Linux Advisory Watch - December 21st 2001

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  December 21st, 2001                      Volume 2, Number 51a |
+----------------------------------------------------------------+
 
  Editors:     Dave Wreski                Benjamin Thomas
               dave@linuxsecurity.com     ben@linuxsecurity.com
 
 
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.


This week advisories were released for mailman, htdig, xsane, OpenSSH,
kerberos, libgtop, glibc, and the Trustix kernel.  The vendors include
EnGarde, Debian, Immunix, FreeBSD, Mandrake, Red Hat, and Trustix.

8wire.com Review: EnGarde Secure Linux 1.0.1 - EnGarde Secure Linux is a
Linux distribution that allows anyone - including those with no Linux
experience - to easily set up their own secure Web and email servers. We
tested this software on a bare-bones PC and found it very simple to set up
and use. It's a great value for those looking for a fully functional
Internet server that can run on old or inexpensive hardware.

  http://www.8wire.com/articles/?aid=2350

Why be vulnerable? Its your choice. - Are you looking for a solution that
provides the applications necessary to easily create thousands of virtual
Web sites, manage e-mail, DNS, firewalling database functions for an
entire organization, and supports high-speed broadband connections all
using a Web-based front-end? EnGarde Secure Professional provides those
features and more!

Be Secure with EnGarde Secure Professional: 
http://store.guardiandigital.com/html/eng/493-AA.shtml

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.
  
  

+---------------------------------+
|  mailman                        | ----------------------------//
+---------------------------------+

Barry A. Warsaw reported several cross-site scripting security holes in
Mailman, due to on-existent escaping of CGI variables. These have been
fixed upstream in version 2.0.8, and the relevant patches have been
backported to version 1.1-10 in Debian.

 Debian Intel IA-32 architecture: 
 http://security.debian.org/dists/stable/updates/main/ 
 binary-i386/mailman_1.1-10_i386.deb 
 MD5 checksum: 27c9d400360a99b39954f563f5d0ed43 

 Debian Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/debian_advisory-1751.html


+---------------------------------+
|  htdig                          | ----------------------------//
+---------------------------------+

A remote attacker may use htsearch as a kind of denial-of-service attack
by causing it to read a never-ending special file such as `/dev/null'.

 FreeBSD [i386] 
 ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/ 
 textproc/htdig-3.1.5_1.tgz 

 FreeBSD Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/freebsd_advisory-1753.html 
  
 

+---------------------------------+
|  xsane                          | ----------------------------//
+---------------------------------+

A local user may be able to cause xsane (run by another user) to overwrite
any file for which the latter user has sufficient privilege. While it is
advisable to run XSane with a non-privileged user account, many users run
it using the root account, increasing the risk.

 FreeBSD [i386] 
 ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/ 
 graphics/xsane-0.82.tgz 

 ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/ 
 graphics/xsane-0.82.tgz 

 FreeBSD Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/freebsd_advisory-1754.html


  
+---------------------------------+
|  OpenSSH                        | ----------------------------//
+---------------------------------+

A malicious local user can pass environment variables to the login process
if the administrator enables the UseLogin option.  This can be abused to
bypass authentication and gain root access.  Note that this option is not
enabled by default on TSL.

 Mandrake: 
 PLAESE SEE ADVISORY FOR UPDATE 
 Mandrake Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/mandrake_advisory-1749.html 


 Trustix: 
 PLEASE SEE ADVISORY FOR UPDATE 

 Trustix Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1761.html


  
+---------------------------------+
|  kerberos                       | ----------------------------//
+---------------------------------+

A buffer overflow exists in the telnet portion of Kerberos that could
provide root access to local users.  MDKSA-2001:068 provided a similar fix
to the normal telnet packages, but the Kerberized equivalent was not
updated previously.

 Mandrake: 
 PLEASE SEE VENDOR ADVISORY 

 Mandrake Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/mandrake_advisory-1755.html


  


+---------------------------------+
|  libgtop                        | ----------------------------//
+---------------------------------+

A remote format string vulnerability was found in the libgtop daemon by
Laboratory intexxia.  By sending a specially crafted format string to the
server, a remote attacker could potentially execute arbitrary code on the
remote system with the daemon's permissions.

 Mandrake Linux 8.0: 
 8.0/RPMS/libgtop1-1.0.12-4.1mdk.i586.rpm 
 2a063541aa9f9a100dd4c65b732224fd 

 8.0/RPMS/libgtop1-devel-1.0.12-4.1mdk.i586.rpm 
 fb4cfb4b72e16121a6dab24e093b1de3 

 http://www.linux-mandrake.com/en/ftp.php3 

 Mandrake Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/mandrake_advisory-1763.html


  
+---------------------------------+
|  glibc                          | ----------------------------//
+---------------------------------+

While researching the recent globbing bugs in wu-ftpd, Flavio Veloso
discovered (with the assistance of Jakub Jelinek ) a buffer overflow in
glibc's glob(3)  implementation.  This vulnerability can only be triggered
by programs that use glibc's globbing functions.

 EnGarde: 
 http://ftp.engardelinux.org/pub/engarde/stable/updates/ 
 i386/glibc-2.1.3-1.0.4.i386.rpm 
 MD5 Sum:  6a59be712e55c3da6e027ba44599ab9e 

 i686/glibc-2.1.3-1.0.4.i386.rpm 
 MD5 Sum:  6a59be712e55c3da6e027ba44599ab9e 

 EnGarde Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1752.html 
  

 Immunix: 
 PLEASE SEE VENDOR ADVISORY 

 Immunix Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1757.html 

 Trustix: 
 PLEASE SEE VENDOR ADVISORY 

 Trustix Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1760.html 

 Red Hat: 
 PLEASE SEE VENDOR ADVISORY 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-1750.html


  

+---------------------------------+
|  Trustix kernel                 | ----------------------------//
+---------------------------------+

The 2.2.20 release of the Linux kernel fixes a number of bugs. In addition
there are some driver updates and SMP fixes in this package.


 PLEASE SEE ADVISORY FOR UPDATE 

 Trustix Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1762.html



------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux