● Red Hat fixes vulnerabilities in four areas - 荔园在线 | 深圳大学学生论坛,荔园晨风BBS,深大在线网站

荔园之美，在春之萌芽，在夏之绽放，在秋之收获，在冬之沉淀

发信人: hellsolaris (qq), 信区: Security
标  题: Red Hat fixes vulnerabilities in four areas
发信站: 荔园晨风BBS站 (Sun Nov 16 19:29:01 2003)

Red Hat recommends users upgrade to updated packages that address security vul
nerabilities in PostgreSQL, stunnel, XFree64, and Zebra. The consequences of t
he vulnerabilities include denial of service, execution of arbitrary code and
privilege escalation.

PostgreSQL is an open source database system. Its pg_to_ascii() function suffe
rs from buffer overflow problems that could be exploited to cause denial of se
rvice or execution of arbitrary code.

Stunnel is a "secure tunneling" wrapper for network connections, used to tunne
l an unencrypted connection over an encrypted connection, or to provide an enc
rypted connection to services that don't support encryption. Problems in non-r
eentrant signal-handling stunnel functions could allow an attacker to hijack t
he service.

XFree86 is an implementation of the X Window System, including the core graphi
cal user interface and video drivers. Xfree86's handling of font libraries has
integer overflow problems that could allow local or remote attackers to gain
root privileges, cause denial of service or execute arbitrary code.

Zebra is an open source implementation of TCP/IP routing software. Its telnet
management service is susceptible to remote denial of service if a Zebra passw
ord has been enabled.

Affected Red Hat products include Enterprise Linux AS 2.1/ES 2.1/WS 2.1, Linux
7.2-9, and Linux Advanced Server 2.1 and Workstation 2.1 for Itanium.

    SOUND OFF! - Post your comments
Be the first to post a message to Sound Off! Post a Message

    EMAIL A FRIEND
Send the article you've just read to a friend

--

※ 来源:．荔园晨风BBS站 http://bbs.szu.edu.cn [FROM: 61.144.235.39]

荔园在线首页友情链接：深圳大学深大招生荔园晨风BBS S-Term软件网络书店