+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| February 14th, 2002 Volume 4, Number 7a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@linuxsecurity.com ben@linuxsecurity.com
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilitiaes that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for w3m, wml-net, hypermail,
postgresql, lynx, python, pam_xauth, fileutils, and mozilla. The
distributors include Conectiva, Debian, Mandrake, and Red Hat.
FREE GUIDE-128-bit encryption
Thawte is one of the few companies that offers 128 bit supercerts. A
supercerts will allow you to extend the highest allowed 128 bit
encryption to all your clients even if they use browsers that are limited
to 40 bit encryption. Download a guide to learn more.
--> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte10
Remote Syslog with MySQL and PHP Msyslog has the ability to log syslog
messages to a database. This allows for easier monitoring of multiple
servers and the ability to be display and search for syslog messages using
PHP or any other programming language that can communicate with the
database.by that, too.
http://www.linuxsecurity.com/feature_stories/feature_story-138.html
---------------------------------------------------------------------
CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner!
Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
Editor's Choice Award, EnGarde "walked away with our Editor's Choice award
thanks to the depth of its security strategy..." Find out what the other
Linux vendors are not telling you.
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2
---------------------------------------------------------------------
Review: Mastering Network Security, Second Edition - The introduction
states that this book is aimed at systems administrators who are not
security experts, but have some responsibility for ensuring the integrity
of their systems. That would seem to cover most sysadmins.
http://www.linuxsecurity.com/feature_stories/feature_story-137.html
+---------------------------------+
| Package: w3m | ----------------------------//
| Date: 02-07-2003 |
+---------------------------------+
Description:
An XSS vulnerability in w3m 0.3.2 allows remote attackers to insert
arbitrary HTML and web script into frames. Frames are disabled by default
in the version of w3m shipped with Red Hat Linux. Therefore, this problem
will not appear as long as users do not use w3m with the -F option, or
enable frame support in either the /etc/w3m/w3mconfig or ~/.w3m/config
configuration files. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2002-1335 to this issue.
Vendor Alerts:
Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/w3m-0.3.1-6.i386.rpm
3c79d5d3d0c74262c5b911b78aa7342e
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-2826.html
Debian:
http://security.debian.org/pool/updates/main/w/w3mmee/
w3mmee_0.3.p23.3-1.5_i386.deb
Size/MD5 checksum: 521574 3f177cd8f1861af383a4bad617b833d3
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2846.html
+---------------------------------+
| Package: uml-net | ----------------------------//
| Date: 02-07-2003 |
+---------------------------------+
Description:
The kernel-utils package contains several utilities that can be used to
control the kernel or machine hardware. In Red Hat Linux 8.0 this package
contains user mode linux (UML) utilities.
Vendor Alerts:
Red Hat:
40a718a6037b55941a289fa6adc5f0f5
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2844.html
+---------------------------------+
| Package: hypermail | ----------------------------//
| Date: 02-07-2003 |
+---------------------------------+
Description:
An attacker could craft a long filename for an attachment that would
overflow two buffers when a certain option for interactive use was given,
opening the possibility to inject arbitrary code. This code would then be
executed under the user id hypermail runs as, mostly as a local user.
Automatic and silent use of hypermail does not seem to be affected.
Vendor Alerts:
Debian:
http://security.debian.org/pool/updates/main/h/hypermail/
hypermail_2.0b25-1.1_i386.deb
Size/MD5 checksum: 145048 987bb3659b98eb4dc7e020afd58c24ac
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2845.html
+---------------------------------+
| Package: postgresql | ----------------------------//
| Date: 02-11-2003 |
+---------------------------------+
Description:
Vulnerabilities were discovered in the Postgresql relational database by
Mordred Labs. These vulnerabilities are buffer overflows in the rpad(),
lpad(), repeat(), and cash_words() functions. The Postgresql developers
also fixed a buffer overflow in functions that deal with time/date and
timezone.
Vendor Alerts:
Mandrake:
PLEASE SEE VENDOR ADVISORY FOR UPDATE
Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-2847.html
+---------------------------------+
| Package: lynx | ----------------------------//
| Date: 02-11-2003 |
+---------------------------------+
Description:
Updated lynx packages are available that fix an error in the way lynx
parses its command line arguments, which can lead to faked headers being
sent to a web server.
Vendor Alerts:
Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/lynx-2.8.5-7.1.i386.rpm
96fd9d05a357e6a0d11d5a2916b90485
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2848.html
+---------------------------------+
| Package: python | ----------------------------//
| Date: 02-11-2003 |
+---------------------------------+
Description:
An insecure use of a temporary file has been found in Python. This
erratum provides updated Python packages.
Vendor Alerts:
Red Hat:
PLEASE SEE VENDOR ADVISORY FOR UPDATE
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2849.html
+---------------------------------+
| Package: pam_xauth | ----------------------------//
| Date: 02-11-2003 |
+---------------------------------+
Description:
Updated PAM packages are now available for Red Hat Linux 7.1, 7.2, 7.3,
and 8.0. These packages correct a bug in pam_xauth's handling of
authorization data for the root user.
Vendor Alerts:
Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/pam-0.75-46.8.0.i386.rpm
25ebcb39f56c98cc064c34b2d048ed35
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2850.html
+---------------------------------+
| Package: fileutils | ----------------------------//
| Date: 02-12-2003 |
+---------------------------------+
Description:
A race condition in the recursive use of 'rm' and 'mv' in fileutils 4.1
and earlier could allow local users to delete files and directories (as
the user running fileutils) if the user has write access to part of the
tree being moved or deleted.
Vendor Alerts:
Red Hat:
ftp://updates.redhat.com/7.3/en/os/i386/fileutils-4.1-10.1.i386.rpm
d8a014f87a6aa623c36620ba96178698
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2851.html
+---------------------------------+
| Package: mozilla | ----------------------------//
| Date: 02-13-2003 |
+---------------------------------+
Description:
A remote attacker could exploit these vulnerabilities by creating
malicious web pages that, when acessed, would crash the browser,
potentially allow remote arbitrary code execution or cause some sort of
unexpected behavior.
Vendor Alerts:
Conectiva:
PLEASE SEE VENDOR ADVISORY FOR UPDATE
Conectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/connectiva_advisory-2853.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
