Linux Advisory Watch - November 30th 2001

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  November 30th, 2001                      Volume 2, Number 48a |
+----------------------------------------------------------------+
 
  Editors:     Dave Wreski                Benjamin Thomas
               dave@linuxsecurity.com     ben@linuxsecurity.com
 
 
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for wu-ftp, imp, rpm, postfix, sasl,
and sendmail.  The vendors include Caldera, Conectiva, Immunix, Red Hat,
Slackware and SuSE.

 * Do you need more free time?

Are you looking for a solution that provides the applications necessary to
easily create thousands of virtual Web sites, manage e-mail, DNS,
firewalling database functions for an entire organization, and supports
high-speed broadband connections all using a Web-based front-end? EnGarde
Secure Professional provides those features and more!

 EnGarde Secure Professional:
 http://store.guardiandigital.com/html/eng/493-AA.shtml



  ** FREE Apache SSL Guide from Thawte ** 
 
 Planning Web Server Security? Find out how to implement SSL! Get 
 the free Thawte Apache SSL Guide and find the answers to all your 
 Apache SSL security issues and more at: 
 
 http://www.gothawte.com/rd92.html 
 
 
Take advantage of our Linux Security discussion list!  This mailing list
is for general security-related questions and comments. To subscribe send
an e-mail to security-discuss-request@linuxsecurity.com with "subscribe"
as the subject.
 
 
 
+---------------------------------+
| wu-ftp                          | ----------------------------//
+---------------------------------+

An overflowable buffer exists in earlier versions of wu-ftpd. An attacker
could gain access to the machine by sending malicious commands.

 Red Hat Linux 7.2: i386: 
 ftp://updates.redhat.com/7.2/en/os/i386/ 
 wu-ftpd-2.6.1-20.i386.rpm 
 7306f24d3d7d518068c5e08959d43bdd 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-1711.html 

 SuSE-7.3 
 ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/ 
 wuftpd-2.6.0-344.i386.rpm 
 d1b549b8c2d91d66a8b35fe17a1943b3 

 SuSE Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/suse_advisory-1718.html 

 Caldera: 
 ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS 

 RPMS/wu-ftpd-2.6.1-13OL.i386.rpm 
 d6a618f9fe6a3ae99a1c54a405ab169a 

 Caldera Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/caldera_advisory-1719.html 
  

 Conectiva: 
 ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
 wu-ftpd-2.6.1-6U70_1cl.i386.rpm 

 Conectiva Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1720.html 
  

 Immunix: 
 http://download.immunix.org/ImmunixOS/7.0/updates/ 
 RPMS/wu-ftpd-2.6.1-6_imnx_4.i386.rpm 
 c6c2fa2fa60f2cfe5b496ad0281fa486 

 Immunix Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1721.html


  

+---------------------------------+
| imp                             | ----------------------------//
+---------------------------------+

The webmail frontend IMP has a cross site scripting problem, allowing a
remote attacker to send you an E-mail with a malformed URL that when
clicked on will open your mail session to the attacker, allowing him to
read and delete your E-mails.

 Caldera: 
 ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/ 
 Server/current/RPMS 
 RPMS/horde-1.2.7-1.i386.rpm 
 53a9d75c760851f79fa72cb451416f96 

 RPMS/imp-2.2.7-1.i386.rpm 
 4bb1af4dcd98af6f168543476f691b95 

 Caldera Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/caldera_advisory-1715.html 
 


+---------------------------------+
| rpm                             | ----------------------------//
+---------------------------------+

A malicious user could exploit this vulnerability by sending a carefully
crafted rpm package to the printing system, which will query the package
to extract the information to print and will execute arbitrary code
choosen by the attacker with the privileges of the lp user.

 PLEASE SEE VENDOR ADVISORY FOR UPDATE 

 Conectiva Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1712.html


  
  
+---------------------------------+
| postfix                         | ----------------------------//
+---------------------------------+

Wietse Venema reported[1] a vulnerability[2] in Postfix where a remote
attacker could cause a DoS (denial of service) condition on the server.
The SMTP session log could grow to an unreasonable size and possibly
exhaust the server's memory if no other limits were in place.

 Conectiva: 
 ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
 postfix-doc-20010228pl02-7U70_1cl.i386.rpm 

 ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
 postfix-20010228pl02-7U70_1cl.i386.rpm 

 Conectiva Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1709.html 
  

 Red Hat Powertools 7.1: i386: 
 ftp://updates.redhat.com/7.1/en/powertools/i386/
 postfix-20011125-  1SASL.i386.rpm 
 60402b08bd489052146eec437838a829 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-1714.html



  
+---------------------------------+
| sasl                            | ----------------------------//
+---------------------------------+

There is a format string bug in the Cyrus SASL library, and the library is
used by sendmail. We are not sure whether this vulnerability can be
exploited remotely just by connecting to sendmail, but if it is, the
attacker would gain root access.

 Caldera: 
 ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/ 
 Server/current/RPMS 

 RPMS/libsasl-1.5.24-4.i386.rpm 
 67e101e2ff0a259e57bbcc9eee616a1f 

 Caldera Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/caldera_advisory-1716.html 
  

 Red Hat: 
 PLEASE SEE ADVISORY FOR UPDATE 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-1722.html 
 http://www.linuxsecurity.com/advisories/redhat_advisory-1723.html


  
+---------------------------------+
|  sendmail                       | ----------------------------//
+---------------------------------+

An input validation error in sendmail has been discovered by Cade Cairns
of SecurityFocus.  This problem can be exploited by local users to gain
root access.  It is not exploitable by remote attackers without shell
access. New packages based on sendmail.8.11.6 have been prepared for
Slackware 7.1 and 8.0.

 Slackware 8.0:  
 ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/ 
 patches/packages/procmail.tgz 
 56099f1bce9643e44342711878a7ceb0 

 ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/  
 patches/packages/sendmail.tgz 
 3d03fd648ecf40eed56ff915780fb8ab 

 ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/ 
 patches/packages/smailcfg.tgz 
 1a13d98a11d0af853893a640909d8958 

 Slackware Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/slackware_advisory-1573.html


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux