PAM stands for Pluggable Authentication Modules, and is a way of providing application independence for authentication. A PAM-enabled application calls a stack of PAM modules to run authentication, open and close sessions, and check account validity.

Welcome to Security Alerts, an overview of recent Unix and open source security advisories. In this column, we look at buffer overflows in libmcrypt, HSphere Webshell, HTTP Fetcher Library, LCDproc, and UnixWare and Open UNIX's ps; and problems in the Common Unix Printing System, BitKeeper, FreeBSD's fpathconf(), S-PLUS, dhcpcd, leafnode, and Middleman.

Welcome to the Security Alerts column, an overview of new Unix and open source security-related advisories and news. Problems this week include buffer overflows in splitvt, bing, write, and Lotus Domino's SMTP server; temporary file problems with webmin and Apache's mod_rewrite; format string problems with icecast; ip firewalling problems with FreeBSD; and SQL problems in Postaci.

One of the more frequent requests on the Squid mailing lists is for help configuring Squid to operate well on dial-up or demand-dial networks. Offline mode will function for some of these networks, but is far from ideal. Unfortunately many of the features of Squid's offline mode appear to have largely vanished during the development of the Squid 2.x series. In the 2.3 STABLE 4 version, the offline mode has nearly no effect at all.

Welcome to Security Alerts, an overview of new Unix and open source security-related advisories and news. Problems this week include root exploits in the MarkVision printer drivers package, local and remote root exploits in KTH Kerberos, buffer overflows in Red Hat's PAM, a discussion of security problems with web-based applications, and an example of one of these web-based security problems in phpGroupWare.