The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X.
f55bd88272c1d996167dc032f97acacaa8b515889994c3ba72683834f0fbe19eSamba versions below 3.0.20 heap overflow exploit. Written for older versions of Debian, Slackware, and Mandrake.
43b87d032641543dcbbc7602729efaa345048ff41a4495d0b750df770c23b850Lesstif local root exploit for Mandrake Linux 2006 that makes use of the mtink binary which is setuid by default.
93c5c74660c45a18ce6ccea75249edf597881501453e35ba6adbd416614392f7Secunia Security Advisory - Mandrake has issued an update for hylafax. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and by malicious users to compromise a vulnerable system.
6657d2342cef2d8b74bb4de444a7ca19bfb6ad886e7fa5f23520a8e6a58ea42aThe Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. Screenshot available here..
537fdf3fd3c6a695a889ad0ca835e99623a9d9fc16609067d679c7e183bc1c05The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. Screenshot available here..
ee44a96a6f41636d5498f1221c9e27869cfa178c09a7b400e333060ccf83039eThe Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. Screenshot available here..
bbd9955f30cf74997cae2d96220a2a2bc43d92f8264f4f08bef39d096cfc85d3The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. Screenshot available here..
91af27a0f4b60daaadc83e622e9e24685dddb3a546a59e4ea5e2177d5e1e6905The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. Screenshot available here..
5cc11e42d0aa3982a2e77237a98f2512101cda25e5199ba55c98a46cac5a74c6ELOG version 2.5.6 and below remote shell exploit. Includes targets for Slackware, Gentoo, FreeBSD, Mandrake, Fedora Core 1, Debian, Windows XP, and Redhat.
2f0be5f4ffcc4b64e7f89322b4934d525fd19649bcde7c18cf2b2398d88e016eMandrake Linux Security Update Advisory - Javier Fernandez-Sanguino Pena discovered two vulnerabilities in scripts included with the vim editor. The two scripts, tcltags and vimspell.sh created temporary files in an insecure manner which could allow a malicious user to execute a symbolic link attack or to create, or overwrite, arbitrary files with the privileges of the user invoking the scripts.
7d9c2bfe6a4ee99a747572aa6fb968bad0aa4e7638fd1885eac13fa60c81fe34Local root exploit for /usr/bin/trn. Tested on Mandrake 9.2, Slackware 9.1.0/10.0.0.
01582be97fed45d219f9fdddda6cbadc367a0d5d9c76671520bd0222ed537e2dThe Bastille Hardening System attempts to "harden" or "tighten" the Linux/Unix operating systems. It currently supports Red Hat and Mandrake systems, with support on the way for Debian, SuSE, TurboLinux and HP-UX. We attempt to provide the most secure, yet usable, system possible. Screenshot available here..
ebe4d9a3204ad599a3cdbe43f230345f48e5736d5746187f93756eac0728694cMandrake Linux Security Update Advisory - Herbert Xu discovered that iproute can accept spoofed messages sent via the kernel netlink interface by other users on the local machine. This could lead to a local Denial of Service attack.
0b77cae8ee0ff13e4f0c71207f40df5bb8a76c2bedd1527178bb64fdc86e1708Mandrake Linux Security Update Advisory - SGI developers discovered a remote DoS (Denial of Service) condition in the NFS statd server. rpc.statd did not ignore the SIGPIPE signal which would cause it to shutdown if a misconfigured or malicious peer terminated the TCP connection prematurely.
d6ee8ca8fd5762c70e690ea33f4421867002ac1714835bcf445645c863e83597Mandrake Linux Security Update Advisory - The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitrary commands with the privileges of the user running the vulnerable application.
afffec118e3c478b43f8bd4c296edd84d155a798b59d0a49364f43ef44813126The Bastille Hardening System attempts to "harden" or "tighten" the Linux/Unix operating systems. It currently supports Red Hat and Mandrake systems, with support on the way for Debian, SuSE, TurboLinux and HP-UX. We attempt to provide the most secure, yet usable, system possible. Screenshot available here..
18c3643d5abc13291c89be6422f9faeb0f6c33a58497aa372db196c07b342521The Linux Security Auditing Tool (LSAT) is a post install security auditor for Linux/Unix. It checks many system configurations and local network settings on the system for common security/config errors and for packages that are not needed. It (for now) works under Linux (x86: Gentoo, RedHat, Debian, Mandrake; Sparc: SunOS (2.x), Redhat sparc, Mandrake Sparc; Apple OS X).
d98472458f00e7705dcfa35d3f45c03eebb33499cca69efa670c661a188444a9Mandrake Linux Security Update Advisory - Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution.
38339c35eb37ea1704d38fa5c8d7a983c7db524a7de177b38224327194a45663Mandrake Linux Security Update Advisory - affected versions of MDK: 10.0, 92, Corporate Server 2.1, Multi Network Firewall 8.2. Several vulnerabilities have been discovered in the libtiff package that could lead to arbitrary code execution.
00b02fca7dc066d552fa40fbd64474173459db97df3ec38a658849d0dfbfb489Mandrake Linux Security Update Advisory - cvs 10.0, 92, Corporate Server 2.1. A flaw in CVS versions prior to 1.1.17 in an undocumented switch to the CVS history command allows for determining directory structure and the existance of files on a target machine.
e1cdaf1293a24e2672547e99ab63263760f1dbe553b2c16f4764702091f0a9a9Mandrake Linux Security Update Advisory - A number of vulnerabilities were fixed in mozilla 1.7.3, the following of which have been backported to mozilla packages for Mandrake Linux 10.0: "Send page" heap overrun, javascript clipboard access, buffer overflow when displaying VCard, BMP integer overflow, javascript: link dragging, Malicious POP3 server III.
9f5db01dbfd4b9ff3f74a73729cb6a0c9bf1c408d1dc95dad30d2132b2454615Mandrake Linux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.
6f38c8ce8d76f1228e8d3ca2e1b81434d0f2613330175e2b3a098eeec3ceb160RPM Finder Project version 1.2 is a utility that works much like the rpmfind.net site. It supports RedHat and Mandrake Linux.
1b21c1e4fe44c14c6699021a8dfb60258df84ba160eb73d9c370d35decd0d8d2Mandrake Linux Security Update Advisory - Problems lie in the utempter program versions 10.0, 9.2, 9.1, Corporate Server 2.1, and Multi Network Firewall 8.2 that allow for arbitrary file overwrites and denial of service attacks.
d955011e39cbff52026f4c77016b564f2c9d8f72b1a57bf1a841fbbace58a5a8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed