Linux Advisory Watch - July 4th 2003

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  July 4th, 2002                           Volume 4, Number 26a |
+----------------------------------------------------------------+

  Editors:     Dave Wreski                Benjamin Thomas
               dave@xxxxxxxxxxxxxxxxx     ben@xxxxxxxxxxxxxxxxx

Linux Advisoiry Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for kopete, kde, unzip, acm, xgalaga,
mantis, kernel, proftpd, gtksee, proftpd, xpdf, acroread, tcptraceroute,
phpbb, noweb, gnocatan, mikmod, XFree86, PHP, ethereal, and ypserv.  The
distributors include Conectiva, Debian, Gentoo, Immunix, Mandrake, Red
Hat, TurboLinux, and YellowDog.  A number of advisories were released for
Debian and Gentoo.  Red Hat released a moderate amount, and Immunix, Turbo
Linux, and Yellow Dog released only a few.  There were several new
vulnerabilities found, but a majority of the advisories released were
patches to old issues.

Last week, many of you enjoyed the insightful comments submitted by others
readers.  This week, many of our American readers are preparing for a long
holiday weekend.  Other readers across the world are also on holiday
enjoying time with family and friends. Last weekend, I was quite busy
because I got married.  What do we do with our servers during this time?
Many of us would like to shut them off and restart when we return.  This
option is never feasible. Others have no worries and leave their systems
alone while away. No matter camp you're in, it is a great time to go
'back-to-the-basics.'

Today, many of us concern ourselves with complex security mechanisms and
newer technologies.  However, many of us need to remember and return to
the basics.  Are all accounts on the system legitimate and used regularly?
What is my password policy? Are only the minimum necessary applications on
the system?  No matter how many times a system is patched, if a
disgruntled former employee still has an account on a system, it remains
extremely vulnerable.

People ask me almost daily, "I am new to Linux, how can I make sure that
my system is secure?"  I always point new users to several resources.
First, the Linux Security Quick Reference card:

 http://www.linuxsecurity.com/docs/QuickRefCard.pdf

Although it was written several years ago, almost all of it is sill
relevant.  Topics on the quick reference card includes permissions, kernel
security, apache security, tcpwrappers, NIDS, critical system files, and
others.  It is advisable to print it on a single sheet double sided.

Also, several other documents include the Linux Security Administrator's
Guide, and the Linux Security Howto:

http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide.html
http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/

Both documents can provide you with a strong foundation in Linux security.
Often systems remain vulnerable because the basics have been ignored or
forgotten.

In this season of vacationing, it is a good time to remember the basics of
security administration.  Double check your firewall rules, check for
unnecessary applications and users, and verify critical file permissions.

Until next time,

Benjamin D. Thomas
ben@xxxxxxxxxxxxxxxxx


>> FREE Apache SSL Guide from Thawte <<
Are you worried about your web server security?  Click here to get a FREE
Thawte Apache SSL Guide and find the answers to all your Apache SSL
security needs.

 Click Command:
 http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte25


FEATURE: Real-Time Alerting with Snort
Real-time alerting is a feature of an IDS or any other monitoring
application that notifies a person of an event in an acceptably short
amount of time. The amount of time that is acceptable is different for
every person.

http://www.linuxsecurity.com/feature_stories/feature_story-144.html


--------------------------------------------------------------------

* Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
unparalleled in security, ease of management, and features. Open source
technology constantly adapts to new threats. Email firewall, simplified
administration, automatically updated.

 --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2

--------------------------------------------------------------------

LINSECURITY.COM FEATURE:
Intrusion Detection Systems: An Introduction
By: Alberto Gonzalez

Intrusion Detection is the process and methodology of inspecting data for
malicious, inaccurate or anomalous activity. At the most basic levels
there are two forms of Intrusion Detection Systems that you will
encounter: Host and Network based.

http://www.linuxsecurity.com/feature_stories/feature_story-143.html

+---------------------------------+
|  Distribution: Conectiva        | ----------------------------//
+---------------------------------+

 7/1/2003 - radiusd-cistron buffer overflow vulnerability

   David Luyer reported[1] a buffer overflow vulnerability in
   radiusd-cistron versions <= 1.6.6 that could allow remote
   attackers to cause a denial of service (DoS) and possibly execute
   arbitrary code in the server context.

   http://www.linuxsecurity.com/advisories/connectiva_advisory-3407.html

 7/1/2003 - kopete
   arbitrary command execution vulnerability

   A vulnerability in the GnuPG plugin in kopete versions prior to
   0.6.2 allows remote attackers to execute arbitrary commands in the
   client context by sending specially crafted messages to it.
   http://www.linuxsecurity.com/advisories/connectiva_advisory-3408.html

 7/1/2003 - kde
   mulitple vulnerabilities

   There are multiple vulnerabilities in KDE.
   http://www.linuxsecurity.com/advisories/connectiva_advisory-3409.html

 7/3/2003 - unzip
   directory traversal vulnerability

   A vulnerability has been found in the way unzip extracts files
   with invalid characters between two '.' (dot) characters in their
   path/names.
   http://www.linuxsecurity.com/advisories/connectiva_advisory-3426.html


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

 6/28/2003 - acm
   Integer overflow

   A vulnerability has been found in the way unzip extracts files
   with invalid characters between two '.' (dot) characters in their
   path/names.
   http://www.linuxsecurity.com/advisories/debian_advisory-3402.html

 6/28/2003 - xgalaga
   Buffer overflow vulnerability

   A vulnerability has been found in the way unzip extracts files
   with invalid characters between two '.' (dot) characters in their
   path/names.
   http://www.linuxsecurity.com/advisories/debian_advisory-3403.html

 6/28/2003 - kernel-2.4.17 Multiple vulnerabilities
   Buffer overflow vulnerability

   A vulnerability has been found in the way unzip extracts files
   with invalid characters between two '.' (dot) characters in their
   path/names.
   http://www.linuxsecurity.com/advisories/debian_advisory-3404.html

 6/28/2003 - imagemagick
   temporary file

   A vulnerability has been found in the way unzip extracts files
   with invalid characters between two '.' (dot) characters in their
   path/names.
   http://www.linuxsecurity.com/advisories/debian_advisory-3405.html

 6/28/2003 - mantis
   Incorrect permissions vulnerability

   A vulnerability has been found in the way unzip extracts files
   with invalid characters between two '.' (dot) characters in their
   path/names.
   http://www.linuxsecurity.com/advisories/debian_advisory-3406.html

 7/1/2003 - proftpd
   SQL injection vulnerability

   ProFTPD's PostgreSQL authentication module is vulnerable to a SQL
   injection attack.
   http://www.linuxsecurity.com/advisories/debian_advisory-3411.html

 7/1/2003 - gtksee
   buffer overflow vulnerability

   Viliam Holub discovered a bug in gtksee whereby, when loading PNG
   images of certain color depths, gtksee would overflow a
   heap-allocated buffer.
   http://www.linuxsecurity.com/advisories/debian_advisory-3412.html

 7/1/2003 - 2.2 kernel multiple vulnerabilities
   buffer overflow vulnerability

   This advisory is being released as a factual correction to
   DSA-336-1.
   http://www.linuxsecurity.com/advisories/debian_advisory-3413.html


+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

 6/27/2003 - proftpd
   sql inject vulnerability

   A SQL Inject exists in ProFTPD server using the mod_sql module to
   authenticate against PostgreSQL database server. This
   vulnerability may allow a remote user to login whithout user and
   password.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3397.html

 6/27/2003 - xpdf
   arbitrary code execution vulnerability

   Valid PDF files can contain malicious external-type hyperlinks
   that can execute arbitrary shell commands underneath Unix with
   various PDF viewers/readers.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3398.html

 6/27/2003 - acroread
   arbitrary code execution vulnerability

   Valid PDF files can contain malicious external-type hyperlinks
   that can execute arbitrary shell commands underneath Unix with
   various PDF viewers/readers.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3399.html

 6/27/2003 - ethereal
   arbitrary code execution vulnerability

   It may be possible to make Ethereal crash or run arbitrary code by
   injecting a purposefully malformed packet onto the wire, or by
   convincing someone to read a malformed packet trace file.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3400.html

 7/1/2003 - tcptraceroute
   privilege escalation vulnerability

   tcptraceroute 1.4 and earlier does not fully drop privileges after
   obtaining a file descriptor for capturing packets, which may allow
   local users to gain access to the descriptor via a separate
   vulnerability in tcptraceroute.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3414.html

 7/1/2003 - phpbb
   SQL injection vulnerability

   QL injection vulnerability in viewtopic.php for phpBB 2.0.5 and
   earlier allows remote attackers to steal password hashes via the
   topic_id parameter.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3415.html

 7/1/2003 - noweb
   insecure tmp file vulnerability

   Multiple vulnerabilities in noweb 2.9 and earlier creates
   temporary files insecurely, which allows local users to overwrite
   arbitrary files via multiple vectors including the noroff script.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3416.html

 7/1/2003 - gnocatan
   multiple vulnerabilities

   Bas Wijnen discovered that the gnocatan server is vulnerable to
   several buffer overflows which could be exploited to execute
   arbitrary code on the server system.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3417.html

 7/3/2003 - mikmod
   arbitrary code execution vulnerability

   Buffer overflow in mikmod 3.1.6 and earlier allows remote
   attackers to execute arbitrary code via an archive file that
   contains a file with a long filename.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3427.html


+---------------------------------+
|  Distribution: Immunix          | ----------------------------//
+---------------------------------+

 7/3/2003 - unzip
   directory traversal vulnerabilities

   Jelmer has discovered it is possible to bypass unzip's ".."
   protections by including garbage characters between the two
   periods.
   http://www.linuxsecurity.com/advisories/immunix_advisory-3428.html


+---------------------------------+
|  Distribution: Mandrake         | ----------------------------//
+---------------------------------+

 6/30/2003 - xpdf
   arbitrary code execution vulnerability

   Martyn Gilmore discovered flaws in various PDF viewers, including
   xpdf.
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3418.html

 6/30/2003 - ypserv
   denial of service vulnerability

   A vulnerability was found in versions of ypserv prior to version
   2.7.
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3419.html


+---------------------------------+
|  Distribution: RedHat           | ----------------------------//
+---------------------------------+

 6/27/2003 - XFree86
   multiple vulnerabilities

   Since the last XFree86 update for Red Hat Linux 7.1 and 7.2, a
   number of security vulnerabilities have been found and fixed.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3401.html

 7/1/2003 - unzip
   trojan vulnerability

   A vulnerabilitiy in unzip version 5.50 and earlier allows
   attackers to overwrite arbitrary files during archive extraction
   by placing invalid (non-printable) characters between two "."
   characters.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3420.html

 7/2/2003 - PHP
   multiple vulnerabilities

   his update contains fixes for a number of bugs discovered in the
   version of PHP included in Red Hat Linux 8.0 and 9.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3425.html

 7/3/2003 - ethereal
   multiple vulnerabilities

   A number of security issues affect Ethereal.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3429.html


+---------------------------------+
|  Distribution: TurboLinux       | ----------------------------//
+---------------------------------+

 7/2/2003 - radiusd-cistron arbitrary code execution vulnerability
   multiple vulnerabilities

   This may allow remote attackers to cause a denial of service or
   even execute arbitrary code.
   http://www.linuxsecurity.com/advisories/turbolinux_advisory-3421.html

 7/2/2003 - kernel
   multiple vulnerabilities

   Local users may be able to gain read or write access to certain
   I/O ports.  Attackers may be able to cause a denial of service .
   http://www.linuxsecurity.com/advisories/turbolinux_advisory-3422.html


+---------------------------------+
|  Distribution: YellowDog        | ----------------------------//
+---------------------------------+

 7/2/2003 - ypserv
   denial of service vulnerability

   A vulnerability has been discovered in the ypserv NIS server prior
   to version 2.7.
   http://www.linuxsecurity.com/advisories/yellowdog_advisory-3423.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux