Linux Advisory Watch - May 30th 2003

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  May 30th, 2003                           Volume 4, Number 21a |
+----------------------------------------------------------------+

  Editors:     Dave Wreski                Benjamin Thomas
               dave@xxxxxxxxxxxxxxxxx     ben@xxxxxxxxxxxxxxxxx

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilitiaes that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for squid, BitchX, netpbm, gPS,
heimdal, nessus, lprng, gnupg, up2date, ptrace, apache, cups, and glibc.
The distributors include Conectiva, Debian, Gentoo, Mandrake, Red Hat,
Slackware, and SuSe. Several of the advisories released are updates to
vulnerabilities found last week. There is nothing particularly serious
this week, but it is always a advisable to have everything patched before
the weekend.

Knowing that your servers are up-to-date is a good way to help ensure that
you will have an uninterrupted weekend. What else can assure you that
operations will run smoothly during time off? There are many pieces to the
equation that are important. One of the most significant aspects is using
servers that are properly configured and hardened. In addition, proper
server administration procedures must be followed. While many intrusions
are a result of vulnerable packages, a large number of them can also be
attributed to improper software configuration and administration. This
burden falls on the administrator. What can be done to reduce the risk of
improper software configuration?

The easiest way is to look for a pre configured or specialized security
distribution. Because I am a long time contributor to EnGarde Secure
Linux, I am biased in this recommendation. However, I personally feel that
using a distribution such as EnGarde will dramatically improve your
organization's security stance with very little time, effort, and money
invested. You'll find that with EnGarde, administration becomes easy. I
have used it for years and now I find myself becoming lazy when it comes
to using other systems. I find myself not wanting to configure anything
manually and instead have the WebTool do it for me. Administration has
become easy and now it is possible to concentrate on more intellectually
stimulating projects. A specialized distribution is ideal for
administrators with multiple systems to maintain in a critical
environment.

 More information can be found here:
 http://www.engardelinux.org

If you've only installed Linux and Apache to host your grandmother's
knitting Web site, or you are just looking to learn the inter workings of
security and administration. I recommend finding a good Linux security
book. An interesting book that I recently had the pleasure of reading is
titled Linux Security Toolkit, by David Bandel. It covers host security,
network security, firewalls & specialized security software, and Linux
security auditing. It is easy to read and suitable for administrators
wishing to concentrate on security. Like most books published today, it is
not suitable for the seasoned administrator. Although the book is well
written, it is not full of cutting edge knowledge. If you're looking to
learn more about security, I recommend taking a look. It is available used
through Amazon.com at a very reasonable price.

 The book can be purchased here:
 http://www.amazon.com/exec/obidos/tg/stores/offering/
 list/-/0764546902/all/ref=dp_bb_a/002-3699577-0487253

Until next time,
Benjamin D. Thomas



## FREE GUIDE-128-bit encryption ##
Thawte is one of the few companies that offers 128 bit supercerts. A
supercerts will allow you to extend the highest allowed 128 bit encryption
to all your clients even if they use browsers that are limited to 40 bit
encryption.

 Download a guide to learn more.
 http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte19


LINSECURITY.COM FEATURE:
Intrusion Detection Systems: An Introduction
By: Alberto Gonzalez

Intrusion Detection is the process and methodology of inspecting data for
malicious, inaccurate or anomalous activity. At the most basic levels
there are two forms of Intrusion Detection Systems that you will
encounter: Host and Network based.

http://www.linuxsecurity.com/feature_stories/feature_story-143.html

--------------------------------------------------------------------

* Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
unparalleled in security, ease of management, and features. Open source
technology constantly adapts to new threats. Email firewall, simplified
administration, automatically updated.

 --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2

+---------------------------------+
|  Distribution: Conectiva        | ----------------------------//
+---------------------------------+

 5/26/2003 - BitchX
   Multiple remote vulnerabilities

   A buffer overflow and a denial of service attack have been fixed
   in the latest versions of BitchX.
   http://www.linuxsecurity.com/advisories/connectiva_advisory-3292.html

 5/28/2003 - netpbm
   buffer overflow vulnerabilities

   Alan Cox and Al Viro discovered[1] several "math overflow"
   vulnerabilities in netpbm versions <= 9.20.
   http://www.linuxsecurity.com/advisories/connectiva_advisory-3296.html


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

 5/29/2003 - gPS
   multiple vulnerabilities

   Alan Cox and Al Viro discovered[1] several "math overflow"
   vulnerabilities in netpbm versions <= 9.20.
   http://www.linuxsecurity.com/advisories/debian_advisory-3299.html


+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

 5/27/2003 - heimdal
   krb4 cryptographic weakness

   heimdal suffers from the same vulnerability as mit-krb5 does,
   hence the identical advisory.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3293.html

 5/27/2003 - nessus
   multiple vulnerabilities

   There exists some vulnerabilities in NASL scripting engine.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3294.html


+---------------------------------+
|  Distribution: Mandrake         | ----------------------------//
+---------------------------------+

 5/23/2003 - lprng
   insecure tmp file vulnerability

   psbanner creates a temporary file for debugging purposes when it
   is configured as a filter, and does not check whether or not this
   file already exists or is a symlink.
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3289.html

 5/23/2003 - gnupg
   key validation vulnerability

   A bug was discovered in GnuPG versions 1.2.1 and earlier.
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3290.html


+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

 5/28/2003 - CUPS
   denial of service vulnerability

   Phil D'Amore of Red Hat discovered a vulnerability in the CUPS IPP
   implementation.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3297.html

 5/29/2003 - up2date
   multiple vulnerabilities

   This release also includes an updated RHNS-CA-CERT file, which
   contains an additional CA certificate.  This is needed so that
   up2date can continue to communicate with Red Hat Network once the
   current CA certificate reaches its August 2003 expiration date.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3300.html

 5/29/2003 - ptrace
   kernel vulnerabilitiy

   A ptrace-related vulnerability has been discovered that could
   allow a local user to gain elevated (root) privileges without
   authorization.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3301.html

 5/29/2003 - apache
   2.0 denial of service vulnerability

   A bug in Apache 2.0 through 2.0.45 allows remote attackers to
   cause a denial of service, and may allow execution of arbitrary
   code.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3302.html


+---------------------------------+
|  Distribution: Slackware        | ----------------------------//
+---------------------------------+

 5/29/2003 - cups
   denial of service vulnerability

   Upgraded CUPS packages are available for Slackware 8.1, 9.0, and
   -current to fix a denial of service attack vulnerability.
   http://www.linuxsecurity.com/advisories/slackware_advisory-3303.html


 5/23/2003 - quotacheck
   2.0 denial of service vulnerability

   An upgraded sysvinit package is available which fixes a problem
   with the use of quotacheck in /etc/rc.d/rc.M.
   http://www.linuxsecurity.com/advisories/slackware_advisory-3291.html


+---------------------------------+
|  Distribution: SuSe             | ----------------------------//
+---------------------------------+

 5/28/2003 - glibc
   buffer overflow vulnerability

   Another integer overflow was found in glibc' XDR code.
   http://www.linuxsecurity.com/advisories/suse_advisory-3298.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux