
| Description: |
Python (versions 2.2 and 2.2.1 only) has a buffer overflow in the getaddrinfo() function which can be exploited by a malformed IPv6 address. |
| Alerts: |
|
Comments (none posted)
sysstat: temporary file vulnerability
| Package(s): | sysstat |
CVE #(s): | CAN-2004-0107
CAN-2004-0108
|
| Created: | March 10, 2004 |
Updated: | October 4, 2004 |
| Description: |
The sysstat utility has a temporary file vulnerability which can be exploited by a local attacker to overwrite system files. |
| Alerts: |
|
Comments (none posted)
wu-ftpd: two vulnerabilities
| Package(s): | wu-ftpd |
CVE #(s): | CAN-2004-0148
CAN-2004-0185
|
| Created: | March 9, 2004 |
Updated: | March 10, 2004 |
| Description: |
CAN-2004-0148 - Glenn Stewart discovered that users could bypass the
directory access restrictions imposed by the restricted-gid option by
changing the permissions on their home directory. On a subsequent login,
when access to the user's home directory was denied, wu-ftpd would fall
back to the root directory.
CAN-2004-0185 - A buffer overflow existed in wu-ftpd's code which deals
with S/key authentication. |
| Alerts: |
|
Comments (none posted)
Updated vulnerabilities
CUPS: denial of service
| Package(s): | CUPS |
CVE #(s): | CAN-2003-0788
|
| Created: | November 3, 2003 |
Updated: | March 4, 2004 |
| Description: |
Paul Mitcheson reported a situation where the CUPS Internet Printing
Protocol (IPP) implementation in CUPS versions prior to 1.1.19 would get
into a busy loop. This could result in a denial of service. In order to
exploit this bug an attacker would need to have the ability to make a TCP
connection to the IPP port (by default 631).
|
| Alerts: |
|
Comments (none posted)
PWLib: possible Denial of Service
| Package(s): | PWLib |
CVE #(s): | CAN-2004-0097
|
| Created: | February 13, 2004 |
Updated: | April 9, 2004 |
| Description: |
PWLib is a cross-platform class library designed to support the OpenH323
project. OpenH323 provides an implementation of the ITU H.323
teleconferencing protocol, used by packages such as Gnome Meeting.
A test suite for the H.225 protocol (part of the H.323 family) provided by
the NISCC uncovered bugs in PWLib prior to version 1.6.0. An attacker
could trigger these bugs by sending carefully crafted messages to an
application. The effects of such an attack can vary depending on the
application, but would usually result in a Denial of Service. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0097 to this issue. |
| Alerts: |
|
Comments (none posted)
apache2: Denial of Service vulnerability
| Package(s): | apache2 |
CVE #(s): | |
| Created: | September 29, 2003 |
Updated: | March 25, 2004 |
| Description: |
A problem was discovered in Apache2 where CGI scripts that write more than
4k to the standard error stream will hang the script's execution. This problem can lead to a
denial of service situation. See this bug
report for additional details. |
| Alerts: |
|
Comments (none posted)
Filename disclosure vulnerability in fam
| Package(s): | fam |
CVE #(s): | CAN-2002-0875
|
| Created: | August 19, 2002 |
Updated: | January 5, 2005 |
| Description: |
"fam" (file alteration monitor) watches files and directories for changes and lets interested applications know when something happens. This package has a flaw in its group handling that blocks some legitimate operations while, at the same time, exposing the names of files that should otherwise be invisible. |
| Alerts: |
|
Comments (none posted)
fetchmail may crash on specially crafted message
| Package(s): | fetchmail |
CVE #(s): | CAN-2003-0792
|
| Created: | October 16, 2003 |
Updated: | April 8, 2004 |
| Description: |
A bug was discovered in fetchmail 6.2.4 where a specially crafted email
message can cause fetchmail to crash.
|
| Alerts: |
|
Comments (none posted)
GnuPG: ElGamal signing keys compromised
| Package(s): | gnupg |
CVE #(s): | CAN-2003-0971
|
| Created: | November 28, 2003 |
Updated: | March 3, 2004 |
| Description: |
A severe vulnerability was discovered in GnuPG by Phong Nguyen relating to
ElGamal sign+encrypt keys. This
email message from Werner Koch contains more information. "Phong
Nguyen identified a severe bug in the way GnuPG creates and uses ElGamal
keys for signing. This is a significant security failure which can lead to
a compromise of almost all ElGamal keys used for signing. Note that this
is a real world vulnerability which will reveal your private key within a
few seconds." |
| Alerts: |
|
Comments (3 posted)
gtkhtml: malformed messages cause crash
| Package(s): | gtkhtml |
CVE #(s): | CAN-2003-0133
CAN-2003-0541
|
| Created: | April 14, 2003 |
Updated: | April 18, 2005 |
| Description: |
GtkHTML is the HTML rendering widget used by the Evolution mail reader.
GtkHTML supplied with versions of Evolution prior to 1.2.4 contain a bug
when handling HTML messages. Alan Cox discovered that certain malformed
messages could cause the Evolution mail component to crash. |
| Alerts: |
|
Comments (none posted)
iproute: local denial of service
| Package(s): | iproute net-tools |
CVE #(s): | CAN-2003-0856
|
| Created: | November 25, 2003 |
Updated: | December 14, 2004 |
| Description: |
The iproute utility is susceptible to spoofed netlink messages sent by local users, with the result that denial of service attacks are possible. |
| Alerts: |
|
Comments (none posted)
kdepim: VCF file information reader vulnerability
| Package(s): | kdepim |
CVE #(s): | CAN-2003-0988
|
| Created: | January 15, 2004 |
Updated: | May 26, 2004 |
| Description: |
KDE has issued a security advisory for all
versions of kdepim as distributed with KDE versions 3.1.0 through 3.1.4
inclusive. A carefully crafted .VCF file potentially enables local
attackers to compromise the privacy of a victim's data or execute arbitrary
commands with the victim's privileges. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0988 to
this issue. |
| Alerts: |
|
Comments (none posted)
kernel: local root exploit
Comments (none posted)
kernel: local root exploit in 2.4.22
| Package(s): | kernel |
CVE #(s): | CAN-2003-0961
|
| Created: | December 1, 2003 |
Updated: | April 5, 2004 |
| Description: |
A vulnerability was discovered in the Linux kernel versions 2.4.22 and
previous. A flaw in bounds checking in the do_brk() function can allow a
local attacker to gain root privileges. This vulnerability is known to be
exploitable.
The 2.4.23 kernel contains the fix. For more details on how this vulnerability works, see this LWN article. |
| Alerts: |
|
Comments (1 posted)
kernel-utils: setuid vulnerability
| Package(s): | kernel-utils |
CVE #(s): | CAN-2003-0019
|
| Created: | February 7, 2003 |
Updated: | January 21, 2005 |
| Description: |
The kernel-utils package contains several utilities that can be used to
control the kernel or machine hardware. In Red Hat Linux 8.0 this package
contains user mode linux (UML) utilities.
The uml_net utility in kernel-utils packages with Red Hat Linux 8.0 was
incorrectly shipped setuid root. This could allow local users to control
certain network interfaces, add and remove arp entries and routes, and put
interfaces in and out of promiscuous mode.
All users of the kernel-utils package should update to these packages that
contain a version of uml_net that is not setuid root.
Alternatively, as a work-around to this vulnerability issue the following
command as root:
chmod -s /usr/bin/uml_net |
| Alerts: |
|
Comments (none posted)
libpng, libpng3: buffer overflow
| Package(s): | libpng, libpng3 |
CVE #(s): | CAN-2002-1363
|
| Created: | December 19, 2002 |
Updated: | July 14, 2004 |
| Description: |
Glenn Randers-Pehrson discovered a problem in connection with 16-bit
samples from libpng, an interface for reading and writing PNG
(Portable Network Graphics) format files. The starting offsets for
the loops are calculated incorrectly which causes a buffer overrun
beyond the beginning of the row buffer. |
| Alerts: |
|
Comments (none posted)
libtool - Insecure handling of temporary files
| Package(s): | libtool |
CVE #(s): | |
| Created: | February 5, 2004 |
Updated: | March 8, 2004 |
| Description: |
GNU libtool consists of a set of shell scripts used to build shared
libraries.
Joseph S. Myers
and Stefan
Nordhausen independently found a vulnerability in the way
the ltmain.sh script (which is part of the libtool package) creates
temporary directories for its use.
A local attacker could exploit this vulnerability to change/delete
arbitrary files in the system on behalf of the user who is calling the
script. The vulnerability has been fixed in the 1.5.2 version of libtool. |
| Alerts: |
|
Comments (none posted)
libxml2 - arbitrary code execution
| Package(s): | libxml2 |
CVE #(s): | CAN-2004-0110
|
| Created: | February 26, 2004 |
Updated: | July 21, 2004 |
| Description: |
Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.
When fetching a remote resource via FTP or HTTP, libxml2 uses special
parsing routines. These routines can overflow a buffer if passed a very
long URL. If an attacker is able to find an application using libxml2 that
parses remote resources and allows them to influence the URL, then this
flaw could be used to execute arbitrary code. |
| Alerts: |
|
Comments (none posted)
mailman: cross-site scripting vulnerabilities
| Package(s): | mailman |
CVE #(s): | CAN-2003-0965
CAN-2003-0992
|
| Created: | February 6, 2004 |
Updated: | March 5, 2004 |
| Description: |
Dirk Mueller discovered a cross-site scripting bug in the admin interface
in versions of Mailman 2.1 before 2.1.4. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0965 to
this issue.
A cross-site scripting bug in the 'create' CGI script affects versions of
Mailman 2.1 before 2.1.3. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0992 to this issue. |
| Alerts: |
|
Comments (none posted)
mailman denial of service
| Package(s): | mailman |
CVE #(s): | CAN-2003-0991
|
| Created: | February 9, 2004 |
Updated: | May 25, 2004 |
| Description: |
Matthew Galgoci of Red Hat discovered a Denial of Service (DoS)
vulnerability in versions of Mailman prior to 2.1. An attacker could send
a carefully-crafted message causing mailman to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2003-0991 to this issue. |
| Alerts: |
|
Comments (1 posted)
mc: arbitrary code execution
| Package(s): | mc |
CVE #(s): | CAN-2003-1023
|
| Created: | January 16, 2004 |
Updated: | April 5, 2004 |
| Description: |
A vulnerability was discovered in Midnight Commander, a file manager,
whereby a malicious archive (such as a .tar file) could cause arbitrary
code to be executed if opened by Midnight Commander. |
| Alerts: |
|
Comments (none posted)
metamail: integer and buffer overflows
| Package(s): | metamail |
CVE #(s): | CAN-2004-0104
CAN-2004-0105
|
| Created: | February 18, 2004 |
Updated: | May 21, 2004 |
| Description: |
Versions of metamail through 2.7 contain a set of integer and buffer overflows which are remotely exploitable via a properly crafted message. |
| Alerts: |
|
Comments (none posted)
mikmod: buffer overflow
| Package(s): | mikmod |
CVE #(s): | CAN-2003-0427
|
| Created: | June 16, 2003 |
Updated: | June 16, 2005 |
| Description: |
Ingo Saitz discovered a bug in mikmod whereby a long filename inside
an archive file can overflow a buffer when the archive is being read
by mikmod. |
| Alerts: |
|
Comments (none posted)
mod_python: denial of service vulnerability
| Package(s): | mod_python |
CVE #(s): | CAN-2003-0973
|
| Created: | January 27, 2004 |
Updated: | October 4, 2004 |
| Description: |
Apache's mod_python module could crash the httpd process if a specific,
malformed query string was sent.
The Apache Foundation has reported that mod_python may be prone to
Denial of Service attacks when handling a malformed query. Mod_python
2.7.9 was released to fix the vulnerability, however, because the
vulnerability has not been fully fixed, version 2.7.10 has been released.
Users of mod_python 3.0.4 are not affected by this vulnerability. |
| Alerts: |
|
Comments (none posted)
mpg321: format string vulnerability
| Package(s): | mpg321 |
CVE #(s): | CAN-2003-0969
|
| Created: | January 6, 2004 |
Updated: | March 28, 2005 |
| Description: |
A vulnerability was discovered in mpg321, a command-line mp3 player,
whereby user-supplied strings were passed to printf(3) unsafely. This
vulnerability could be exploited by a remote attacker to overwrite
memory, and possibly execute arbitrary code. In order for this
vulnerability to be exploited, mpg321 would need to play a malicious
mp3 file (including via HTTP streaming). |
| Alerts: |
|
Comments (none posted)
mplayer: remotely exploitable buffer overflow vulnerability
| Package(s): | mplayer |
CVE #(s): | CAN-2003-0835
|
| Created: | September 29, 2003 |
Updated: | April 6, 2004 |
| Description: |
A remotely exploitable buffer overflow vulnerability was found in
MPlayer. A malicious host can craft a harmful ASX header, and trick MPlayer
into executing arbitrary code upon parsing that header. Read the full advisory
for details. |
| Alerts: |
|
Comments (none posted)
mutt: buffer overflow
| Package(s): | mutt |
CVE #(s): | CAN-2004-0078
|
| Created: | February 11, 2004 |
Updated: | March 26, 2004 |
| Description: |
mutt suffers from a buffer overflow in its "index menu" code. This overflow can be exploited via a hostile message to crash mutt and, perhaps, execute arbitrary code. Version 1.4.2 fixes the problem; see this advisory for details. |
| Alerts: |
|
Comments (none posted)
Nessus NASL scripting engine security issues
| Package(s): | nessus |
CVE #(s): | |
| Created: | May 27, 2003 |
Updated: | August 12, 2004 |
| Description: |
Some some vulnerabilities exsist in the Nessus NASL scripting engine. To
exploit these flaws, an attacker would need to have a valid Nessus account
as well as the ability to upload arbitrary Nessus plugins in the Nessus
server (this option is disabled by default) or he/she would need to trick a
user somehow into running a specially crafted nasl script. Read the full
advisory for additional information. |
| Alerts: |
|
Comments (none posted)
netpbm: insecure temporary files
| Package(s): | netpbm |
CVE #(s): | CAN-2003-0924
|
| Created: | January 19, 2004 |
Updated: | December 29, 2004 |
| Description: |
netpbm is graphics conversion toolkit made up of a large number of
single-purpose programs. Many of these programs were found to create
temporary files in an insecure manner, which could allow a local
attacker to overwrite files with the privileges of the user invoking a
vulnerable netpbm tool. |
| Alerts: |
|
Comments (1 posted)
nfs-utils xlog() off-by-one bug
| Package(s): | nfs-utils |
CVE #(s): | CAN-2003-0252
|
| Created: | July 14, 2003 |
Updated: | March 8, 2004 |
| Description: |
Linux NFS utils package contains remotely exploitable off-by-one bug.
A local or remote attacker could exploit this vulnerability by sending
specially crafted request to rpc.mountd daemon. See this BugTraq post for more details. |
| Alerts: |
|
Comments (none posted)
openssh: timing attack leads to information disclosure
| Package(s): | openssh |
CVE #(s): | CAN-2003-0190
|
| Created: | May 2, 2003 |
Updated: | November 30, 2004 |
| Description: |
From the advisory:
"During a pen-test we stumbled across a nasty bug in OpenSSH-portable
with PAM support enabled (via the --with-pam configure script switch). This
bug allows a remote attacker to identify valid users on vulnerable systems,
through a simple timing attack. The vulnerability is easy to exploit and
may have high severity, if combined with poor password policies and other
security problems that allow local privilege escalation." |
| Alerts: |
|
Comments (1 posted)
perl information leak
| Package(s): | perl |
CVE #(s): | CAN-2003-0618
|
| Created: | February 2, 2004 |
Updated: | April 21, 2004 |
| Description: |
Paul Szabo discovered a number of bugs in suidperl, a helper
program to run perl scripts with setuid privileges. By exploiting
these bugs, an attacker could abuse suidperl to discover information
about files (such as testing for their existence and some of their
permissions) that should not be accessible to unprivileged users. |
| Alerts: |
|
Comments (none posted)
postfix: denial of service vulnerabilities
| Package(s): | postfix |
CVE #(s): | CAN-2003-0468
CAN-2003-0540
|
| Created: | August 5, 2003 |
Updated: | May 27, 2004 |
| Description: |
The postfix MTA, versions through 1.1.12 (but not 2.0) is subject to two remotely exploitable denial of service vulnerabilities; see this advisory from Michal Zalewski for details. |
| Alerts: |
|
Comments (none posted)
rsync - remotely exploitable heap overflow
| Package(s): | rsync |
CVE #(s): | CAN-2003-0962
|
| Created: | December 4, 2003 |
Updated: | March 3, 2004 |
| Description: |
An advisory has gone out warning of a
remotely exploitable heap overflow vulnerability in rsync versions 2.5.6
and prior. If you are running an rsync server, you will want to apply a
distributor patch or upgrade to 2.5.7 in the near future. |
| Alerts: |
|
Comments (none posted)
screen: privilege escalation
| Package(s): | screen |
CVE #(s): | CAN-2003-0972
|
| Created: | November 28, 2003 |
Updated: | March 3, 2004 |
| Description: |
According to
this advisory a buffer overflow in GNU screen allows privilege
escalation for local users. Usually screen is installed either setgid-utmp
or setuid-root.
It also has some potential for remote attacks or getting control of another
user's screen. The problem is that you have to transfer around 2-3 gigabytes
of data to user's screen to exploit this vulnerability. 4.0.1, 3.9.15 and
older versions are vulnerable. |
| Alerts: |
|
Comments (none posted)
File overwrite vulnerability in tar and unzip
| Package(s): | tar unzip |
CVE #(s): | CAN-2001-1267
CAN-2001-1268
CAN-2001-1269
CAN-2002-0399
|
| Created: | October 1, 2002 |
Updated: | April 9, 2006 |
| Description: |
The tar utility does not properly filter file names containing
"../", meaning that a hostile archive can, if unpacked by an
unsuspecting user, overwrite any file that is writable by that user. GNU
tar versions 1.13.19 and earlier are vulnerable; unzip through version 5.42
has the same vulnerability. |
| Alerts: |
|
Comments (1 posted)
tcpdump: flaws in the ISAKMP decoding routines
| Package(s): | tcpdump |
CVE #(s): | CAN-2003-0989
CAN-2004-0057
CAN-2004-0055
|
| Created: | January 15, 2004 |
Updated: | April 6, 2004 |
| Description: |
George Bakos discovered flaws in the ISAKMP decoding routines of tcpdump
versions prior to 3.8.1. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2003-0989 to this issue.
Jonathan Heusser discovered two additional flaws in the ISAKMP decoding
routines of tcpdump versions up to and including 3.8.1. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0057 to this issue.
Jonathan Heusser discovered a flaw in the print_attr_string function in the
RADIUS decoding routines for tcpdump 3.8.1 and earlier. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0055 to this issue.
Remote attackers could potentially exploit these issues by sending
carefully-crafted packets to a victim. If the victim uses tcpdump, these
packets could result in a denial of service, or possibly execute arbitrary
code as the 'pcap' user. |
| Alerts: |
|
Comments (none posted)
Multiple vendor telnetd vulnerability
| Package(s): | telnet Telnet netkit-telnet-ssl kerberos telnetd netkit-telnet nkitb/nkitserv/telnetd krb5 |
CVE #(s): | |
| Created: | May 21, 2002 |
Updated: | October 5, 2004 |
| Description: |
This vulnerability,
originally thought to be confined to BSD-derived systems, was first covered
in the July 26th Security
Summary. It is now known that Linux telnet daemons are vulnerable as
well.
|
| Alerts: |
|