LWN.net Logo

Advertisement

E-Commerce & credit card processing - the Open Source way!

Advertise here

LWN.net Weekly Edition for May 6, 2004

The Grumpy Editor's guide to diagram editors

Let it be said up front: your editor is not an artist. He is, however, given to the creation of simple diagrams for the explanation of data structures, algorithms, etc. [Diagram example] See, for example, the diagram to the right, which comes from the kobject introduction in the Driver Porting Series. These images can be a useful form of hand waving when complex subjects are being discussed.

Back in the Golden Age of Proprietary Unix (around SunOS 3 or 4, say), there weren't a whole lot of tools available for image editing. If you youngsters out there want to get a feel for how desperate those times could be, consider this: we often had to resort to tools like the LaTeX picture mode to create drawings in digital form. Happily, things have gotten better since then.

Things aren't enough better, however, that your editor has stopped keeping an eye out for a better tool. This article is an attempt at summarizing the current state of the art in free drawing editors. The emphasis here is very much on the creation of diagrams and technical drawings; we'll not be looking for the best tool for the creation of birthday party invitations, pneumatic science fiction art, obnoxious animated banner ads, or beautiful but incomprehensible icons. Your editor is trying to get some work done and needs a diagram editor which doesn't drive him nuts.

idraw

For the first stop, we might as well complete the history lesson. Back in the early days of X11, there were many efforts to produce The One Toolkit which would unify the desktop. Actually, that situation hasn't changed a whole lot in 15 years. One of the early efforts was a C++ framework called InterViews. InterViews failed to change the world directly, though many of its ideas and lessons have lived on in the design patterns community and in projects like Fresco.

InterViews did, however, produce a drawing tool named idraw, which, for years, was the definitive free drawing package. It combined full functionality (for the time) with a well-thought-out interface and a nice set of keyboard shortcuts. Creating drawings with idraw was a quick and painless process. idraw stored its output as PostScript files, making the drawings easy to print and the quality relatively good.

One might think that idraw's day has passed, given that the InterViews team has not produced a release in over ten years. As it turns out, however, there is a project (called ivtools) which is dedicated to the maintenance and improvement of the InterViews toolkit and associated tools. Releases are rare, but ivtools-1.0.4 came out last February. That said, the simple fact is that idraw's time has passed. This program has had little in the way of development for over a decade, it can't export to interesting image file formats, it has no concept of layers, it depends on a large toolkit that nobody uses, and it is a major unpleasant pain to install. InterViews was an important step toward where we are today, but even a grumpy editor sees the need to move beyond the 1980's and look at what is being hacked on now.

XFig

[XFig] Another tool with a long history is XFig. It shows many of the distinguishing characteristics of an early X11 program (though it actually had its start with SunView): home-brewed widgets, unique keyboard and mouse conventions, etc. It is, however, a highly capable tool. XFig supports most of the features one would expect from this sort of utility, though they can sometimes be hard to find. It has a sort of layer support (it works by assigning a numeric "depth" to every object), can export to any format one could imagine, allows the creation of libraries of customized objects, etc. XFig understands attachment points: when told to, it will stretch lines which connect objects to each other to keep those connections when an object is moved.

On the down side, XFig can only undo the most recent operation. Its keyboard shortcuts are like those of no other application, and will take some getting used to. The interface is highly modal; XFig's window includes an area saying what the three mouse buttons will do at any given time for a reason. Grouping objects, for example, requires selecting the group "tool," selecting individual objects with the left button or picking the corners of rectangles with middle button, then completing the operation with the right button. Your editor's biggest problem with XFig, however, is the quality of its image output. He might not be an artist, but he would still rather see his work rendered with nice fonts and antialiased lines. XFig's output prints nicely, but does not work as well on the web; given that XFig is oriented toward tasks like the production of complicated circuit diagrams, that is not entirely surprising.

Tgif

Tgif boasts a release history going back to 1990; recent releases appear to be coming about once [Tgif] per year. This tool resembles XFig in a number of ways; it, too, features home-brew widgets and a unique interface. Tgif does have a more conventional set of keyboard bindings, at least; Control-S will save the current file, for example. Tgif's interface includes a sort of control panel where one can spend a long time cycling through the various options (font sizes, colors, fill patterns, etc.); fortunately, the menus provide a quicker way of setting these attributes. Attachments are supported, making the rearranging of diagrams easy.

Tgif does not support layers, which is a major disadvantage. Actually, that is not quite true: it does have a "color layers" mode where each color is rendered into a separate layer. This mode may be useful for certain types of printed output, or for certain types of drawings (schematic diagrams, perhaps) where objects in different colors really should be separated. Tgif also allows drawings to have multiple pages; among other things, these can be used to create animated GIF images. Your editor would gladly trade both capabilities for a decent layering mechanism.

Tgif has a set of image editing functions that might have been better left to the Gimp. What it does not have, alas, is antialiased image output. Actually, exporting to images is strange in general; one must set the "print format" to the desired image format, then "print" the diagram. The image will be created without prompting for a name, and without regard to any file which may have already existed with the chosen name. Documentation for Tgif is sparse as well.

OpenOffice.org

OpenOffice.org comes with a drawing tool which has been getting more capable over time. [OpenOffice] As one might expect, it has almost every function imaginable, including 3D effects, a library of tiled background images, attachments, etc. OpenOffice may well be the only free drawing editor which performs spell-checking. It supports layers, though the interface to layers is clunky at best. Your editor must confess that OpenOffice tends to drive him nuts. It can reset drawing attributes at unexpected times, it never remembers what image format you exported to, and it is generally not the fastest application on the processor. OpenOffice is a sort of Swiss Army Knife; it can perform almost any function, but, for any given function, it tends not to perform as well as a more focused tool.

OpenOffice will export to an unbelievable number of formats, including (perhaps uniquely) PDF. When your editor exported to PNG, however, he got the same old jagged lines. OpenOffice also exports a full page image, while most other drawing editors will create an image which fits the drawing.

All of the above notwithstanding, OpenOffice.org's editor is a worthwhile addition to the Linux desktop.

Karbon14

Once upon a time, KDE had a program called Killustrator. The name ran into trademark problems, which were circumvented by renaming the tool "Kontour." [Karbon14] But then the developers stopped working on Kontour, and that problem proved harder to get around. So now, instead, the KDE project is pushing a tool called Karbon14; it can be found in KDE 3.2.

Karbon14 appears to be aimed at more artistic uses; it thus lacks some of the features (snap to grid, attachments, arrow drawing) which are useful for diagram creation. On the other hand, it has tools for drawing gradients and drop shadows, as well as more dubious features like the "star" and "spiral" tools. Karbon supports layers, but seems to want to put every object into its own layer. It has a multi-level undo feature. There is also a plugin mechanism for the addition of special effects.

Unfortunately, what Karbon14 also has is lots of bugs. Your editor, who tried both the Fedora Core 2 Test 3 and Debian unstable builds, found the tool easy to crash. The "zoom tool" can put it into an infinite loop. Drawing polylines can produce hallucinogenic results. Text drawing was never seen to work on either system. An attempt to export to PNG yielded a solid black image - that is one way to get rid of aliasing problems, but the results are not very helpful for web publication.

In all fairness, one should note that Karbon14 is currently at version 0.1. This tool has the potential to evolve into a capable, highly-featured drawing editor. But it's not yet ready for a grumpy editor's desktop.

Dia

[Dia] GNOME's entry in the diagram editor category is dia. This tool, currently at version 0.93 (released without fanfare on May 1), has been no stranger to obnoxious bugs in the past, but it has stabilized nicely over the last year or so. It is, at the moment, your editor's diagram editor of choice.

Dia is clearly oriented toward the creation of diagrams. It has snap-to-grid, layers, attachments, and several libraries of objects for schematics, flowcharts, UML diagrams, etc. On the other hand, it lacks gradient editors, 3D swirl generators, shadows, and fancy background clip-art. Dia does beautiful antialiasing, both on-screen and in image exports. On the other hand, control of object attributes is inconsistent and sometimes hard to find. Rectangle filling is controlled by double-clicking on the rectangle tool icon; control of arrowhead dimensions is, instead, obtained by selecting "details" at the end of a long list of possible arrow types. Alignment and grouping operations require navigating through a series of cascading menus; some keyboard shortcuts would be nice here.

Dia also has a reasonably comprehensive set of configuration options, which is always a nice surprise in a GNOME application. For example, it is possible to turn off the "switch back to the select tool after every operation" mode that seems to be so popular in modern interfaces, but which your editor finds obnoxious. Dia features a Gimp-style right-button menu which provides access to everything, but that menu can be replaced with a toolbar by tweaking the appropriate preference.

In conclusion...

A few other packages are worth a quick mention:

  • Xdraft looks like an attempt to make a serious free drafting application. Unfortunately, it also looks like it has gone idle over the last year.

  • Sodipodi is a well-advanced vector drawing package. It is aimed more at artists than creators of cheap diagrams, however, so it has not been reviewed in detail here.

  • If you wander deeply enough into the Gimp's menus, you'll find GFig, which appears to be an attempt to graft some vector drawing operations into that utility. GFig may work for adding certain effects to images, but it still doesn't turn the Gimp into a drawing editor; the Gimp has many strengths, but this is not one of them.

As this survey shows, the free software community offers a wealth of diagram editing tools. Many of them have reached a reasonable level of maturity though, like people, they are aging in different ways. These applications are seeing substantial development and are evolving quickly. Before long, the community should have some of the best tools available anywhere. Grumpy creators of hand-waving diagrams everywhere should rejoice.

Comments (58 posted)

Fighting software patents: a report from Brussels

May 5, 2004

This article was contributed by Tom Chance.

"Power to the Parliament" is not a typical slogan for any demonstration, but when the demonstrators are predominantly young businessmen and programmers, you can be sure something new is happening. In response to legislation concerning software patents, hackers and entrepreneurs across the EU, and in nations just joining the EU, have come together first to convince Parliament of their cause, and now to defend Parliament against the European Commission and Council. Last week saw a demonstration and a series of conferences that mark a watershed in the political organization and awareness among the members of this new movement; GNU/Linux user groups, hackers from MPlayer, consultants from MySQL, activists from the FFII, UKCDR, APRIL, FSF Europe and more hackers, journalists and bemused bystanders met to talk not about code but about politics, and without any trolls in sight.

First, a little background for context. Last year saw the Foundation for a Free Information Infrastructure's (FFII) campaign against software patents take center stage in the hacker world as the European Parliament began to debate the issue. After frenzied lobbying in late August and September, an amended piece of legislation was passed, explicitly banning software patents.

But the victory was short-lived, as the European Council and Commission took the bill and published their interpretation, removing all of the amendments the anti-software patent activists fought so hard for. A lot of EU legislation goes through this sort of complex procedure, known as "co-decision", where the legislative and executive branches both develop the legislation.

On the morning of Wednesday, April 14, a demonstration launched two days of protests and discussion to counter the Council and Commission's position. The demonstration itself was a visual but low-key event, with between 500 and 800 people marching around Brussels with yellow balloons, banners and a few sandwich boards. The march culminated with a pantomime outside the European Commission, satirizing the Commission's tendency to listen to big business (principally Nokia) rather than Small and Medium Enterprises and individuals; there was also a human chain and an en-mass balloon release.

Almost as soon as it had finished, we entered the European Parliament for the conference on software patents, organized by the FFII and the International Institute of Infonomics. The purpose of the conference was to bring key activists, MEPs and experts together to continue the discussion of software patents in Europe, and to try to measure the effects of the two competing legislations (Parliament's and the Council's).

The first panel, discussing "Recent Developments in Granting and Use of ICT Patents", gave software patent experts, business owners and activists a chance to clarify the extent of patent granting and the effects it has already had on business in Europe. The presentations were informative, though not controversial for the majority of the participants; they indicated that approximately 20,000 software patents have been granted in Europe, and that, though unenforceable, they have already done considerable damage to many small businesses. Most of the problems seemed to be caused by companies needing to file software patents as a means of defense against litigation, and to counter other companies' patent portfolios.

The second panel, discussing "EU Legislation Benchmarking: Parliament's vs Council's version of Software Patent Directive" was perhaps more interesting. Sitting next to anti-software patent law scholars and activists were representatives from the European Commission and the European Patent Office (EPO). The law scholars and activists described, from an academic rather than a pragmatic point of view, why software is un-patentable, and why the software industry doesn't even need them. Then we listened to the EPO claim that they didn't file any software patents, and that they saw the legislation as a clarifying exercise, and the Commission claim, with little substantial argument or empirical evidence, that their legislation would help the industry. Commission representatives also implied, amazingly, that the legislative process in this case ought to aim to settle the issue soon rather than take the time to approach the problem more carefully.

The third and final panel discussed "Competitivity of Knowledge Economies", and gave MEPs and economists the chance to present their views on where software patents lie in the broader picture of Europe's "ICT economy". Moving away from arguments about software patents per se, they presented various analyses of how European industry might lose out in the future if software patents were introduced.

The next day, we attended a second conference, organized by the FFII and the Green-EFA Alliance, focusing on the place of free software in Europe in general. The day opened at 9am with a series of presentations from GNU/Linux User Groups (G/LUGs) from around Europe, explaining to the many MEPs, Parliamentary assistants and other outsiders what G/LUGs are, what they do, what free software is, and how the free software community works. In contrast to the previous day's conference, there was a good opportunity for discussion, and many activists got the opportunity to discuss how G/LUGs can improve their relationships with each other, and with the EU.

Following this, there was a rather anarchic installfest. Various MEPs had Mandrake Linux installed on their PCs, while the rest of the conference's participants milled around talking to each other, and in my case, phoning more MEPs for meetings.

The conference reconvened after lunch, for three more panels. The first was on "Fair Use / Copie Privée, and proved, for the geeks in the room, far more familiar. A lawyer from the EFF, Jon Lech Johansen (DeCSS) and a lawyer from Test-Achat, a Belgian civil rights group, discussed with the floor the state of "fair use" law within the EU, touching on DVDs, audio CDs and DRM in general. Aside from general discussion, we were treated to a brief exchange between the EFF and a person defending Blizzard's case against bnetd.

The second and third panels continued in much the same vein, discussing free and open source software in Europe. The afternoon produced a growing consensus that we ought to be pushing for Free Software in the public sector across Europe far harder, and seemed to bolster the support from MEPs. By the end of the conference, most seemed considerably more excited by the future than before.

But aside from the many discussions, it is important to ask: what did the two days achieve? We cannot defeat the European Commission and Council over software patents, and place Free Software at the heart of Europe's ICT economy, with words alone. Fortunately, though no major tangible breakthroughs were made, the community came away with a lot of substantial work done, and some good plans for the future.

G/LUGs across Europe, through Eurolinux and the FFII's mailing lists, will be drafting strategies to work together to promote Free Software more effectively, drawing on each others' successes. A first draft of such a document was written during the conference, and translated into two or three languages by willing hackers. The FFII is now leading a project tentatively called the MEP Toolbox, to develop a comprehensive database of MEP's positions on important digital rights issues, and an accompanying lobbying guide for inexperienced hackers. And, as a personal measure of its success, during the recent Linux User & Developer Expo in London, the FFII-UK, the UKCDR and the AFFS got their heads together (one of which being mine) to work out a more effective strategy of cooperation and campaigning.

So long as the enthusiasm can be maintained, and promises and ideas developed in Brussels can be turned into concrete deeds, the future in Europe certainly looks a lot brighter than it did a few weeks ago. We may have the beginnings of a Europe-wide movement that can effectively tackle digital rights issues, and push Free Software. We just need to ensure we don't renege on our promises.

Comments (12 posted)

Page editor: Jonathan Corbet

Security

82% of email is spam

According to this eSecurity Planet article, 82% of all email which was sent in April was spam. That is the highest level ever measured - so far. Informal measurements here at LWN suggest that the 82% figure could even be a little low; some of our accounts here are receiving well over 1200 spams per day.

The cost of this endless stream of garbage is eventually going to push some part of the system to the breaking point. And the results may not be good. As the spam problem gets worse, most email users will be willing to accept almost anything from their ISPs or legislators which promises to improve things. It would not be surprising to see power grabs coming from several directions as the usual cynical forces try to take advantage of the situation. Are we ready for a world of centralized email systems, proprietary protocols which limit bulk mailing to "authorized" merchants, and new laws giving governments power to monitor and restrict email content?

If we're not ready for those things, we're going to have to think again about how to fight this problem. Filtering can be highly effective, but it does little for many of the costs of spam, including bandwidth usage and compromised servers. Filtering also does not work for all users. Somehow, a way must be found to keep spammers and their output off the net. If we can't come up with a way to do that which preserves the freedoms that have made the net what it is, we're likely to see rather less palatable attempted solutions imposed by others.

Comments (54 posted)

New vulnerabilities

eterm: command execution

Package(s):eterm CVE #(s):CAN-2003-0068
Created:April 29, 2004 Updated:May 5, 2004
Description: eterm has a vulnerability in which escape codes can be inserted by an attacker to cause the user to execute malicious commands.
Alerts:
Debian DSA-496-1 2004-04-29

Comments (none posted)

flim: insecure file creation

Package(s):flim CVE #(s):CAN-2004-0422
Created:May 5, 2004 Updated:December 16, 2004
Description: The emacs "flim" mode creates temporary files in an insecure fashion, possibly allowing a local attacker to overwrite files.
Alerts:
Fedora FEDORA-2004-546 2004-12-15
Red Hat RHSA-2004:344-01 2004-08-18
Debian DSA-500-1 2004-05-01

Comments (none posted)

kolab: password disclosure

Package(s):kolab CVE #(s):
Created:May 5, 2004 Updated:May 27, 2004
Description: Kolab stores passwords in plain text format, and these passwords can read from the underlying LDAP database. See this advisory for more information.
Alerts:
Mandrake MDKSA-2004:052 2004-05-26
OpenPKG OpenPKG-SA-2004.019 2004-05-05

Comments (3 posted)

LHA: stack buffer overflows and directory traversal flaws

Package(s):LHA CVE #(s):CAN-2004-0234 CAN-2004-0235
Created:April 30, 2004 Updated:June 11, 2004
Description: LHA is an archiving and compression utility for LHarc format archives. Ulf Harnhammar discovered two stack buffer overflows and two directory traversal flaws in LHA. See this advisory+patch for more details.

CAN-2004-0234: An attacker could exploit the buffer overflows by creating a carefully crafted LHA archive in such a way that arbitrary code would be executed when the archive is tested or extracted by a victim.

CAN-2004-0235: An attacker could exploit the directory traversal issues to create files as the victim outside of the expected directory.

Alerts:
Whitebox WBSA-2004:178-01 2004-06-10
Debian DSA-515-1 2004-06-05
Red Hat RHSA-2004:178-01 2004-05-26
Fedora FEDORA-2004-119 2004-05-11
Gentoo 200405-02 2004-05-09
Conectiva CLA-2004:840 2004-05-06
Slackware SSA:2004-125-01 2004-05-04
Red Hat RHSA-2004:179-01 2004-04-30

Comments (2 posted)

libpng: denial of service vulnerability.

Package(s):libpng CVE #(s):CAN-2004-0421
Created:April 29, 2004 Updated:June 11, 2004
Description: The PNG library can accesses memory that is out of bounds when creating an error message, this can be exploited by a malformed PNG image file.
Alerts:
Whitebox WBSA-2004:180-01 2004-06-10
Red Hat RHSA-2004:180-01 2004-05-19
Gentoo 200405-06 2004-05-14
Fedora FEDORA-2004-106 2004-05-05
Fedora FEDORA-2004-105 2004-05-05
Slackware SSA:2004-124-04 2004-05-02
Red Hat RHSA-2004:181-01 2004-04-30
Trustix TSLSA-2004-0025 2004-04-30
Debian DSA-498-1 2004-04-30
Mandrake MDKSA-2004:040 2004-04-29
OpenPKG OpenPKG-SA-2004.017 2004-04-29

Comments (none posted)

mc: multiple vulnerabilities

Package(s):mc CVE #(s):CAN-2004-0226 CAN-2004-0231 CAN-2004-0232
Created:April 29, 2004 Updated:May 26, 2004
Description: Midnight Commander has multiple vulnerabilities including buffer overflows, insecure temp files, and format string problems.
Alerts:
Gentoo 200405-21 2004-05-26
Red Hat RHSA-2004:172-01 2004-05-19
Slackware SSA:2004-136-01 2004-05-14
SuSE SuSE-SA:2004:012 2004-05-14
Red Hat RHSA-2004:173-01 2004-04-30
Mandrake MDKSA-2004:039 2004-04-29
Debian DSA-497-1 2004-04-29

Comments (none posted)

proftpd privilege escalation

Package(s):proftpd CVE #(s):
Created:April 30, 2004 Updated:May 19, 2004
Description: A portability workaround was applied in version 1.2.9 of the FTP server ProFTPD. As a side-effect, CIDR based (aaa.bbb.ccc.ddd/NN) ACL entries in "Allow" and "Deny" directives act like an "AllowAll" directive and so FTP clients are granted access to files and directories although the server configuration might explicitly deny this. See this bug report.
Alerts:
Gentoo 200405-09 2004-05-19
Mandrake MDKSA-2004:041 2004-04-30
OpenPKG OpenPKG-SA-2004.018 2004-04-30

Comments (none posted)

rsync remote file write attack

Package(s):rsync CVE #(s):CAN-2004-0426
Created:April 30, 2004 Updated:July 12, 2004
Description: See the rsync homepage for the April 2004 advisory: "There is a security problem in all versions prior to 2.6.1 that affects only people running a read/write daemon WITHOUT using chroot. If the user privs that such an rsync daemon is using is anything above "nobody", you are at risk of someone crafting an attack that could write a file outside of the module's "path" setting (where all its files should be stored). Please either enable chroot or upgrade to 2.6.1. People not running a daemon, running a read-only daemon, or running a chrooted daemon are totally unaffected."
Alerts:
Gentoo 200407-10 2004-07-12
Fedora FEDORA-2004-116 2004-07-01
Whitebox WBSA-2004:192-01 2004-06-10
Debian DSA-499-2 2004-06-02
OpenPKG OpenPKG-SA-2004.025 2004-05-21
Red Hat RHSA-2004:192-01 2004-05-19
Mandrake MDKSA-2004:042 2004-05-10
Slackware SSA:2004-124-01 2004-05-02
Debian DSA-499-1 2004-05-01
Trustix TSLSA-2004-0024 2004-04-29

Comments (none posted)

samba: local root and symlink vulnerabilities

Package(s):samba CVE #(s):
Created:April 29, 2004 Updated:May 5, 2004
Description: Two vulnerabilities in Samba have been found. Smbfs has a setuid root exploit problem, and smbprint has a tempfile symlink vulnerability.
Alerts:
Netwosix NW-2004-0013 2004-05-01
Gentoo 200404-21 2004-04-29

Comments (none posted)

sysklogd: heap overflow

Package(s):sysklogd CVE #(s):
Created:April 29, 2004 Updated:May 5, 2004
Description: Sysklogd has a memory allocation vulnerability that can allow a malicious attacker to write to unallocated memory and crash sysklogd.
Alerts:
Slackware SSA:2004-124-02 2004-05-02
Mandrake MDKSA-2004:038 2004-04-28

Comments (none posted)

xine-lib: malicious code execution

Package(s):xine-lib CVE #(s):CAN-2004-0433
Created:May 3, 2004 Updated:May 28, 2004
Description: A vulnerability exists in xine-lib where playing a specially crafted Real RTSP stream could run malicious code as the user playing the stream. More details can be found in this advisory. The problem has been fixed in xine-lib 1-rc4.
Alerts:
Gentoo 200405-24 2004-05-28
Slackware SSA:2004-124-03 2004-05-02

Comments (none posted)

Updated vulnerabilities

apache - denial of service in mod_ssl

Package(s):apache CVE #(s):CAN-2004-0113
Created:April 13, 2004 Updated:May 25, 2004
Description: A memory leak has been discovered in mod_ssl that may be triggered by sending normal HTTP requests to the Apache HTTPS port. An attacker can exploit this vulnerability to consume all memory available in the server, thus causing a denial of service condition. This problem has been fixed in Apache 2.0.49.
Alerts:
Fedora FEDORA-2004-117 2004-05-25
Mandrake MDKSA-2004:043 2004-05-10
Red Hat RHSA-2004:182-01 2004-04-30
Conectiva CLA-2004:839 2004-04-13

Comments (none posted)

cvs: client-side file overwrite vulnerability

Package(s):cvs CVE #(s):CAN-2004-0180
Created:April 14, 2004 Updated:May 18, 2004
Description: The cvs client is vulnerable to a pathname vulnerability which can allow a hostile server to overwrite files on the local system. The cvs server is subject to a similar vulnerability which allows the checkout of RCS archives anywhere on the server system. Versions 1.11.15 and 1.12.7 fix the problem.
Alerts:
Fedora FEDORA-2004-110 2004-04-22
Whitebox WBSA-2004:153-01 2004-04-19
Slackware SSA:2004-108-02 2004-04-17
Netwosix NW-2004-0011 2004-04-18
Debian DSA-486-1 2004-04-16
Gentoo 200404-13 2004-04-14
OpenPKG OpenPKG-SA-2004.013 2004-04-14
Red Hat RHSA-2004:153-01 2004-04-14
Red Hat RHSA-2004:154-01 2004-04-14
SuSE SuSE-SA:2004:008 2004-04-14
Mandrake MDKSA-2004:028 2004-04-14

Comments (none posted)

ethereal - multiple vulnerabilities

Package(s):ethereal CVE #(s):CAN-2004-0176 CAN-2004-0365 CAN-2004-0367
Created:March 29, 2004 Updated:June 2, 2004
Description: There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.3. More information can be found in this advisory from ethereal.com and in this Eye on Security advisory.
Alerts:
Debian DSA-511-1 2004-05-30
OpenPKG OpenPKG-SA-2004.015 2004-04-16
Red Hat RHSA-2004:137-01 2004-03-31
Mandrake MDKSA-2004:024 2004-03-30
Conectiva CLA-2004:835 2004-03-31
Red Hat RHSA-2004:136-01 2004-03-30
Netwosix NW-2004-0007 2004-03-29
Gentoo 200403-07 2004-03-28

Comments (none posted)

Filename disclosure vulnerability in fam

Package(s):fam CVE #(s):CAN-2002-0875
Created:August 19, 2002 Updated:January 5, 2005
Description: "fam" (file alteration monitor) watches files and directories for changes and lets interested applications know when something happens. This package has a flaw in its group handling that blocks some legitimate operations while, at the same time, exposing the names of files that should otherwise be invisible.
Alerts:
Red Hat RHSA-2005:005-01 2005-01-05
Debian DSA-154-1 2002-08-15

Comments (none posted)

gtkhtml: malformed messages cause crash

Package(s):gtkhtml CVE #(s):CAN-2003-0133 CAN-2003-0541
Created:April 14, 2003 Updated:April 18, 2005
Description: GtkHTML is the HTML rendering widget used by the Evolution mail reader.

GtkHTML supplied with versions of Evolution prior to 1.2.4 contain a bug when handling HTML messages. Alan Cox discovered that certain malformed messages could cause the Evolution mail component to crash.

Alerts:
Debian DSA-710-1 2005-04-18
Mandrake MDKSA-2003:093 2003-09-18
Conectiva CLA-2003:737 2003-09-12
Red Hat RHSA-2003:264-01 2003-09-09
Mandrake MDKSA-2003:046 2003-04-15
Red Hat RHSA-2003:126-01 2003-04-14

Comments (none posted)

ident2 buffer overflow

Package(s):ident2 CVE #(s):CAN-2004-0408
Created:April 22, 2004 Updated:April 28, 2004
Description: Jack <jack -AT- rapturesecurity.org> discovered a buffer overflow in ident2, an implementation of the ident protocol (RFC1413), where a buffer in the child_service function was slightly too small to hold all of the data which could be written into it. This vulnerability could be exploited by a remote attacker to execute arbitrary code with the privileges of the ident2 daemon (by default, the "identd" user).
Alerts:
Debian DSA-494-1 2004-04-21

Comments (none posted)

iproute: local denial of service

Package(s):iproute net-tools CVE #(s):CAN-2003-0856
Created:November 25, 2003 Updated:December 14, 2004
Description: The iproute utility is susceptible to spoofed netlink messages sent by local users, with the result that denial of service attacks are possible.
Alerts:
Mandrake MDKSA-2004:148 2004-12-13
Fedora FEDORA-2004-154 2004-06-03
Fedora FEDORA-2004-115 2004-05-11
Debian DSA-492-1 2004-04-18
Gentoo 200404-10 2004-04-09
Red Hat RHSA-2003:316-01 2003-11-24

Comments (none posted)

racoon: failure to verify signatures

Package(s):ipsec-tools racoon CVE #(s):CAN-2004-0155
Created:April 7, 2004 Updated:August 19, 2004
Description: Versions of ipsec-tools prior to 0.2.5 contain a vulnerability wherein the racoon utility fails to verify digital signatures on some packets. This hole can lead to unauthorized connections or man-in-the-middle attacks. See this advisory for details.
Alerts:
Whitebox WBSA-2004:308-01 2004-08-19
Mandrake MDKSA-2004:027 2004-04-08
Gentoo 200404-05 2004-04-07

Comments (none posted)

racoon: denial of service vulnerability

Package(s):ipsec-tools racoon iputils CVE #(s):CAN-2004-0403
Created:April 26, 2004 Updated:July 29, 2004
Description: racoon does not check the length of ISAKMP headers. Attackers may be able to craft an ISAKMP header of sufficient length to consume all available system resources, causing a Denial of Service. This advisory contains additional details.
Alerts:
Red Hat RHSA-2004:308-01 2004-07-29
Mandrake MDKSA-2004:069 2004-07-14
Fedora FEDORA-2004-197 2004-06-28
Whitebox WBSA-2004:165-01 2004-06-10
Fedora FEDORA-2004-132 2004-05-19
Red Hat RHSA-2004:165-01 2004-05-11
Gentoo 200404-17 2004-04-24

Comments (none posted)

kdelibs: cookie disclosure

Package(s):kdelibs CVE #(s):CAN-2003-0592
Created:March 10, 2004 Updated:August 24, 2004
Description: kdelibs (and, thus, Konqueror) has a vulnerability where a hostile server can force the disclosure of cookies that should not be presented to it. KDE versions 3.1.3 and later contain a fix.
Alerts:
Gentoo 200408-23 2004-08-24
Red Hat RHSA-2004:074-01 2004-03-10
Red Hat RHSA-2004:075-01 2004-03-10
Mandrake MDKSA-2004:022 2004-03-10
Debian DSA-459-1 2004-03-10

Comments (none posted)

kdepim: VCF file information reader vulnerability

Package(s):kdepim CVE #(s):CAN-2003-0988
Created:January 15, 2004 Updated:May 26, 2004
Description: KDE has issued a security advisory for all versions of kdepim as distributed with KDE versions 3.1.0 through 3.1.4 inclusive. A carefully crafted .VCF file potentially enables local attackers to compromise the privacy of a victim's data or execute arbitrary commands with the victim's privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0988 to this issue.
Alerts:
Fedora FEDORA-2004-133 2004-05-19
Gentoo 200404-02 2004-04-06
Whitebox WBSA-2004:005-01 2004-02-12
Conectiva CLA-2004:810 2004-01-20
Slackware SSA:2004-014-01 2004-01-14
Mandrake MDKSA-2004:003 2004-01-14
Red Hat RHSA-2004:006-01 2004-01-07

Comments (none posted)

kernel: symlink overflow in the iso9660 filessytem

Package(s):kernel CVE #(s):CAN-2004-0109
Created:April 14, 2004 Updated:July 15, 2004
Description: The 2.4 and 2.6 kernels contain a vulnerability in the iso9660 (CDROM) filesystem which can be used by a local attacker to obtain root privileges. The exploit requires creating a specially-crafted filesystem and getting the kernel to mount it. Many systems are configured to automatically mount CDs on insertion, however, so the possibility of this vulnerability being exploited by users with physical access to the system is real. The 2.4.26 kernel contains the fix, which will also be merged into the upcoming 2.6.6 release.
Alerts:
Conectiva CLA-2004:846 2004-07-15
Red Hat RHSA-2004:106-01 2004-04-21
Red Hat RHSA-2004:105-01 2004-04-21
Debian DSA-489-1 2004-04-17
Debian DSA-491-1 2004-04-17
Debian DSA-479-2 2004-04-14
SuSE SuSE-SA:2004:009 2004-04-14
Mandrake MDKSA-2004:029 2004-04-14
Fedora FEDORA-2004-101 2004-04-14
Debian DSA-482-1 2004-04-14
Debian DSA-481-1 2004-04-14
Debian DSA-480-1 2004-04-14
Debian DSA-479-1 2004-04-14

Comments (none posted)

kernel - root exploit in MCAST_MSFILTER

Package(s):kernel CVE #(s):CAN-2004-0424
Created:April 22, 2004 Updated:June 11, 2004
Description: A locally exploitable integer overflow has been found the multicast code of the Linux kernel versions 2.4.22 to 2.4.25 and 2.6.1 - 2.6.3. A successful exploit could lead to full superuser privileges.
Alerts:
Whitebox WBSA-2004:183-01 2004-06-10
SuSE SuSE-SA:2004:010 2004-05-05
Slackware SSA:2004-119-01 2004-04-28
Mandrake MDKSA-2004:037 2004-04-27
Red Hat RHSA-2004:183-01 2004-04-22
Fedora FEDORA-2004-111 2004-04-22
Trustix TSLSA-2004-0022 2004-04-21

Comments (1 posted)

Linux kernel 2.2.10 failing function and TLB flush vulnerability

Package(s):kernel-source-2.2.10 CVE #(s):CAN-2004-0077
Created:March 18, 2004 Updated:June 4, 2004
Description: A local root exploit is possible due to early flushing of the TLB.
Alerts:
Debian DSA-514-1 2004-06-04
Debian DSA-466-1 2004-03-18

Comments (none posted)

kernel-utils: setuid vulnerability

Package(s):kernel-utils CVE #(s):CAN-2003-0019
Created:February 7, 2003 Updated:January 21, 2005
Description: The kernel-utils package contains several utilities that can be used to control the kernel or machine hardware. In Red Hat Linux 8.0 this package contains user mode linux (UML) utilities.

The uml_net utility in kernel-utils packages with Red Hat Linux 8.0 was incorrectly shipped setuid root. This could allow local users to control certain network interfaces, add and remove arp entries and routes, and put interfaces in and out of promiscuous mode.

All users of the kernel-utils package should update to these packages that contain a version of uml_net that is not setuid root.

Alternatively, as a work-around to this vulnerability issue the following command as root:

chmod -s /usr/bin/uml_net

Alerts:
Red Hat RHSA-2003:056-08 2003-02-07

Comments (none posted)

LCDproc: Buffer overflows and format string vulnerabilities

Package(s):LCDproc CVE #(s):
Created:April 27, 2004 Updated:April 28, 2004
Description: Due to insufficient checking of client-supplied data, the LCDd server is susceptible to two buffer overflows and one string buffer vulnerability. If the server is configured to listen on all network interfaces (see the Bind parameter in LCDproc configuration), these vulnerabilities can be triggered remotely.
Alerts:
Gentoo 200404-19 2004-04-27

Comments (none posted)

libpng, libpng3: buffer overflow

Package(s):libpng, libpng3 CVE #(s):CAN-2002-1363
Created:December 19, 2002 Updated:July 14, 2004
Description: Glenn Randers-Pehrson discovered a problem in connection with 16-bit samples from libpng, an interface for reading and writing PNG (Portable Network Graphics) format files. The starting offsets for the loops are calculated incorrectly which causes a buffer overrun beyond the beginning of the row buffer.
Alerts:
Gentoo 200407-06 2004-07-08
OpenPKG OpenPKG-SA-2004.030 2004-07-06
Mandrake MDKSA-2004:063 2004-06-29
Whitebox WBSA-2004:249-01 2004-06-21
Fedora FEDORA-2004-176 2004-06-18
Fedora FEDORA-2004-174 2004-06-18
Fedora FEDORA-2004-175 2004-06-18
Fedora FEDORA-2004-173 2004-06-18
Red Hat RHSA-2004:249-01 2004-06-18
Conectiva CLA-2003:564 2003-01-23
Mandrake MDKSA-2003:008 2003-01-20
OpenPKG OpenPKG-SA-2003.001 2003-01-15
Yellow Dog YDU-20030114-2 2002-01-14
SuSE SuSE-SA:2003:0004 2003-01-14
Red Hat RHSA-2003:006-06 2003-01-09
Debian DSA-213-1 2002-12-19

Comments (none posted)

libxml2 - arbitrary code execution

Package(s):libxml2 CVE #(s):CAN-2004-0110
Created:February 26, 2004 Updated:July 21, 2004
Description: Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing routines. These routines can overflow a buffer if passed a very long URL. If an attacker is able to find an application using libxml2 that parses remote resources and allows them to influence the URL, then this flaw could be used to execute arbitrary code.
Alerts:
Fedora-Legacy FLSA:1324 2004-07-19
Conectiva CLA-2004:836 2004-03-31
Gentoo 200403-01 2004-03-06
Trustix TSLSA-2004-0010 2004-03-05
OpenPKG OpenPKG-SA-2004.003 2004-03-05
Netwosix NW-2004-0004 2004-03-04
Debian DSA-455-1 2004-03-03
Mandrake MDKSA-2004:018 2004-03-03
Red Hat RHSA-2004:091-02 2004-03-03
Whitebox WBSA-2004:090-01 2004-03-01
Red Hat RHSA-2004:090-01 2004-02-26
Fedora FEDORA-2004-087 2004-02-25
Red Hat RHSA-2004:091-01 2004-02-26

Comments (none posted)

logcheck: symlink vulnerability

Package(s):logcheck CVE #(s):CAN-2004-0404
Created:April 21, 2004 Updated:December 22, 2004
Description: The logcheck utility handles temporary files in an unsafe way, possibly allowing local attackers to overwrite files.
Alerts:
Mandrake MDKSA-2004:155 2004-12-22
Debian DSA-488-1 2004-04-16

Comments (none posted)

mailman denial of service

Package(s):mailman CVE #(s):CAN-2003-0991
Created:February 9, 2004 Updated:May 25, 2004
Description: Matthew Galgoci of Red Hat discovered a Denial of Service (DoS) vulnerability in versions of Mailman prior to 2.1. An attacker could send a carefully-crafted message causing mailman to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0991 to this issue.
Alerts:
Conectiva CLA-2004:842 2004-05-25
Red Hat RHSA-2004:156-01 2004-04-14
Mandrake MDKSA-2004:013 2004-02-13
Red Hat RHSA-2004:019-01 2004-02-09

Comments (1 posted)

metamail: integer and buffer overflows

Package(s):metamail CVE #(s):CAN-2004-0104 CAN-2004-0105
Created:February 18, 2004 Updated:May 21, 2004
Description: Versions of metamail through 2.7 contain a set of integer and buffer overflows which are remotely exploitable via a properly crafted message.
Alerts:
Gentoo 200405-17 2004-05-21
Debian DSA-449-1 2004-02-24
Mandrake MDKSA-2004:014 2004-02-18
Slackware SSA:2004-049-02 2004-02-18
Red Hat RHSA-2004:073-01 2004-02-18

Comments (none posted)

mikmod: buffer overflow

Package(s):mikmod CVE #(s):CAN-2003-0427
Created:June 16, 2003 Updated:June 16, 2005
Description: Ingo Saitz discovered a bug in mikmod whereby a long filename inside an archive file can overflow a buffer when the archive is being read by mikmod.
Alerts:
Fedora FEDORA-2005-405 2005-06-16
Red Hat RHSA-2005:506-01 2005-06-13
Fedora FEDORA-2005-404 2005-06-09
Gentoo 200307-01 2003-07-02
Debian DSA-320-1 2003-06-13

Comments (none posted)

mod_python: denial of service vulnerability

Package(s):mod_python CVE #(s):CAN-2003-0973
Created:January 27, 2004 Updated:October 4, 2004
Description: Apache's mod_python module could crash the httpd process if a specific, malformed query string was sent.

The Apache Foundation has reported that mod_python may be prone to Denial of Service attacks when handling a malformed query. Mod_python 2.7.9 was released to fix the vulnerability, however, because the vulnerability has not been fully fixed, version 2.7.10 has been released.

Users of mod_python 3.0.4 are not affected by this vulnerability.

Alerts:
Fedora-Legacy FLSA:1325 2004-10-03
Conectiva CLA-2004:837 2004-04-12
Whitebox WBSA-2004:058-01 2004-03-01
Debian DSA-452-1 2004-02-29
Red Hat RHSA-2004:058-01 2004-02-26
Red Hat RHSA-2004:063-01 2004-02-26
Gentoo 200401-03 2004-01-27

Comments (none posted)

mozilla: multiple vulnerabilties

Package(s):mozilla CVE #(s):CAN-2003-0594 CAN-2003-0564
Created:March 10, 2004 Updated:August 19, 2004
Description: Mozilla 1.4 contains a few vulnerabilities, including disclosure of cookies to the wrong server, a scripting vulnerability which can allow an attacker to run arbitrary code, and an S/MIME vulnerability which can lead to remote denial of service or code execution attacks.
Alerts:
Whitebox WBSA-2004:421-01 2004-08-19
Whitebox WBSA-2004:110-01 2004-03-29
Red Hat RHSA-2004:112-01 2004-03-17
Mandrake MDKSA-2004:021 2004-03-10

Comments (none posted)

mpg321: format string vulnerability

Package(s):mpg321 CVE #(s):CAN-2003-0969
Created:January 6, 2004 Updated:March 28, 2005
Description: A vulnerability was discovered in mpg321, a command-line mp3 player, whereby user-supplied strings were passed to printf(3) unsafely. This vulnerability could be exploited by a remote attacker to overwrite memory, and possibly execute arbitrary code. In order for this vulnerability to be exploited, mpg321 would need to play a malicious mp3 file (including via HTTP streaming).
Alerts:
Gentoo 200503-34 2005-03-28
Debian DSA-411-1 2004-01-05

Comments (none posted)

MySQL: temporary file vulnerabilities

Package(s):mysql CVE #(s):CAN-2004-0381 CAN-2004-0388
Created:April 14, 2004 Updated:August 18, 2004
Description: The mysqlbug and mysqld_multi scripts contain temporary file vulnerabilities which could be used by a local attacker to overwrite files on the system.
Alerts:
Gentoo 200405-20 2004-05-25
Mandrake MDKSA-2004:034 2004-04-19
OpenPKG OpenPKG-SA-2004.014 2004-04-14
Debian DSA-483-1 2004-04-14

Comments (none posted)

neon: format string vulnerabilities

Package(s):neon CVE #(s):CAN-2004-0179
Created:April 14, 2004 Updated:May 18, 2004
Description: The neon WebDAV library contains format string vulnerabilities which may be exploited by a hostile DAV server. This vulnerability exists in utilities which use neon, including cadaver and OpenOffice.org.
Alerts:
Fedora FEDORA-2004-103 2004-04-14
Gentoo 200405-04 2004-05-11
Gentoo 200405-01 2004-05-09
Red Hat RHSA-2004:163-01 2004-04-30
Whitebox WBSA-2004:160-01 2004-04-19
Mandrake MDKSA-2004:032 2004-04-19
Gentoo 200404-14 2004-04-19
OpenPKG OpenPKG-SA-2004.016 2004-04-16
Netwosix NW-2004-0012 2004-04-18
Debian DSA-487-1 2004-04-16
Red Hat RHSA-2004:159-01 2004-04-15
Red Hat RHSA-2004:160-01 2004-04-14
Red Hat RHSA-2004:157-01 2004-04-14
Red Hat RHSA-2004:158-01 2004-04-14

Comments (none posted)

Nessus NASL scripting engine security issues

Package(s):nessus CVE #(s):
Created:May 27, 2003 Updated:August 12, 2004
Description: Some some vulnerabilities exsist in the Nessus NASL scripting engine. To exploit these flaws, an attacker would need to have a valid Nessus account as well as the ability to upload arbitrary Nessus plugins in the Nessus server (this option is disabled by default) or he/she would need to trick a user somehow into running a specially crafted nasl script. Read the full advisory for additional information.
Alerts:
Gentoo 200305-10 2003-05-27

Comments (none posted)

netpbm: insecure temporary files

Package(s):netpbm CVE #(s):CAN-2003-0924
Created:January 19, 2004 Updated:December 29, 2004
Description: netpbm is graphics conversion toolkit made up of a large number of single-purpose programs. Many of these programs were found to create temporary files in an insecure manner, which could allow a local attacker to overwrite files with the privileges of the user invoking a vulnerable netpbm tool.
Alerts:
Conectiva CLA-2004:909 2004-12-29
Gentoo 200410-02 2004-10-04
Mandrake MDKSA-2004:011-1 2004-09-27
Whitebox WBSA-2004:031-01 2004-02-12
Mandrake MDKSA-2004:011 2004-02-11
Red Hat RHSA-2004:030-01 2004-02-05
Fedora FEDORA-2004-068 2004-02-06
Red Hat RHSA-2004:031-01 2004-01-22
Debian DSA-426-1 2004-01-18

Comments (1 posted)

openssh: timing attack leads to information disclosure

Package(s):openssh CVE #(s):CAN-2003-0190
Created:May 2, 2003 Updated:November 30, 2004
Description: From the advisory: "During a pen-test we stumbled across a nasty bug in OpenSSH-portable with PAM support enabled (via the --with-pam configure script switch). This bug allows a remote attacker to identify valid users on vulnerable systems, through a simple timing attack. The vulnerability is easy to exploit and may have high severity, if combined with poor password policies and other security problems that allow local privilege escalation."
Alerts:
Ubuntu USN-34-1 2004-11-30
OpenPKG OpenPKG-SA-2003.035 2003-08-06
Red Hat RHSA-2003:222-01 2003-07-29
Gentoo 200305-02 2003-05-13
Gentoo 200305-01 2002-03-05

Comments (1 posted)

OpenSSL: denial of service vulnerabilities

Package(s):OpenSSL CVE #(s):CAN-2004-0081 CAN-2003-0851
Created:March 17, 2004 Updated:November 2, 2005
Description: Versions 0.9.7a-c of the OpenSSL library suffer from two denial of service vulnerabilities; see the version 0.9.7d release announcement for details.
Alerts:
Red Hat RHSA-2005:830-00 2005-11-02
Red Hat RHSA-2005:829-00 2005-11-02
Fedora FEDORA-2005-1042 2005-10-31
Fedora-Legacy FLSA:1395 2004-05-08
Conectiva CLA-2004:834 2004-03-31
Whitebox WBSA-2004:084-01 2004-03-23
Red Hat RHSA-2004:084-01 2004-03-23
Fedora FEDORA-2004-095 2004-03-19
Whitebox WBSA-2004:120-01 2004-03-22
Trustix TSLSA-2004-0012 2004-03-17
Slackware SSA:2004-077-01 2004-03-17
Red Hat RHSA-2004:121-01 2004-03-17
OpenPKG OpenPKG-SA-2004.007 2004-03-18
Gentoo 200403-03 2004-03-17
Debian DSA-465-1 2004-03-17
Netwosix NW-2004-0005 2004-03-17
Mandrake MDKSA-2004:023 2004-03-17
SuSE SuSE-SA:2004:007 2004-03-17
Red Hat RHSA-2004:120-01 2004-03-17
Red Hat RHSA-2004:119-01 2004-03-17
EnGarde ESA-20040317-003 2004-03-17

Comments (1 posted)

postfix: denial of service vulnerabilities

Package(s):postfix CVE #(s):CAN-2003-0468 CAN-2003-0540
Created:August 5, 2003 Updated:May 27, 2004
Description: The postfix MTA, versions through 1.1.12 (but not 2.0) is subject to two remotely exploitable denial of service vulnerabilities; see this advisory from Michal Zalewski for details.
Alerts:
Mandrake MDKA-2004:028 2004-05-26
Trustix 2003-0029 2003-08-04
Mandrake MDKSA-2003:081 2003-08-04
EnGarde ESA-20030804-019 2003-08-04
Conectiva CLA-2003:717 2003-08-04
SuSE SuSE-SA:2003:033 2003-08-04
Red Hat RHSA-2003:251-01 2003-08-04
Debian DSA-363-1 2003-08-03

Comments (none posted)

python: buffer overflow

Package(s):python CVE #(s):CAN-2004-0150
Created:March 10, 2004 Updated:October 11, 2004
Description: Python (versions 2.2 and 2.2.1 only) has a buffer overflow in the getaddrinfo() function which can be exploited by a malformed IPv6 address.
Alerts:
Debian DSA-458-3 2004-10-10
Gentoo 200409-03 2004-09-02
Debian DSA-458-2 2004-08-31
Mandrake MDKSA-2004:019 2004-03-09
Debian DSA-458-1 2004-03-09

Comments (none posted)

ssmtp format string vulnerability

Package(s):ssmtp CVE #(s):CAN-2004-0156
Created:April 15, 2004 Updated:May 7, 2004
Description: Max Vozeler discovered two format string vulnerabilities in ssmtp, a simple mail transport agent. Untrusted values in the functions die() and log_event() were passed to printf-like functions as format strings. These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root).
Alerts:
OpenPKG OpenPKG-SA-2004.020 2004-05-07
Gentoo 200404-18 2004-04-26
Debian DSA-485-1 2004-04-14

Comments (none posted)

sysstat: temporary file vulnerability

Package(s):sysstat CVE #(s):CAN-2004-0107 CAN-2004-0108
Created:March 10, 2004 Updated:October 4, 2004
Description: The sysstat utility has a temporary file vulnerability which can be exploited by a local attacker to overwrite system files.
Alerts:
Fedora-Legacy FLSA:1372 2004-10-03
Gentoo 200404-04 2004-04-06
Debian DSA-460-2 2004-04-03
Trustix TSLSA-2004-0011 2004-03-16
Whitebox WBSA-2004:053-01 2004-03-10
Red Hat RHSA-2004:053-01 2004-03-10
Red Hat RHSA-2004:093-01 2004-03-10
Debian DSA-460-1 2004-03-10

Comments (none posted)

File overwrite vulnerability in tar and unzip

Package(s):tar unzip CVE #(s):CAN-2001-1267 CAN-2001-1268 CAN-2001-1269 CAN-2002-0399
Created:October 1, 2002 Updated:April 9, 2006
Description: The tar utility does not properly filter file names containing "../", meaning that a hostile archive can, if unpacked by an unsuspecting user, overwrite any file that is writable by that user. GNU tar versions 1.13.19 and earlier are vulnerable; unzip through version 5.42 has the same vu