+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| April 25th, 2002 Volume 4, Number 16a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilitiaes that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for vixie-cron, tcpdump, balsa,
sendmail-wide, ircii, mime-support, kdelibs, gkrellm, snort, ethereal, and
xinetd. The distributors include Contectiva, Debian, Mandrake, Red Hat,
Slackware, SuSE, and Turbo Linux.
Thawte: Certify your Software Integrity.
As a software developer you know that the product you make available on
the Internet can be tampered with if it is not secured. Our Free Guide
will show you how to securely distribute your code over the Internet and
how these certificates operate with different software platforms:
Find out more!
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte15
Days of the Honeynet: Attacks, Tools, Incidents - Among other benefits,
running a honeynet makes one acutely aware about "what is going on" out
there. While placing a network IDS outside one's firewall might also
provide a similar flood of alerts, a honeypot provides a unique
prospective on what will be going on when a related server is compromised
used by the intruders.
http://www.linuxsecurity.com/feature_stories/feature_story-141.html
--------------------------------------------------------------------
* Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
unparalleled in security, ease of management, and features. Open source
technology constantly adapts to new threats. Email firewall, simplified
administration, automatically updated.
--> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2
--------------------------------------------------------------------
Making It Big: Large Scale Network Forensics (Part 1 of 2) - Computer
forensics have hit the big time. A previously superniche technology,
forensics have moved into the collective consciousness of IT sys. admins.
and Corporate CSOs.
http://www.linuxsecurity.com/feature_stories/feature_story-139.html
+---------------------------------+
| Package: vixie-cron | ----------------------------//
+---------------------------------+
Description:
The vixie-cron package contains the Vixie version of cron. Cron is a
standard UNIX daemon that runs specified programs at scheduled times.
Vendor Alerts:
Conectiva:
Contectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/connectiva_advisory-3187.html
+---------------------------------+
| Package: tcpdump | ----------------------------//
+---------------------------------+
Description:
tcpdump fails to check the boundaries of some buffers when parsing NFS
traffic. A remote atacker can exploit this vulnerability to crash the
tcpdump process or to potentially execute arbitrary code with the
privileges of the user running it (tcpdump is usually run by the root
user). This vulnerability was discovered by the tcpdump developers.
Vendor Alerts:
Conectiva:
Contectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/connectiva_advisory-3191.html
Red Hat:
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-3198.html
+---------------------------------+
| Package: balsa | ----------------------------//
+---------------------------------+
Description:
An attacker who is able to control an IMAP server accessed by Balsa can
exploit this vulnerability to remotely crash the client or execute
arbitrary code with the privileges of the user running it. This update
fixes this vulnerability.
Vendor Alerts:
Conectiva:
Contectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/connectiva_advisory-3195.html
+---------------------------------+
| Package: sendmail-wide | ----------------------------//
+---------------------------------+
Description:
Michal Zalewski discovered a buffer overflow, triggered by a char to int
conversion, in the address parsing code in sendmail, a widely used
powerful, efficient, and scalable mail transport agent. This problem is
potentially remotely exploitable.
Vendor Alerts:
Debian:
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3188.html
+---------------------------------+
| Package: ircii | ----------------------------//
+---------------------------------+
Description:
Timo Sirainen discovered several problems in ircII, a popular client for
Internet Relay Chat (IRC). A malicious server could craft special reply
strings, triggering the client to write beyond buffer boundaries. This
could lead to a denial of service if the client only crashes, but may also
lead to executing of arbitrary code under the user id of the chatting
user.
Vendor Alerts:
Debian:
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3188.html
+---------------------------------+
| Package: mime-support | ----------------------------//
+---------------------------------+
Description:
Colin Phipps discovered several problems in mime-support, that contains
support programs for the MIME control files 'mime.types' and 'mailcap'.
When a temporary file is to be used it is created insecurely, allowing an
attacker to overwrite arbitrary under the user id of the person executing
run-mailcap, most probably root. Additionally the program did not properly
escape shell escape characters when executing a command. This is unlikely
to be exploitable, though.
Vendor Alerts:
Debian:
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3193.html
http://www.linuxsecurity.com/advisories/debian_advisory-3196.html
+---------------------------------+
| Package: kdelibs | ----------------------------//
+---------------------------------+
Description:
The KDE team discoverd a vulnerability in the way KDE uses Ghostscript
software for processing of PostScript (PS) and PDF files. An attacker
could provide a malicious PostScript or PDF file via mail or websites that
could lead to executing arbitrary commands under the privileges of the
user viewing the file or when the browser generates a directory listing
with thumbnails.
Vendor Alerts:
Debian:
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3197.html
Mandrake:
Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-3189.html
Slackware:
Slackware Vendor Advisory:
http://www.linuxsecurity.com/advisories/slackware_advisory-3190.html
SuSE
SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-3201.html
+---------------------------------+
| Package: gkrellm | ----------------------------//
+---------------------------------+
Description:
There are multiple vulnerabilities in gkrellm.
Vendor Alerts:
Debian:
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3199.html
+---------------------------------+
| Package: snort | ----------------------------//
+---------------------------------+
Description:
The Sourcefire Vulnerability Research Team has learned of an integer
overflow in the Snort stream4 preprocessor used by the Sourcefire Network
Sensor product line. The Snort stream4 preprocessor (spp_stream4)
incorrectly calculates segment size parameters during stream reassembly
for certain sequence number ranges which can lead to an integer overflow
that can be expanded to a heap overflow.
Vendor Alerts:
Gentoo:
Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/gentoo_advisory-3194.html
+---------------------------------+
| Package: ethereal | ----------------------------//
+---------------------------------+
Description:
Updated ethereal packages are now available which fix a format string bug
and a heap-based buffer overflow.
Vendor Alerts:
Red Hat:
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-3200.html
+---------------------------------+
| Package: xinetd | ----------------------------//
+---------------------------------+
Description:
The xinetd has the memory leaks when the connections are refused.
Vendor Alerts:
TurboLinux:
Turbo Linux Vendor Advisory:
http://www.linuxsecurity.com/advisories/turbolinux_advisory-3202.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
