Lockergnome's Linux Fanatics ~ December 28, 2004

Lockergnome Tue, 28 Dec 2004 00:09:51 -0800

Title: Lockergnome's Linux Fanatics ~ December 28, 2004

Google Lockergnome

Click here to make a donation and get your name & link listed here!

Phyllis Christian
Plasmatic Exploit
Ralph Williams
John Rowland
Max Raven
Emma Davis
Robert Hall
Glass Tower Studios
Best UK Credit Card
Ramesh Srinivasan

kpdf Buffer Overflow Vulnerability
LibTIFF Two Integer Overflow Vulnerabilities
FreeBSD for Linux Users
MPlayer 1.0pre6 Released
Speed Up Mozilla and Firefox
Multiple Vendor Xine version 0.99.2 Vulnerabilities
SHOUTcast Filename Format String Vulnerability
Today's Industry Headlines

Feedback | Contribute | Archives | Send to Friends | Subscription Options

RocketBowl - Rocketbowl puts a futuristic twist on the traditional bowling experience. Use special rocket-powered bowling balls to curve, boost, and hop your way over hills, around water traps, across bridges, and through winding chutes, all at a fun and relaxing pace. Knock over special Dollar Pins, collect bonus coins, and wager on matches against local pros to fatten your wallet, and buy more advanced bowling balls! [Download Trial]

kpdf Buffer Overflow Vulnerability ()

Direct & Related Links | Send Link to Friends | Posted by Marc Erickson

KDE Security Advisory 20041223-1 Systems affected: KDE 3.2 up to including KDE 3.2.3. KDE 3.3 up to including KDE 3.3.2. Overview: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a buffer overflow that can be triggered by a specially crafted PDF file. 3. Impact: Remotely supplied pdf files can be used to execute arbitrary code on the client machine. 4. Solution: Source code patches have been made available which fix these vulnerabilities.... [Continued]

^TOP^

LibTIFF Two Integer Overflow Vulnerabilities (Security)

Direct & Related Links | Send Link to Friends | Posted by Marc Erickson

Secunia Advisory: SA13607 Critical: Highly critical Impact: System access Where: From remote Solution Status: Vendor Patch Software: LibTIFF 3.x infamous41md has reported two vulnerabilities in LibTIFF, which can be exploited by malicious people to compromise a vulnerable system. 1) The vulnerability is caused due to an integer overflow in the "TIFFFetchStripThing()" function in "tif_dirread.c" when parsing TIFF files. This can be exploited via a specially crafted TIFF image file to execute arbitrary code via an... [Continued]

^TOP^

FreeBSD for Linux Users (Open Source)

Direct & Related Links | Send Link to Friends | Posted by Mike Oliveri

Ever wanted to tinker with FreeBSD, but felt intimidated by its being a more "hardcore" UNIX system? You'd probably be surprised to find there aren't many major differences at all, and Dru Lavigne's latest ONLamp column will help you on your way. In this first of two parts, she discusses the differences between FreeBSD and Linux in terms of startup, the kernel, and application management.... [Continued]

^TOP^

MPlayer 1.0pre6 Released (Download)

Direct & Related Links | Send Link to Friends | Posted by Mike Oliveri

For those of you who use MPlayer or have been thinking about it, now may be a good time to upgrade: version 1.0pre6 has just been released, and contains a whole slew of new updates and upgrades, including the 1.0pre5try2 bugfixes that resolved a few security vulnerabilities.... [Continued]

^TOP^

Speed Up Mozilla and Firefox (Tip)

Direct & Related Links | Send Link to Friends | Posted by Mike Oliveri

If you're running Mozilla or Firefox on a broadband connection, you may not think it could get much faster. If so, you'd be wrong.... [Continued]

^TOP^

Multiple Vendor Xine version 0.99.2 Vulnerabilities (Security)

Direct & Related Links | Send Link to Friends | Posted by Marc Erickson

PNM Handler Negative Read Length Heap Overflow Vulnerability "...Remote exploitation of a buffer overflow in version 0.99.2 of xine could allow execution of arbitrary code.... xine-lib 1-rc8 was released to address this vulnerability and is available for download at: http://xinehq.de/index.php/releases An xine patch for this vulnerability is available at: http://cvs.sourceforge.net/viewcvs.py/ xine/xine-lib/src/input/pnm.c?r1=1.20&r2=1.21 An MPlayer patch for this vulnerability is available at: http://www.mplayerhq.hu/MPlayer/patches/pnm_fix_20041215.diff" Multiple Vendor Xine version 0.99.2 PNM Handler PNA_TAG Heap Overflow Vulnerability "...Remote exploitation of... [Continued]

^TOP^

SHOUTcast Filename Format String Vulnerability (Security)

Direct & Related Links | Send Link to Friends | Posted by Marc Erickson

Secunia Advisory: SA13661 Critical: Highly critical Impact: System access Where: From remote Solution Status: Unpatched Software: SHOUTcast 1.x Tomasz Trojanowski and Damian Put have discovered a vulnerability in SHOUTcast, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is cause due to a format string error in the URL handling within the processing of requested filenames. This can be exploited to execute arbitrary code by sending a specially crafted... [Continued]

^TOP^

Latest Linux White Papers From TechRepublic

Yahoo! News - Search Results for linux

SourceForge.net New Releases

Every weekday, our guide to the Web takes care of business, tackling tech topics that really matter to everybody. From topic definitions to topical rants, Dan Gray's pieces inform as much as they entertain - inside of Lockergnome's Technobabble!