LinuxQuestions.org - Where Linux users come for help

LinuxQuestions.org Forums - where Linux users come for help

Main Menu

· Linux Forums
· Linux HCL
· Linux Tutorials
· Linux Wiki
· Distro Reviews
· Book Reviews
· Download Linux
· Press Releases
· LQ Merchandise
· Linux Podcast
· LQ Radio
· LQ Bookmarks

FAQs

Q. Where is the forum?
A. Right here.

Q. How much is membership?
A. In the true Linux spirit membership is free!

Q. Do I HAVE to register?
A. No, but becoming a member does have its benefits.

Q. What are the benefits of registration?
A. - You cannot post without being a member.
   - You become part of a community.
   - You can give something back.
   - You can subscribe to threads and receive email updates.
   - The board keeps track of which threads you have read.
   - Much More!

Q. Where do I signup?
A. Right here.

Threads with 0 Replies

squid step by step
Fluxbox Window Maximization
Sixpack 5.1 can not record with ALSA
Quake 4 Demo, Linux version?
Wine on x86_64 systems
Need help with installing theme manager
Atlas or World Map type software for Linux - is there any?
kernel 2.6.11 smp x64 compile not working
True translucency on 10.2
Mandriva 2006 won't install

More...

LinuxQuestions.org

Welcome to LinuxQuestions.org. You can visit our forum where Linux newbies can ask questions and Linux experts can offer advice. Topics include security, installation, networking and much more. Feel free to browse the board, perform a search, view the man pages online or view the index. If you would like to post you must be a member. We also have a new archive online.

LQ Security Report Oct 2005

By unSpawn
on Thu 27 Oct 2005, 6:02 AM

Nov 08th 2005 (SF)
92 issues reported(SF)
1. MG2 Authentication Bypass Vulnerability
2. PHP Advanced Transfer Manager Remote Unauthorized Access Vulnerability
3. Subdreamer Multiple Remote SQL Injection Vulnerabilities
4. OpenVPN Client Remote Format String Vulnerability
5. Invision Gallery Index.PHP SQL Injection Vulnerability
6. Snitz Forum Post.ASP Cross-Site Scripting Vulnerability
7. NTop Insecure Temporary File Creation Vulnerability
8. PHPBB Global Variable Deregistration Bypass Vulnerabilities
9. PHPCafe Tutorial Manager Index.PHP SQL Injection Vulnerability
10. OaBoard Forum.PHP Multiple SQL Injection Vulnerabilities
11. PHPBB Multiple Unspecified Vulnerabilities
12. IBM AIX CHCONS Local Buffer Overflow Vulnerability
13. PHP PHPInfo Cross-Site Scripting Vulnerability
14. PHP Parse_Str Register_Globals Activation Weakness
15. PHP File Upload GLOBAL Variable Overwrite Vulnerability
16. Comersus BackOffice Multiple Input Validation And Information Disclosure Vulnerabilities
17. Apple Mac OS X Security Update 2005-10-31 Multiple Local Vulnerabilities
18. IOFTPD Username Enumeration Vulnerability
19. Belchior Foundry vCard Pro Addrbook.PHP SQL Injection Vulnerability
20. EyeOS Desktop.PHP HTML Injection Vulnerability
21. EyeOS User And Password Information Disclosure Vulnerability
22. Elite Forum HTML Injection Vulnerability
23. Multiple Vendor ReadDir_R Buffer Overflow Vulnerability
24. VUBB Index.PHP Cross-Site Scripting Vulnerability
25. OpenVMS Unspecified Local Denial of Service Vulnerability
26. Pax File Permission Modification Race Condition Weakness
27. NetBSD Insecure Temporary File Creation Vulnerability
28. NetBSD KernFS Local Kernel Memory Disclosure Vulnerability
29. XMB Forum Post.PHP SQL Injection Vulnerability
30. Microsoft Internet Explorer Malformed HTML Parsing Denial of Service Vulnerability
31. Cisco Management Center for IPS Sensors Configuration Download Weakness
32. OpenVPN Server Remote Denial Of Service Vulnerability
33. Sun Java System Communications Express Information Disclosure Vulnerability
34. Cisco Airespace WLAN Controller Unauthorized Network Access Vulnerability
35. RhinoSoft Serv-U FTP Server Unspecified Denial of Service Vulnerability
36. News2Net Index.PHP SQL Injection Vulnerability
37. Cisco IOS System Timers Heap Buffer Overflow Exploitation
38. phpWebThings Forum.PHP Cross-Site Scripting Vulnerability
39. PHPWebThing Forum.PHP SQL Injection Vulnerability
40. MailWatch for MailScanner Authenticate Function SQL Injection Vulnerability
41. Asus VideoSecurity Online Web Server Authentication Buffer Overflow Vulnerability
42. Glider Collect'N Kill Remote Buffer Overflow Vulnerability
43. Asus VideoSecurity Online Web Server Directory Traversal Vulnerability
44. Battle Carry Remote Denial of Service Vulnerability
45. Simple PHP Blog Multiple Input Validation Vulnerabilities
46. F-Secure Web Console Directory Traversal Vulnerability
47. GraphOn GO-Global For Windows Remote Buffer Overflow Vulnerability
48. Invision Gallery Image Upload HTML Injection Vulnerability
49. Johannes F. Kuhlmann FlatFrag Multiple Remote Buffer Overflow And Denial Of Service Vulnerabilities
50. NeroNet Limited Directory Traversal Vulnerability
51. NetBSD SO_LINGER DIAGNOSTIC Checking Local Denial of Service Vulnerability
52. NetBSD Local PTrace Privilege Escalation Vulnerability
53. IPSwitch WhatsUp Small Business 2004 Report Service Directory Traversal Vulnerability
54. Scorched 3D Multiple Vulnerabilities
55. F-Prot Antivirus ZIP Attachment Version Scan Evasion Vulnerability
56. PHP Handicapper Multiple Cross-Site Scripting Vulnerabilities
57. CutePHP CuteNews Directory Traversal Vulnerability
58. vBulletin Image Upload HTML Injection Vulnerability
59. PHP Handicapper Process_signup.PHP SQL Injection Vulnerability
60. Libungif Colormap Handling Memory Corruption Vulnerability
61. Microsoft November Advance Notification Unspecified Security Vulnerabilities
62. PHP Handicapper Process_signup.PHP HTTP Response Splitting Vulnerability
63. Movable Type Arbitrary Blog Creation Path Vulnerability
64. IBM WebSphere Application Server QueryString Information Disclosure Vulnerability
65. Libungif Null Pointer Dereference Denial of Service Vulnerability
66. Movable Type Blog Entry Posting HTML Injection Vulnerability
67. Apple QuickTime Embedded Pascal Style Remote Integer Overflow Vulnerability
68. Apple QuickTime Null Pointer Dereference Denial of Service Vulnerability
69. Apple QuickTime Movie Attributes Remote Integer Overflow Vulnerability
70. Apple QuickTime Compressed PICT Data Remote Buffer Overflow Vulnerability
71. Sun Java Development Kit Font Serialization Remote Denial of Service Vulnerability
72. Galerie ShowGallery.PHP SQL Injection Vulnerability
73. CHFN User Modification Privilege Escalation Vulnerability
74. Cerberus Helpdesk Information Disclosure Vulnerability
75. Clam Anti-Virus ClamAV TNEF File Handling Denial Of Service Vulnerability
76. Clam Anti-Virus ClamAV CAB File Handling Denial Of Service Vulnerability
77. Clam Anti-Virus ClamAV FSG File Handling Buffer Overflow Vulnerability
78. GpsDrive Friendsd Remote Format String Vulnerability
79. Acme Thttpd Insecure Temporary File Creation Vulnerability
80. IBM Lotus Domino Multiple Vulnerabilities
81. PunBB/Blog:CMS Image Upload HTML Injection Vulnerability
82. IBM AIX SWCONS Local Buffer Overflow Vulnerability
83. JPortal Multiple SQL Injection Vulnerabilities
84. Apache Tomcat Simultaneous Directory Listing Denial Of Service Vulnerability
85. PunBB/BLOG:CMS Origin Spoofing Vulnerability
86. cPanel Chat Message Field HTML Injection Vulnerability
87. PunBB/BLOG:CMS Unspecified Information Disclosure Vulnerability
88. Ocean12 ASP Calendar Manager Authentication Bypass Vulnerability
89. Ocean12 ASP Calendar Manager SQL Injection Vulnerability
90. Multiple Vendor Web Browser Cookie Hostname Handling Weakness
91. Macromedia Flash Array Index Memory Access Vulnerability
92. ibProArcade User ID SQL Injection Vulnerability

Oct 26th 2005 (SF)
57 issues reported(SF)
1. Sun Solaris Proc Filesystem Local Denial Of Service Vulnerability
2. Flexbackup Multiple Insecure Temporary File Creation Vulnerabilities
3. Lynx NNTP Article Header Buffer Overflow Vulnerability
4. Comersus BackOffice Plus Multiple Cross-Site Scripting Vulnerabilities
5. PHP Safedir Restriction Bypass Vulnerabilities
6. Gentoo Linux Multiple Packages Insecure RUNPATH Vulnerability
7. OpenWBEM Multiple Unspecified Remote Buffer Overflow Vulnerabilities
8. Linux Kernel Console Keymap Local Command Injection Vulnerability
9. RARLAB WinRAR Command Line Processing Buffer Overflow Vulnerability
10. Opera Web Browser Multiple Malformed HTML Parsing Denial Of Service Vulnerabilities
11. E107 Resetcore.PHP SQL Injection Vulnerability
12. IBM DB2 Universal Database Multiple Vulnerabilities
13. NetFlow Analyzer 4 Cross-Site Scripting Vulnerability
14. NetPBM PNMToPNG Buffer Overflow Vulnerability
15. Rockliffe MailSite Express Arbitrary File Upload Vulnerability
16. Microsoft Windows Unspecified Remote Code Execution Vulnerability
17. Snort Back Orifice Preprocessor Remote Stack Buffer Overflow Vulnerability
18. MySource Multiple Cross-Site Scripting Vulnerabilities
19. MySource Multiple Remote File Include Vulnerabilities
20. Oracle October Security Update Multiple Vulnerabilities
21. Xerver Multiple Input Validation Vulnerabilities
22. HP-UX LPD Arbitrary Command Execution Vulnerability
23. PHPNuke Modules.PHP Search Module Remote Directory Traversal Vulnerability
24. HP-UX FTP Server Directory Listing Vulnerability
25. Oracle Workflow Multiple Unspecified Cross-Site Scripting Vulnerabilities
26. Yiff-Server File Permission Bypass Weakness
27. Paros HSQLDB Remote Authentication Bypass Vulnerability
28. Symantec LiveUpdate for Macintosh Local Privilege Escalation Vulnerability
29. Symantec Norton Antivirus For Macintosh DiskMountNotify Local Privilege Escalation Vulnerability
30. Cisco 11500 Content Services Switch Malformed SSL Client Certificate Denial of Service Vulnerability
31. Oracle Workflow Wf_monitor Cross-Site Scripting Vulnerability
32. Oracle Application Server 10g emagent.exe Stack Overflow Vulnerability
33. Oracle Workflow Wf_route Cross-Site Scripting Vulnerability
34. Ethereal Multiple Protocol Dissector Vulnerabilities In Versions Prior To 0.10.13
35. Chipmunk Multiple Cross-Site Scripting Vulnerabilities
36. PHP-Nuke Modules.PHP NukeFixes Addon Remote Directory Traversal Vulnerability
37. Debian Module-Assistant Insecure Temporary File Creation Vulnerability
38. Splatt Forums Remote Authentication Bypass Vulnerability
39. BMV PostScript File Handling Integer Overflow Vulnerability
40. Linux Kernel World Writable SYSFS DRM Debug File Vulnerability
41. Linux Kernel IPV6 Unspecified Denial of Service Vulnerability
42. Squid FTP Server Response Denial Of Service Vulnerability
43. Ethereal Service Location Protocol Dissection Stack Buffer Overflow Vulnerability
44. SCO UnixWare PPP Prompt Local Buffer Overflow Vulnerability
45. SCO OpenServer Backupsh Local Buffer Overflow Vulnerability
46. ZipGenius Multiple Archive Formats File Name Buffer Overflow Vulnerabilities
47. AL-Caricatier SS.PHP Authentication Bypass Vulnerability
48. Oracle Application Server HTTP Response Splitting Vulnerability
49. TikiWiki Unspecified Cross-Site Scripting Vulnerability
50. SUSE Linux Squid Proxy SSL Handling Denial of Service Vulnerability
51. Nuked Klan Multiple HTML Injection Vulnerabilities
52. BMC Control M Agent Insecure File Permission Vulnerability
53. Zomplog Detail.PHP HTML Injection Vulnerability
54. phpMyAdmin Theme Variable Local File Inclusion Vulnerability
55. phpBB Avatar Upload HTML Injection Vulnerability
56. eBASEweb Unspecified SQL Injection Vulnerability
57. FlatNuke Index.PHP Multiple Remote File Include Vulnerabilities
5 Comments Last comment was by unSpawn

Another Distribution Joins LinuxQuestions.org - ROCK

By jeremy
on Sun 25 Sep 2005, 7:53 PM

I am happy to announce that another distribution has joined LinuxQuestions.org. Please welcome ROCK. Participating in the ROCK forum will be daja77 and blindcoder. I'd like to thank Benjamin for working with me to get the forum setup.

http://www.linuxquestions.org/questions/f65

--jeremy
7 Comments Last comment was by mashie_po

LQ ISO Linux Download Site Reaches One Million Downloads

By jeremy
on Wed 24 Aug 2005, 11:24 AM

From our recent press release:

LinuxQuestions.org is proud to announce that LQ ISO has now facilitated over 1,000,000 Linux downloads. Founded in August of 2004, LQ ISO allows users to find and rate fast local download mirrors. The site currently allows you to download almost 120 different Linux distributions from over 430 different mirrors. The site now utilizes GEO IP data to help you find the fastest local download mirror.

--jeremy
18 Comments Last comment was by titanium_geek

LQ Wiki Adds the Ability to Contribute GFDL Content

By jeremy
on Wed 17 Aug 2005, 10:32 AM

From http://wiki.linuxquestions.org/wiki/LQWiki:Copyrights:

quote:
As of August 17th, 2005 the LQ Wiki allows you to use either the CC by-sa license or the GFDL. All articles in the main namespace are licensed under the CC by-sa license (which is how is has been from the beginning). All GFDL content must go in the GFDL namespace. It is important to understand the license of the content you are submitting. You should verify that you are not mixing content from two incompatible licenses. If you are submitting original content we strongly recommend you use the main namespace.

This was done after careful consideration. The current objective of the LQ Wiki is to create the "largest general Linux knowledgebase on the web". To meet this goal, I think we need to embrace the fact that the Open Source community consists of documentation that is under multiple licenses (for better or for worse). As always, your feedback is appreciated.

--jeremy
3 Comments Last comment was by titanium_geek

You Can Now Stream LQ Radio Without an MP3 Player

By jeremy
on Mon 25 Jul 2005, 2:41 PM

That's right - you can now stream any LQ Radio content even if you don't have an mp3 or ogg player installed. The one caveat is that you do need flash installed (which I will admit to disliking, and apologize in advance for - if someone can think of a better solution, we're all ears). Head on over to LQ Radio and click the "LQ Radio Jukebox" link. I'll also add it to the nav here at LQ. As always, your feedback is appreciated.

--jeremy
16 Comments Last comment was by french_frogger

LQ Radio Show - Episode #2

By jeremy
on Mon 11 Jul 2005, 9:39 AM

Episode #2 of the LQ Radio Show has been posted. The show is hosted by jeremy and includes a panel of LQ moderators. Topics include Linux on the desktop, beagle, Apple moving to Intel, blogging, Linux appliances, broadcom, Googleï¿½s Linux app, the Vienna Linux migration and much much more. Total running time is 1:29. A Bittorrent is available. You can also download the show directly (in mp3 and ogg format) or as a Podcast.

--jeremy
27 Comments Last comment was by Matir

New LQ Site - LQ Bookmarks

By jeremy
on Mon 11 Jul 2005, 12:57 AM

LQ Bookmarks is now out of beta. From the Press Release:

quote:
Buffalo, NY -- July 11, 05 -- LinuxQuestions.org is proud to announce a new addition to its network of sites - LQ Bookmarks. LQ Bookmarks allows you to bookmark, tag, annotate and share links to Open Source and Linux related sites. It also allows you to access your bookmarks from any browser on any machine. The ability to share and see what others are sharing is called social bookmarking. You can view links in the order they were added, by tag, by user or by popularity. RSS feeds are available for all queries. All content on the site is available under a Creative Commons license.

Thanks again goes to David.

--jeremy
8 Comments Last comment was by snecklifter

Search the News | View All News Posts | Contact Us

User Login

Not a member? Register now!

Username:
Password:

Syndicate

LQ Latest Threads:

LQ News and Articles:

LQ Podcast:

LQ Radio:

You can Help!

LinuxQuestions.org needs your help. You can:

Become a Contributing Member or
Make a donation.

Latest Kernel

2.6.14.3: stable

2.6.15-rc2: stable prepatch

2.6.15-rc2-git6: stable snapshot

2.4.32: 2.4 release

Sponsors

Penguin Computing offers Linux based systems ranging from 1U servers to dual processor workstations equipped with your choice of 32-bit or 64-bit processors. Penguin Computing's Linux Clusters are powered by Scyld Beowulf the leading second generation cluster operating system. Linuxquestions.org is powered by Penguin Computing servers and support.

Sponsored Links: Cheap web hosting - Web hosting