+----------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | February 22nd, 2002 Volume 3, Number 8a | +----------------------------------------------------------------+ Editors: Dave Wreski Benjamin Thomas dave@linuxsecurity.com ben@linuxsecurity.com Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week.It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for cups, snmp, hanterm,. uucp, ncurses, squid, and gnujsp. The vendors include Caldera, Conectiva, Debian, FreeBSD, and Mandrake. FEATURE: Building a Virtual Honeynet - Hisham shares his experiences with building a virtual honeynet on his existing Linux box. He describes data capture and control techniques, the types of honeynets, and configuration changes to get one running on your system. http://www.linuxsecurity.com/feature_stories/feature_story-100.html FREE Apache SSL Guide from Thawte Planning Web Server Security? Find out how to implement SSL! Get the free Thawte Apache SSL Guide and find the answers to all your Apache SSL security issues and more at: http://www.gothawte.com/rd182.html Why be vulnerable? Its your choice. - Are you looking for a solution that provides the applications necessary to easily create thousands of virtual Web sites, manage e-mail, DNS, firewalling database functions for an entire organization, and supports high-speed broadband connections all using a Web-based front-end? EnGarde Secure Professional provides those features and more! http://store.guardiandigital.com +---------------------------------+ | cups | ----------------------------// +---------------------------------+ There is a potential buffer overflow vulnerability in CUPS when reading the names of attributes. This bug affects all versions of CUPS and is fixed upstream in version 1.1.14. Mandrake Linux 8.1: 8.1/RPMS/cups-1.1.10-9.1mdk.i586.rpm 25b44ff88d1cc95387827526b576dfcd 8.1/RPMS/cups-common-1.1.10-9.1mdk.i586.rpm 27718fa74c9d1af3a282295546c88444 8.1/RPMS/cups-serial-1.1.10-9.1mdk.i586.rpm 8f2f1fcf331dfdd38e8222c1c1b5159f 8.1/RPMS/libcups1-1.1.10-9.1mdk.i586.rpm a9ee9e6c95cfe25ef465247717d49429 8.1/RPMS/libcups1-devel-1.1.10-9.1mdk.i586.rpm 43c5a9bd5e6b1fb40958986201bd00a7 http://www.mandrakesecure.net/en/ftp.php Mandrake Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-1898.html +---------------------------------+ | snmp | ----------------------------// +---------------------------------+ The Oulu University Secure Programming Group (OUSPG) has identified numerous vulnerabilities in multiple vendor SNMPv1 implementations. These vulnerabilities may allow unauthorized privileged access, denial of service attacks, or unstable behaviour. Mandrake Linux 8.1: 8.1/RPMS/libsnmp0-4.2.3-1.1mdk.i586.rpm f35c85a83c83019da401f960a17820a7 8.1/RPMS/libsnmp0-devel-4.2.3-1.1mdk.i586.rpm ec1674b1a01486383218fec8d3bdeaa2 8.1/RPMS/ucd-snmp-4.2.3-1.1mdk.i586.rpm c1bbbce3d1edeb366af8207476f8bba4 8.1/RPMS/ucd-snmp-utils-4.2.3-1.1mdk.i586.rpm ec1118634eb28a4f78a37c7dcbb4b122 http://www.mandrakesecure.net/en/ftp.php Mandrake Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-1897.html +---------------------------------+ | hanterm | ----------------------------// +---------------------------------+ A set of buffer overflow problems have been found in hanterm, a Hangul terminal for X11 derived from xterm, that will read and display Korean characters in its terminal window. The font handling code in hanterm uses hard limited string variables but didn't check for boundaries. Intel ia32 architecture: http://security.debian.org/dists/stable/updates/main/ binary-i386/hanterm_3.3.1p17-5.2_i386.deb MD5 checksum: 26f7bfa946ded30fdb9a1bf6a22558d7 Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-1899.html +---------------------------------+ | uucp | ----------------------------// +---------------------------------+ UUCP is a Unix to Unix transfer mechanism. It is used primarily for remote sites to download and upload email and news files to local machines. ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ uucp-1.06.2-10U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ uucp-cu-1.06.2-10U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ uucp-doc-1.06.2-10U70_1cl.i386.rpm Conectiva Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-1900.html Caldera Vendor Advisory: http://www.linuxsecurity.com/advisories/caldera_advisory-1903.html +---------------------------------+ | ncurses | ----------------------------// +---------------------------------+ Several buffer overflows were fixed in the "ncurses" library in November 2000. Unfortunately, one was missed. This can lead to crashes when using ncurses applications in large windows. Debian Intel ia32 architecture: http://security.debian.org/dists/potato/updates/main/ binary-i386/libncurses5-dbg_5.0-6.0potato2_i386.deb MD5 checksum: 5c43981090144c8c19d37f455056dac9 http://security.debian.org/dists/potato/updates/main/ binary-i386/libncurses5-dev_5.0-6.0potato2_i386.deb MD5 checksum: 476bd2329a991423df2fadf7097c710a http://security.debian.org/dists/potato/updates/main/ binary-i386/libncurses5_5.0-6.0potato2_i386.deb MD5 checksum: ca7e31dc8bb7b2132732749a08ef520b http://security.debian.org/dists/potato/updates/main/ binary-i386/ncurses-bin_5.0-6.0potato2_i386.deb MD5 checksum: 2029230b29eab7e755b0a533eff7fe10 Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-1901.html Red Hat Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-1907.html +---------------------------------+ | squid | ----------------------------// +---------------------------------+ An attacker with the ability to send packets to the Squid SNMP port can cause Squid to run out of memory and crash. (NOTE: The FreeBSD port does not have SNMP enabled by default.) FreeBSD: PLEASE SEE VENDOR ADVISORY FreeBSD Vendor Advisory: http://www.linuxsecurity.com/advisories/freebsd_advisory-1904.html General Squid Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-1906.html +---------------------------------+ | gnujsp | ----------------------------// +---------------------------------+ Thomas Springer found a vulnerability in GNUJSP, a Java servlet that allows you to insert Java source code into HTML files. The problem can be used to bypass access restrictions in the web server. An attacker can view the contents of directories and download files directly rather then receiving their HTML output. This means that the source code of scripts could also be revealed. Debian Architecture independent components: http://security.debian.org/dists/stable/updates/ contrib/binary-all/gnujsp_1.0.0-5_all.deb MD5 checksum: 1e88d28cf4898287c55a2b2f2465cb84 Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/caldera_advisory-1905.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@linuxsecurity.com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------