|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Monday, 21 August 2000||Author: Alexander Reelsen|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Std View]|
Weekly Linux Security Digest 2000/08/14 to 2000/08/20
[SP] Another messy week. Xlock/Xlockmore (a common screen saver) has a format bug in the processing of a command line option. This affects Linux and BSD versions. Zope has a flaw that allows users to gain additional roles while editing DHTML, and vendors are still releasing updates for problems from last week (rpc, perl, mailx, etc.). A very bad hole in the Lyris list manager's Web interface allows an attacker to trivially gain administrative access to the list.