+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| June 13th, 2002 Volume 4, Number 23a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilitiaes that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for the Linux kernel, eterm, xaos,
ethereal, atftp, gnocatan, nethack, slashem, cupsys, mod_php, zlib, kon2,
gzip, KDE, hanterm, pptpd, cups, and lv. The distributors include Debian,
Gentoo, Immunix, Mandrake, OpenPKG, RedHat, SuSE, Turbolinux, and Yellow
Dog.
Last week, I discussed how HIPAA should be viewed as a step in the right
direction, rather than a burden for U.S. healthcare companies. I received
a lot of positive feedback from readers who are happy that they now have
an adequate budget to address security problems. This week, I wanted to
take a look at BS7799 and ISO17799. BS7799 was first developed by the UK
Department of Trade and Industry's (DTI) Commercial Computer Security
Centre (CCSC) and prepared by the British Standards Institution with the
goal of developing a set of security management standards that can be used
across many industries. Soon after establishing the BS7799, it was
submitted to the International Organization for Standardization (ISO).
After several revisions, BS7799 was accepted and used as a basis for
ISO17799.
What is the goal of BS7799 & ISO17799? Each were created with the specific
purpose of providing an established starting point for organizations to
develop an information security program. Similar to HIPAA, the '7799'
standards intend to help an organization maintain strict data
confidentiality, integrity, and availability. The standards and
recommendations are written with upper information security management as
an intended audience. What makes up the standards? Each standard outlines
organizations security issues, asset classification, personnel security,
security policy, physical and operational security, access control,
systems development, business continuity management, and standards
compliance.
Organizations have many reasons for wanting to comply with international
standards. Although one could argue the case that '7799' is incomplete, it
does accomplish its goals. These standards provide the basic building
blocks for constructing an information security program in your
organization.
Until next time,
Benjamin D. Thomas
ben@xxxxxxxxxxxxxxxxx
>> FREE Apache SSL Guide from Thawte <<
Are you worried about your web server security? Click here to get a FREE
Thawte Apache SSL Guide and find the answers to all your Apache SSL
security needs.
Click Command:
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte23
FEATURE: Real-Time Alerting with Snort
Real-time alerting is a feature of an IDS or any other monitoring
application that notifies a person of an event in an acceptably short
amount of time. The amount of time that is acceptable is different
for every person.
http://www.linuxsecurity.com/feature_stories/feature_story-144.html
--------------------------------------------------------------------
* Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
unparalleled in security, ease of management, and features. Open source
technology constantly adapts to new threats. Email firewall, simplified
administration, automatically updated.
--> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2
--------------------------------------------------------------------
LINSECURITY.COM FEATURE:
Intrusion Detection Systems: An Introduction
By: Alberto Gonzalez
Intrusion Detection is the process and methodology of inspecting data for
malicious, inaccurate or anomalous activity. At the most basic levels
there are two forms of Intrusion Detection Systems that you will
encounter: Host and Network based.
http://www.linuxsecurity.com/feature_stories/feature_story-143.html
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
6/9/2003 - kernel
Multiple vulnerabilities
A number of vulnerabilities have been discovered in the Linux
kernel.
http://www.linuxsecurity.com/advisories/debian_advisory-3340.html
6/6/2003 - eterm
Buffer overflow vulnerability
A number of vulnerabilities have been discovered in the Linux
kernel.
http://www.linuxsecurity.com/advisories/debian_advisory-3341.html
6/8/2003 - xaos
Improper setuid-root execution
A number of vulnerabilities have been discovered in the Linux
kernel.
http://www.linuxsecurity.com/advisories/debian_advisory-3342.html
6/11/2003 - 'ethereal' buffer/integer overflows
Improper setuid-root execution
Timo Sirainen discovered several vulnerabilities in ethereal, a
network traffic analyzer. These include one-byte buffer overflows
in the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3,
Rsync, SMB, SMPP, and TSP dissectors, and integer overflows in the
Mount and PPP dissectors.
http://www.linuxsecurity.com/advisories/debian_advisory-3349.html
6/11/2003 - 'atftp' buffer overflow
Improper setuid-root execution
Rick Patel discovered that atftpd is vulnerable to a buffer
overflow when a long filename is sent to the server. An attacker
could exploit this bug remotely to execute arbitrary code on the
server.
http://www.linuxsecurity.com/advisories/debian_advisory-3350.html
6/11/2003 - 'gnocatan' buffer overflows, DoS
Improper setuid-root execution
Bas Wijnen discovered that the gnocatan server is vulnerable to
several buffer overflows which could be exploited to execute
arbitrary code on the server system
http://www.linuxsecurity.com/advisories/debian_advisory-3351.html
6/11/2003 - 'nethack' buffer overflow
Improper setuid-root execution
The nethack package is vulnerable to a buffer overflow exploited
via a long '-s' command line option. This vulnerability could be
used by an attacker to gain gid 'games' on a system where nethack
is installed.
http://www.linuxsecurity.com/advisories/debian_advisory-3352.html
6/12/2003 - buffer
overflow in 'slashem'
The slashem package is vulnerable to a buffer overflow exploited
via a long '-s' command line option. This vulnerability could be
used by an attacker to gain gid 'games' on a system where slashem
is installed.
http://www.linuxsecurity.com/advisories/debian_advisory-3353.html
6/12/2003 - 'cupsys' DoS
overflow in 'slashem'
The CUPS print server in Debian is vulnerable to a denial of
service when an HTTP request is received without being properly
terminated.
http://www.linuxsecurity.com/advisories/debian_advisory-3354.html
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
6/8/2003 - mod_php
Integer overflow vulnerability
Integer overflows have been fixed in several php functions.
http://www.linuxsecurity.com/advisories/gentoo_advisory-3338.html
6/8/2003 - atftp
Buffer overflow vulnerability
A buffer overflow has been fixed in atftp.
http://www.linuxsecurity.com/advisories/gentoo_advisory-3339.html
+---------------------------------+
| Distribution: Immunix | ----------------------------//
+---------------------------------+
6/6/2003 - zlib
buffer overflow vulnerability
Richard Kettlewell has discovered a buffer overflow in zlib's
gzprintf() function, which provides printf(3)-like functionality
for compressed files. This update, includs a patch from the
OpenPKG project, fixes this problem by enabling autoconf tests for
vsnprintf(3).
http://www.linuxsecurity.com/advisories/immunix_advisory-3330.html
6/9/2003 - tetex, psutils, w3c-libwww
buffer overflow vulnerability
Richard Kettlewell has discovered a buffer overflow in zlib's
gzprintf() function, which provides printf(3)-like functionality
for compressed files. This update, includs a patch from the
OpenPKG project, fixes this problem by enabling autoconf tests for
vsnprintf(3).
http://www.linuxsecurity.com/advisories/immunix_advisory-3344.html
+---------------------------------+
| Distribution: Mandrake | ----------------------------//
+---------------------------------+
6/6/2003 - kon2
buffer overflow vulnerability
A buffer overflow in the command line parsing can be exploited,
leading to local users being able to gain root privileges.
http://www.linuxsecurity.com/advisories/mandrake_advisory-3329.html
6/11/2003 - several
'kernel' vulnerabilities
Multiple vulnerabilities were discovered and fixed in the Linux
kernel.
http://www.linuxsecurity.com/advisories/mandrake_advisory-3348.html
+---------------------------------+
| Distribution: OpenPKG | ----------------------------//
+---------------------------------+
6/11/2003 - 'gzip' symlink attack
info leak
The GNU Bash based znew(1) shell script tried to prevent itself
from overwriting existing files on shell redirection by using the
POSIX "noclobber" shell option, but accidentally forgot to check
for the results, and in case of existing files, stop further
processing. This allowed a classical "symlink" attack.
http://www.linuxsecurity.com/advisories/other_advisory-3347.html
+---------------------------------+
| Distribution: RedHat | ----------------------------//
+---------------------------------+
6/6/2003 - KDE
ssl man-in-the-middle attack
Updated KDE packages that resolve a vulnerability in KDE's SSL
implementation are now available.
http://www.linuxsecurity.com/advisories/redhat_advisory-3331.html
6/6/2003 - hanterm
multiple vulnerabilities
Updated hanterm packages fix two security issues.
http://www.linuxsecurity.com/advisories/redhat_advisory-3332.html
6/6/2003 - kernel
advisory updates
We have retracted two bug fix advisories that affected only the
S/390 architecture of Red Hat Linux 7.2.
http://www.linuxsecurity.com/advisories/redhat_advisory-3333.html
+---------------------------------+
| Distribution: SuSE | ----------------------------//
+---------------------------------+
6/6/2003 - pptpd
Remote buffer overflow vulnerability
We have retracted two bug fix advisories that affected only the
S/390 architecture of Red Hat Linux 7.2.
http://www.linuxsecurity.com/advisories/suse_advisory-3334.html
6/6/2003 - cups
Remote DoS vulnerability
We have retracted two bug fix advisories that affected only the
S/390 architecture of Red Hat Linux 7.2.
http://www.linuxsecurity.com/advisories/suse_advisory-3335.html
+---------------------------------+
| Distribution: Turbolinux | ----------------------------//
+---------------------------------+
6/6/2003 - lv
Privilege escalation vulnerability
An attackers may be able to gain the privileges of the user
invoking lv.
http://www.linuxsecurity.com/advisories/turbolinux_advisory-3336.html
6/6/2003 - kdelibs
Privilege escalation vulnerability
An attackers may be able to gain the privileges of the user
invoking lv.
http://www.linuxsecurity.com/advisories/turbolinux_advisory-3337.html
+---------------------------------+
| Distribution: Yellow Dog | ----------------------------//
+---------------------------------+
6/10/2003 - 'ghostscript' vulnerability
Privilege escalation vulnerability
A flaw in unpatched versions of Ghostscript before 7.07 allows
malicious postscript files to execute arbitrary commands even with
-dSAFER enabled.
http://www.linuxsecurity.com/advisories/yellowdog_advisory-3345.html
6/10/2003 - 'hanterm-xf' vulnerabilities
Privilege escalation vulnerability
An attacker can craft an escape sequence that sets the window
title of a victim using Hangul Terminal to an arbitrary command
and then report it to the command line.
http://www.linuxsecurity.com/advisories/yellowdog_advisory-3346.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
