+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| April 26th, 2002 Volume 3, Number 17a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@linuxsecurity.com ben@linuxsecurity.com
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability. This week, advisories were released for the FreeBSD kernel,
webalizer, sudo, PHPprojekt, ethereal, icecast, and squid. The vendors
include Caldera, Conectiva, Debian, EnGarde, FreeBSD, and Red Hat.
* FREE Apache SSL Guide from Thawte -
Are you worried about your web server security? Click here to get a FREE
Thawte Apache SSL Guide and find the answers to all your Apache SSL
security needs.
--> http://www.gothawte.com/rd248.html
Build Complete Internet Presence Quickly and Securely!
EnGarde Secure Linux has everything necessary to create thousands of
virtual Web sites, manage e-mail, DNS, firewalling, and database functions
for an entire organization, all using a secure Web-based front-end.
Engineered to be secure and easy to use!Don't jeopardize your organization
with an off-the shelf Linux!
http://www.guardiandigital.com/promo/ls150402.html
+---------------------------------+
| FreeBSD kernel | ----------------------------//
+---------------------------------+
Local users may gain superuser privileges. It is known that the `keyinit'
set-user-id program is exploitable using this method. There may be other
programs that are exploitable.
PLEASE SEE VENDOR ADVISORY FOR UPDATE
FreeBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/freebsd_advisory-2026.html
+---------------------------------+
| webalizer | ----------------------------//
+---------------------------------+
The Webalizer is a fast, free web server log file analysis program. It
produces highly detailed, easily configurable usage reports in HTML
format, for viewing with a standard web browser. Webalizer also has the
ability to perform reverse DNS lookups. An attacker with control over the
victims DNS may spoof responses thus triggering a buffer overflow,
potentially leading to a root compromise.
EnGarde Linux:
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
Binary Packages:
i386/webalizer-2.01-1.0.4.i386.rpm
MD5 Sum: 26d607aa844675e643ac1cbb37c66363
i686/webalizer-2.01-1.0.4.i686.rpm
MD5 Sum: 5da5952a4d1ff859e4d96b9d8ab02793
EnGarde Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-2027.html
+---------------------------------+
| sudo | ----------------------------//
+---------------------------------+
A popular utility for allowing users to execute commands as other users
contains a vulnerability which may be exploited to execute arbitrary
commands. A local user may gain root access through corruption of the
heap.
Sudo Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-2028.html
Debian Intel IA-32 architecture:
http://security.debian.org/dists/stable/updates/main/
binary-i386/sudo_1.6.2p2-2.2_i386.deb
MD5 checksum: 9ac9b91818dd7b2f2888aa39aac0da98
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2031.html
Red Hat Powertools i386:
ftp://updates.redhat.com/6.2/en/powertools/i386/
sudo-1.6.5p2-1.6x.1.i386.rpm
be8e7188bf17c3e30dd563c77bf42d72
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2032.html
Red Hat 7.2 i386:
ftp://updates.redhat.com/7.2/en/os/i386/
sudo-1.6.5p2-1.7x.1.i386.rpm
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2033.html
+---------------------------------+
| PHPprojekt | ----------------------------//
+---------------------------------+
Mutiple problems exist. The first security hole was reported to the
vendor on the 15th of March, and the last one a couple of weeks later.
Version 3.2, which is not vulnerable to any of these issues, was released
on the 11th of April.
PHProjekt Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-2029.html
+---------------------------------+
| ethereal | ----------------------------//
+---------------------------------+
Due to improper string parsing in ASN.1 routines, it is possible to crash
ethereal by inserting malformed packets in the wire or by opening a trace
file with such packets inside. SNMP, LDAP, COPS and Kerberos parsers use
the ASN routines to handle traffic.
Conectiva:
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/
ethereal-0.9.3-1U70_1cl.i386.rpm
Conectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-2030.html
+---------------------------------+
| icecast | ----------------------------//
+---------------------------------+
Buffer overflows in Icecast 1.3.11 and earlier allow remote attackers to
execute arbitrary code via a long HTTP GET request. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2002-0177 to this issue.
Red Hat Powertools i386:
ftp://updates.redhat.com/7.1/en/powertools/i386/
icecast-1.3.12-1.i386.rpm
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2034.html
+---------------------------------+
| squid | ----------------------------//
+---------------------------------+
From Squid advisory SQUID-2002:2 : Error and boundary conditions were not
checked when handling compressed DNS answer messages in the internal DNS
code (lib/rfc1035.c). A malicious DNS server could craft a DNS reply that
would cause Squid to exit with a SIGSEGV.
OpenLinux 3.1 Server
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/
Server/current/RPMS
squid-2.4.STABLE2-4.i386.rpm
9a72c528ba333d87e1d6719340ee768b
Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-2035.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
