+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| March 21st, 2002 Volume 3, Number 12a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@linuxsecurity.com ben@linuxsecurity.com
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.
This week, the advisories were released for cups, zlib, listar, kdm,
imlib. The vendors include Debian, Mandrake, Red Hat, and Trustix.
Although the the only additional distribution to add a zlib advisory this
week was Trustix, many other distributions remain vulnerable. A complete
list of zlib advisories care be found here:
http://www.linuxsecurity.com/articles/forums_article-4608.html
Security and Simplicity - Are you looking for a solution that provides the
applications necessary to easily create thousands of virtual Web sites,
manage e-mail, DNS, firewalling database functions for an entire
organization, and supports high-speed broadband connections all using a
Web-based front-end? EnGarde Secure Professional provides those features
and more!
http://store.guardiandigital.com/html/eng/493-AA.shtml
FEATURE: Linux Data Hiding and Recovery - Just when you thought your data
was removed forever, Anton Chuvakin shows us how to recover data and even
how data can surruptitiously be hidden within space on the filesystem.
http://www.linuxsecurity.com/feature_stories/data-hiding-forensics.html
+---------------------------------+
| cups | ----------------------------//
+---------------------------------+
The Common UNIX Printing System, CUPS, provides a portable printing layer.
A buffer overflow in the ippRead function of CUPS before version 1.1.14
may allow attackers to execute arbitrary code via long attribute names or
language values.
Red Hat i386:
ftp://updates.redhat.com/7.0/en/powertools/
i386/cups-1.1.14-5.i386.rpm
e7e881cc76957fadaa019e7bc386ef01
ftp://updates.redhat.com/7.0/en/powertools/
i386/cups-devel-1.1.14-5.i386.rpm
958400dd5e7425be92a97e3f4df03da5
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1984.html
+---------------------------------+
| zlib | ----------------------------//
+---------------------------------+
zlib version 1.1.3 and lower contains a vulnerability which, in a worst
case scenario, might allow an attacker to execute arbitary code. This
problem is solved by upgrading to the new release of zlib.
PLEASE SEE VENDOR ADVISORY FOR UPDATE
Trustix Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-1986.html
+---------------------------------+
| zlib | ----------------------------//
+---------------------------------+
Janusz Niewiadomski and Wojciech Purczynski reported a buffer overflow in
the address_match of listar (a listserv style mailing-list manager).
Debian Intel IA-32 architecture:
http://security.debian.org/dists/stable/
updates/main/binary-i386/listar- cgi_0.129a-2.potato1_i386.deb
MD5 checksum: 51d454473b8f1ff57dc5ed5f38395dea
http://security.debian.org/dists/stable/
updates/main/binary-i386/listar_0.129a-2.potato1_i386.deb
MD5 checksum: 5d0f77b0846f256fc12e69146fb9b8b6
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-1985.html
+---------------------------------+
| kdm | ----------------------------//
+---------------------------------+
A problem was discovered with the default configuration of the kdm display
manager in Mandrake Linux. By default, it allows XDMCP connections from
any host, which can be used to obtain a login screen on your system
remotely. This can be used to get a list of users on that host, as
displayed by kdm. It can also be used to circumvent access control
mechanisms such as tcpwrappers and root login restrictions on the console
and via remote.
PLEASE SEE VENDOR ADVISORY FOR UPDATE
Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-1987.html
+---------------------------------+
| imlib | ----------------------------//
+---------------------------------+
Imlib versions prior to 1.9.13 would fall back to loading images via the
NetPBM package, which has various problems that make it unsuitable for
loading untrusted images. Imlib 1.9.13 also fixes various problems in
arguments passed to malloc(). These problems may allow attackers to
construct images that, when loaded by a viewer using Imlib, could cause
crashes or potentially the execution of arbitrary code.
Red Hat 7.2 i386:
ftp://updates.redhat.com/7.2/en/os/i386/
imlib-1.9.13-2.7.x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/
imlib-cfgeditor-1.9.13-2.7.x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/
imlib-devel-1.9.13-2.7.x.i386.rpm
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1988.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
