Obsahuje:
  • všechny e-ziny od 9/1999
  • celou databázi NEWS
  • soutěže 2000-2011
  • další články a BONUSY

Security - News

http://crypto-world.info

Crypto - News | Security - News

09 / 2004
Vybrali pro vás: TR - Tomáš Rosa, JP - Jaroslav Pinkava, PV - Pavel Vondruška, VK - Vlastimil Klíma

Dvě bezpečnostní díry v Linuxu - prohlédněte si obrázek, a přes buffer oveflow je tam ...

10.09.2004
Open-source developers have reported two security holes in Linux components that can allow attackers to gain control of a PC. By tricking a user into viewing a specially crafted image file, an attacker can exploit a bug in the Imlib library, used by graphics-viewing applications, to execute malicious code. The bug is caused by a boundary error in the decoding of runlength-encoded bitmap images, which can be exploited to cause a buffer overflow. Gentoo, MandrakeSoft SA, and other Linux vendors have begun distributing fixes for the bug, which affects Imlib 1.x and imlib2 1.x. Red Hat Incorporated also warned of three security holes in LHA, a compression and decompression utility for LHarc-format archives, which affect all versions through 1.14. The vulnerabilities could allow the execution of malicious code if a user were to extract or test a malicious archive or pass a specially crafted command line to the lha command. The third bug could allow an attacker to create a directory with shell meta characters in its name, leading to arbitrary command execution. Security firm Secunia announced that all three of the bugs could be avoided by staying away from untrusted archives, and patches are available. viz též infoworld.
Zdroj: http://www.eweek.com/article2/0,1759,1644280,00.asp
Autor: VK


Heuristické vyhledání souvisejících článků v archívu NEWS

Pozor - není zdaleka přesné a výsledek je bez záruky...
Chcete-li článek obsahující konkrétní termín - pou·ijte funkci vyhledávání !
<<- novější - Analýza rizik spojených s činností certifikační autority
Design: Webdesign