+----------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | June 21st, 2002 Volume 3, Number 25a | +----------------------------------------------------------------+ Editors: Dave Wreski Benjamin Thomas dave@linuxsecurity.com ben@linuxsecurity.com Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week.It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for apache, fetchmail, and dhcp. The vendors include Caldera, Conectiva, Debian, EnGarde, FreeBSD, Red Hat, SuSE, and Trustix. * Developing with open standards? Demanding High Performance? - Catch the Oracle9i JDeveloper wave now and check out howbuilt-in profilers and CodeCoach make your Java code tighterand faster than ever before.Download your FREE copy of Oracle9i J Developer Today. http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=oracle1 FEATURE: FTP Attack Case Study Part II: the Lessons This article presents part II of a case study related to a company network server compromise. Lessons on designing and implementing security are drawn from the case. Computer forensics investigation was undertaken and results are presented. The article provides an opportunity to follow the trail of incident response for a real case. http://www.linuxsecurity.com/feature_stories/ftp-analysis-part2.html EnGarde Secure Linux walks away with Network Computing Editor's Choice: "EnGarde walked away with our Editor's Choice award thanks to the depth of its security strategy, which covers nearly all the bases. Everything from the low-level mechanisms (binary integrity checking and stack protection) to high-level usability issues (including an excellent patching interface) demonstrate the serious effort the Guardian Digital crew has invested in EnGarde." http://www.linuxsecurity.com/articles/vendors_products_article-5106.html +---------------------------------+ | apache | ----------------------------// +---------------------------------+ Versions of the Apache web server up to and including 1.3.24 and 2.0 up to and including 2.0.36 and 2.0.36-dev versions contain a bug in the routines which deal with invalid requests which are encoded using chunked encoding. This bug can be triggered remotely by sending a carefully crafted invalid request. This functionality is enabled by default. You can find a summary of the issues surrounding the recent Apache vulnerability written by Eric Lubow of LinuxSecurity at the following URL: Apache Web Server Security Alert (Update) http://www.linuxsecurity.com/articles/server_security_article-5157.html Apache Advisory: http://www.linuxsecurity.com/advisories/other_advisory-2135.html EnGarde: ftp://ftp.engardelinux.org/pub/engarde/stable/updates/ i386/apache-1.3.26-1.0.30.i386.rpm MD5 Sum: 9aae083982d3a191020813b44c3a18e2 EnGarde Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-2137.html Conectiva: ftp://atualizacoes.conectiva.com.br/8/RPMS/ apache-1.3.26-1U8_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/ apache-devel-1.3.26-1U8_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/ apache-doc-1.3.26-1U8_1cl.i386.rpm Conectiva Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-2145.html Red Hat Linux 7.3: i386: ftp://updates.redhat.com/7.3/en/os/i386/ apache-1.3.23-14.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/ apache-devel-1.3.23-14.i386.rpm ftp://updates.redhat.com/7.3/en/os/i386/ apache-manual-1.3.23-14.i386.rpm Red Hat Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-2143.html Red Hat Stronghold Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-2146.html SuSE 8.0 i386 Intel Platform: ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/ apache-1.3.23- 120.i386.patch.rpm 58752b3a35523263428c325b340c9ae8 ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/ apache-1.3.23-120.i386.rpm b52837fe3f8512155ae93f7462526841 SuSE Vendor Advisory: http://www.linuxsecurity.com/advisories/suse_advisory-2139.html Trustix: ftp://ftp.trustix.net/pub/Trustix/updates/ ./1.5/RPMS/apache-devel-1.3.26-1tr.i586.rpm facbc7ea75788eaa943a0952ae257374 ./1.5/RPMS/apache-1.3.26-1tr.i586.rpm 0cf4ea9e0eddda3abf9aeb8571296a7c Trustix Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-2147.html Debian Intel IA-32 architecture: http://security.debian.org/dists/stable/updates/ main/binary-i386/apache-common_1.3.9-14.1_i386.deb MD5 checksum: 1d4b57055b1f292d6a970a66294f887d http://security.debian.org/dists/stable/updates/ main/binary-i386/apache-dev_1.3.9-14.1_i386.deb MD5 checksum: 857a57d16e39b52c4f29884e3b6d8140 http://security.debian.org/dists/stable/updates/ main/binary-i386/apache_1.3.9-14.1_i386.deb MD5 checksum: 97e213fda0d0ff92036f368721239562 Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-2138.html FreeBSD: PLEASE SEE VENDOR ADVISORY FreeBSD Vendor Advisory: http://www.linuxsecurity.com/advisories/freebsd_advisory-2144.html +---------------------------------+ | fetchmail | ----------------------------// +---------------------------------+ The fetchmail email client does not properly limit the maximum number of messages available. This allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array. Caldera: ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS fetchmail-5.8.17-3.i386.rpm fe2a12a46105337465eaade27dcdfd19 fetchmailconf-5.8.17-3.i386.rpm 5ee700b144f9888d71760c68af7bdd10 Caldera Vendor Advisory: http://www.linuxsecurity.com/advisories/caldera_advisory-2136.html +---------------------------------+ | dhcp | ----------------------------// +---------------------------------+ A remote exploitable format string vulnerability was found in the logging routines of the dynamic DNS code of dhcpd. This vulnerability can allow an attacker to get root access to the host running dhcpd. Caldera: ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS dhcp-3.0b2pl9-11.i386.rpm 09faf40bb1b20919080b3a3ed36d8081 dhcp-server-3.0b2pl9-11.i386.rpm 55c93437d6573cb8132a16ccd2c6c69e Caldera: http://www.linuxsecurity.com/advisories/caldera_advisory-2142.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@linuxsecurity.com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------