+----------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | April 19th, 2002 Volume 3, Number 16a | +----------------------------------------------------------------+ Editors: Dave Wreski Benjamin Thomas dave@linuxsecurity.com ben@linuxsecurity.com Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week.It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for libsafe, imp, syncache/syncookies, squid, webalizer, xpilot, and demarc. The vendors include Debian, FreeBSD, and Mandrake. * FREE SSL Guide from Thawte - Are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://www.gothawte.com/rd247.html Build Complete Internet Presence Quickly and Securely! EnGarde Secure Linux has everything necessary to create thousands of virtual Web sites, manage e-mail, DNS, firewalling, and database functions for an entire organization, all using a secure Web-based front-end. Engineered to be secure and easy to use!Don't jeopardize your organization with an off-the shelf Linux! http://www.guardiandigital.com/promo/ls150402.html +---------------------------------+ | libsafe | ----------------------------// +---------------------------------+ Wojciech Purczynski discovered that format string protection in libsafe can be easily bypassed by using flag characters that are implemented in glibc but are not implemented in libsafe. It was also discovered that *printf function wrappers incorrectly parse argument indexing in format strings, making some incorrect assumptions on the number of arguments and conversion specifications. Mandrake Linux 8.2: http://www.mandrakesecure.net/en/ftp.php 8.2/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm 4de44dea8f94c02d3f4350479dafe4e5 Mandrake Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-2018.html +---------------------------------+ | imp | ----------------------------// +---------------------------------+ A cross-site scripting (CSS) problem was discovered in Horde and IMP (a web based IMAP mail package). Debian: Architecture independent archives: http://security.debian.org/dists/stable/updates/main/ binary-all/horde_1.2.6-0.potato.5_all.deb MD5 checksum: df0fe8f732da4edee3f78202c9e2127a http://security.debian.org/dists/stable/updates/main/ binary-all/imp_2.2.6-0.potato.5_all.deb MD5 checksum: ffd216c15b27c1c3449512a5ccaa5af2 Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-2019.html Caldera Vendor Advisory: http://www.linuxsecurity.com/advisories/caldera_advisory-2020.html +---------------------------------+ | syncache/syncookies | ----------------------------// +---------------------------------+ Legitimate TCP/IP traffic may cause the machine to crash. Two related problems with syncache were triggered when syncookies were implemented. FreeBSD: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/ SA-02:20/syncache.patch FreeBSD Vendor Advisory: http://www.linuxsecurity.com/advisories/freebsd_advisory-2021.html +---------------------------------+ | squid | ----------------------------// +---------------------------------+ A security issue has recently been found and fixed in the Squid-2.X releases up to and including 2.4.STABLE4. Error and boundary conditions were not checked when handling compressed DNS answer messages in the internal DNS code (lib/rfc1035.c). A malicous DNS server could craft a DNS reply that causes Squid to exit with a SIGSEGV. Mandrake Linux 8.2: 8.2/RPMS/squid-2.4.STABLE6-1.1mdk.i586.rpm 48854ffb620b739d98bf2a4d93aa761e http://www.mandrakesecure.net/en/ftp.php Mandrake Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-2022.html +---------------------------------+ | webalizer | ----------------------------// +---------------------------------+ The webalizer has the ability to perform reverse DNS lookups. This ability is disabled by default, but if enabled, an attacker with command over his own DNS service, has the ability to gain remote root acces to a machine, due to a remote buffer overflow in the reverse resolving code. PLEASE SEE VENDOR ADVISORY Webalizer Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-2023.html +---------------------------------+ | xpilot | ----------------------------// +---------------------------------+ An internal audit by the xpilot (a multi-player tactical manoeuvring game for X) maintainers revealed a buffer overflow in xpilot server. This overflow can be abused by remote attackers to gain access to the server under which the xpilot server is running. Debian: Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/main/binary-i386/ xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_i386.deb MD5 checksum: f0d1306de990f6160ba5cc3e1580b2b2 http://security.debian.org/dists/stable/updates/main/binary-i386/ xpilot-client-nosound_4.1.0-4.U.4alpha2.4.potato1_i386.deb MD5 checksum: 28b1c0e638e142f93eb2af7ca71f80d5 http://security.debian.org/dists/stable/updates/main/binary-i386/ xpilot-client-rplay_4.1.0-4.U.4alpha2.4.potato1_i386.deb MD5 checksum: 4bb509a8a5711bc570c9e2645b926a35 http://security.debian.org/dists/stable/updates/main/binary-i386/ xpilot-server_4.1.0-4.U.4alpha2.4.potato1_i386.deb MD5 checksum: b2c7cf184d6ff9b9b52e7e5a324ff3d7 Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-2024.html +---------------------------------+ | demarc | ----------------------------// +---------------------------------+ Earlier today we were informed indirectly via a bugtraq posting, of a security issue in the 1.05 version of our software. While were already scheduled to release version 1.6 of the software tomorrow, it is advised that you apply the following official patch to your current installation. On untrusted networks, the bug could lead to acquisition of administrative privileges within the Console. PLEASE SEE VENDOR ADVISORY Demarc Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-2025.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@linuxsecurity.com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------