Linux Advisory Watch - August 24th 2002

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  August 24th, 2002                        Volume 3, Number 34a |
+----------------------------------------------------------------+
 
  Editors:     Dave Wreski                Benjamin Thomas
               dave@linuxsecurity.com     ben@linuxsecurity.com
 
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for krb5, fam, konqueror, libpng,
phpmail, mantis, bugzilla, Red Hat kernel, kdelibs, and unixware.  The
vendors include Caldera, Debian, and Red Hat.


* Developing with open standards? 
* Demanding High Performance?  
 
Catch the Oracle9i JDeveloper wave now and check out how built-in
profilers and CodeCoach make your Java code tighter and faster than ever
before.
 
 --> Download your FREE copy of Oracle9i JDeveloper Today. 
 --> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=oracle4


FEATURE: PHP Secure Installation 
As we know that the vulnerabilities in PHP are increasing day by day there
comes the need to secure the PHP installation to the highest level. Due to
its popularity and its wide usage most of the developers and the
administrators will be in trouble if they don't take appropriate steps on
security issues during the installation.

http://www.linuxsecurity.com/feature_stories/feature_story-117.html


Find technical and managerial positions available worldwide.  Visit the
LinuxSecurity.com Career Center: http://careers.linuxsecurity.com
 

+---------------------------------+
|  Package: krb5                  | ----------------------------//
|  Date: 08-14-2002               |
+---------------------------------+

Description: 
Sun RPC is a remote procedure call framework which allows clients to
invoke procedures in a server process over a network.  XDR is a mechanism
for encoding data structures for use with RPC.  The Kerberos 5 network
authentication system contains an RPC library which includes an XDR
decoder derived from Sun's RPC implementation. The Sun implementation was
recently demonstrated to be vulnerable to a heap overflow.  It is believed
that the attacker needs to be able to authenticate to the kadmin daemon
for this attack to be successful.  No exploits are known to currently
exist.

Vendor Alerts: 

 Red Hat: 
 i386: 
 ftp://updates.redhat.com/7.3/en/os/i386/
 krb5-devel-1.2.4-2.i386.rpm 

 ftp://updates.redhat.com/7.3/en/os/i386/
 krb5-libs-1.2.4-2.i386.rpm 

 ftp://updates.redhat.com/7.3/en/os/i386/
 krb5-server-1.2.4-2.i386.rpm 

 ftp://updates.redhat.com/7.3/en/os/i386/ 
 krb5-workstation-1.2.4-2.i386.rpm 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/debian_advisory-2293.html
 


+---------------------------------+
|  Package: fam                   | ----------------------------//
|  Date: 08-15-2002               |
+---------------------------------+

Description: 
A flaw was discovered in FAM's group handling. In the effect users are
unable to FAM directories they have group read and execute permissions on.  
However, also unprivileged users can potentially learn names of files that
only users in root's group should be able to view.

Vendor Alerts: 

 Debian:  Intel IA-32 architecture: 
 http://security.debian.org/pool/updates/ 
 main/f/fam/fam_2.6.6.1-5.2_i386.deb 
 Size/MD5 checksum:    59410 ad9b2cb638c5a8c6516ca7762543c418 

 http://security.debian.org/pool/updates/ 
 main/f/fam/libfam-dev_2.6.6.1-5.2_i386.deb 
 Size/MD5 checksum:    29398 e38857597943d466c5e897dc780a4755 

 http://security.debian.org/pool/updates/ 
 main/f/fam/libfam0_2.6.6.1-5.2_i386.deb 
 Size/MD5 checksum:    32352 caa455f94ae2762987ae7787fc5dde46 

 Debian Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/debian_advisory-2293.html
 

  
 

+---------------------------------+
|  Package: konqueror             | ----------------------------//
|  Date: 08-18-2002               |
+---------------------------------+
 
Description: 
Users of Konqueror and other SSL enabled KDE software may fall victim
to a malicious man-in-the-middle attack without noticing. In such
case the user will be under the impression that there is a secure
connection with a trusted site while in fact a different site has
been connected to. 

Vendor Alerts: 

 KDE:  
 PLEASE SEE VENDOR ADVISORY FOR UPDATE 

 KDE Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-2295.html
 

  
  
  

+---------------------------------+
|  Package: libpng                | ----------------------------//
|  Date: 08-14-2002               |
+---------------------------------+

Description: 
The libpng package contains a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files. PNG
is a bit-mapped graphics format similar to the GIF format.  

Vendor Alerts: 

 Red Hat Linux 7.3: i386: 
 ftp://updates.redhat.com/7.3/en/os/i386/
 libpng-1.0.14-0.7x.3.i386.rpm 

 ftp://updates.redhat.com/7.3/en/os/i386/ 
 libpng-devel-1.0.14-0.7x.3.i386.rpm  

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-2296.html
 

  

+---------------------------------+
|  Package: phpmail               | ----------------------------//
|  Date: 08-15-2002               |
+---------------------------------+

Description: 
PHP is an HTML-embedded scripting language commonly used with Apache.
PHP versions 4.0.5 through 4.1.0 in safe mode do not properly cleanse
the 5th parameter to the mail() function. This vulnerability allows
local users and possibly remote attackers to execute arbitrary
commands via shell metacharacters. 

Vendor Alerts: 

 Red Hat Linux 7.3: 
 PLEASE SEE VENDOR ADVISORY FOR UPDATE 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-2298.html
 

  
  

+---------------------------------+
|  Package: mantis                | ----------------------------//
|  Date: 08-20-2002               |
+---------------------------------+

Description: 
Jeroen Latour pointed out that we missed one uninitialized variable
in DSA 153-1, which was insecurely used with file inclusions in the
Mantis package, a php based bug tracking system.  When such occasions
are exploited, a remote user is able to execute arbitrary code under
the webserver user id on the web server hosting the mantis system. 

Vendor Alerts: 

 Debian: 
 http://security.debian.org/pool/updates/main/m/mantis/
 mantis_0.17.1- 2.2_all.deb 

 Size/MD5 checksum:   249206 3891cfe394de49d7e57a4b4ed8f7db6f 

 Debian Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/debian_advisory-2300.html 
 
 

  

+---------------------------------+
|  Package: bugzilla              | ----------------------------//
|  Date: 08-20-2002               |
+---------------------------------+

Description: 
Bugzilla creates new directories with world-writable permissions and 
creates the params file with world-writable permissions, which allows
local users to modify the files and execute code. 

Vendor Alerts: 

 Red Hat: 
 noarch:  
 ftp://updates.redhat.com/7.1/en/powertools/
 noarch/bugzilla-2.14.3-1.noarch.rpm 

 PLEASE SEE VENDOR ADVISORY FOR UPDATE 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-2301.html 
 
 


+---------------------------------+
|  Package: kernel                | ----------------------------//
|  Date: 08-20-2002               |
+---------------------------------+

Description: 
Updated kernel packages are now available which fix an oops in the
i810 3D kernel code. This kernel update also fixes a difficult to
trigger race in the dcache (filesystem cache) code, as well as some
potential security holes, although we are not currently aware of any
exploits. 

Vendor Alerts: 

 Red Hat: i386:  
 ftp://updates.redhat.com/7.3/en/os/i386/
 kernel-2.4.18-10.i386.rpm  
 b2bacd0954832353ecddb507f087b338 

 ftp://updates.redhat.com/7.3/en/os/i386/
 kernel-source-2.4.18-10.i386.rpm  
 51bc76e8c016e00aa26d798a85f53759 

 ftp://updates.redhat.com/7.3/en/os/i386/
 kernel-doc-2.4.18-10.i386.rpm 
 91a1978068ee80c53a7500d4486b66e4  

 ftp://updates.redhat.com/7.3/en/os/i386/
 kernel-BOOT-2.4.18-10.i386.rpm 
 d105a7cc4d3e21bc9c5ace02f0b0152e 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-2301.html 
 
 


+---------------------------------+
|  Package: kdelibs               | ----------------------------//
|  Date: 08-17-2002               |
+---------------------------------+

Description: 
Due to a security engineering oversight, the SSL library from KDE,
which Konqueror uses, doesn't check whether an intermediate
certificate for a connection is signed by the certificate authority
as safe for the purpose, but accepts it when it is signed.  This
makes it possible for anyone with a valid VeriSign SSL site
certificate to forge any other VeriSign SSL site certificate, and
abuse Konqueror users. 

Vendor Alerts: 

 Debian: Intel IA-32 architecture:  
 http://security.debian.org/pool/updates/main/k/kdelibs/ 
 kdelibs3_2.2.2-13.woody.2_i386.deb 
 Size/MD5 checksum:  6617430 93a871489d1a1f32383b0c0514545a1a 

 http://security.debian.org/pool/updates/main/k/kdelibs/ 
 kdelibs3-bin_2.2.2-13.woody.2_i386.deb 
 Size/MD5 checksum:   104714 b289a9eb6b4533ae251c774e608fad7a 

 http://security.debian.org/pool/updates/main/k/kdelibs/ 
 libarts_2.2.2-13.woody.2_i386.deb 
 Size/MD5 checksum:   622918 dd63dcfcf246d68dd7290203ec728bb9 
  

 Debian Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/debian_advisory-2303.html 
 
 

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux