+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| July 25th, 2003 Volume 4, Number 29a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilitiaes that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for apache, kernel, nfs-utils, cups,
phpgroupware, fdclone, several, gnupg, phpgroupware, mpg123, mozilla,
semi, ethereal, and xpdf. The distributors include Conectiva, Debian,
Guardian Digital's EnGarde Linux, Gentoo, Mandrake, Red Hat, Trustix,
TurboLinux, and YellowDog Linux.
When a child wants to get a candy bar at a local market, what normally
happens? Most often, the child pleads a case to his/her parents and hopes
for the best. If he/she is well behaved, the child may get the candy bar.
However, if the child has recently been disobedient, the parent would
probably refuse to buy it. How does this relate to information security?
A healthy security budget can be considered your candy bar. It can be
difficult to lock down a security budget. In today.s sluggish economy,
all money spent must be fully justified and approved. How can decision
makers in an organization be persuaded to spend adequate money on
security?
Decision makers in an organization need justification for every project.
Rather than using FUD for persuasion, it can be more effective to prepare
a business case for each project. For example, if an upgrade to the
current email server farm is seriously needed to better manage Spam and
Viruses, a business case would be helpful to provide proper justification.
Writing one forces the proper amount of research and consideration of
alternatives.
What is normally found in a business case? Generally, an executive
summary is the first major section included. It should be no more than a
single type written page, and summarize all information found in the
remaining portion of the document. It is advisable to write the executive
summary last. Next, it is logical to include an introduction section.
This section should provide background information, the purpose of the
particular business case, and information regarding the subject matter.
It is a good idea to provide a bulleted list with key goals & objectives,
and discuss organizational environmental factors. The analysis portion of
the newsletter should follow. It should include an explanation of the
project goals & objectives, the scope, justification of business risks,
and alternative solutions. Finally, the business case should include a
section on business impact. This should include benefits, a high-level
ROI analysis, proposed time frame, and a listing of project risks.
Business cases can be written many different ways. It is most important
that the audience is considered. More information can on writing business
cases can be found on Google. Also, if you contact me, I can point you to
several helpful resources.
Until next time,
Benjamin D. Thomas
ben@xxxxxxxxxxxxxxxxx
==> INTRODUCING: Secure Mail Suite from Guardian Digital <==
Unparalleled E-Mail Security. Secure Mail Suite is the most Dynamic,
Rigorous Protection for Your Email System on the market today. It Clobbers
Spam. Detects and Disables Viruses. And its Killer Firewall Keeps Your
Data -- and Your System and Safe and Secure. All in an Easy-to-Manage
Application that's Simple to Administer and Maintain.
Secure Mail Suite is Guardian Digital's Optimum Solution to Mail Security.
It's based on Open-Source Engineering, so it's constantly Improving. And
with Guardian Digital Engarde Support, Secure Mail Suite Stays On Guard
for You -- for Many Reliable Years.
Secure Mail Suite. Sweet!
From the First Name in Open-Source Security. Guardian Digital.
--> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2
REVIEW: Linux Security Cookbook
There are rarely straightforward solutions to real world issues,
especially in the field of security. The Linux Security Cookbook is an
essential tool to help solve those real world problems. By covering
situations that apply to everyone from the seasoned Systems Administrator
to the security curious home user, the Linux Security Cookbook
distinguishes itself as an indispensible reference for security oriented
individuals.
http://www.linuxsecurity.com/feature_stories/feature_story-145.html
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
--------------------------------------------------------------------
>> FREE Apache SSL Guide from Thawte <<
Are you worried about your web server security? Click here to get a FREE
Thawte Apache SSL Guide and find the answers to all your Apache SSL
security needs.
Click Command:
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte25
--------------------------------------------------------------------
FEATURE: Real-Time Alerting with Snort
Real-time alerting is a feature of an IDS or any other monitoring
application that notifies a person of an event in an acceptably short
amount of time. The amount of time that is acceptable is different for
every person.
http://www.linuxsecurity.com/feature_stories/feature_story-144.html
+---------------------------------+
| Distribution: Conectiva | ----------------------------//
+---------------------------------+
7/22/2003 - nfs-utils buffer overflow vulnerability
denial of service vulnerability
http://www.linuxsecurity.com/advisories/connectiva_advisory-3482.html
7/22/2003 - kernel
multiple vulnerabilities
http://www.linuxsecurity.com/advisories/connectiva_advisory-3483.html
7/22/2003 - cups
multiple vulnerabilities
http://www.linuxsecurity.com/advisories/connectiva_advisory-3484.html
7/24/2003 - phpgroupware
XSS vulnerability
http://www.linuxsecurity.com/advisories/connectiva_advisory-3486.html
7/24/2003 - apache
denial of service vulnerability
http://www.linuxsecurity.com/advisories/connectiva_advisory-3487.html
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
7/24/2003 - fdclone
insecure tmp file vulnerability
http://www.linuxsecurity.com/advisories/debian_advisory-3488.html
+---------------------------------+
| Distribution: EnGarde | ----------------------------//
+---------------------------------+
7/24/2003 - several
local 'kernel' vulnerabilities
http://www.linuxsecurity.com/advisories/engarde_advisory-3485.html
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
7/19/2003 - gnupg
Unauthorized acess
http://www.linuxsecurity.com/advisories/gentoo_advisory-3475.html
7/19/2003 - nfs-utils Denial of service
Unauthorized acess
http://www.linuxsecurity.com/advisories/gentoo_advisory-3476.html
+---------------------------------+
| Distribution: Mandrake | ----------------------------//
+---------------------------------+
7/24/2003 - phpgroupware
multiple vulnerabilities
http://www.linuxsecurity.com/advisories/mandrake_advisory-3489.html
7/24/2003 - xpdf
arbitrary command execution vulnerability
http://www.linuxsecurity.com/advisories/mandrake_advisory-3490.html
7/24/2003 - mpg123
denial of service vulnerability
http://www.linuxsecurity.com/advisories/mandrake_advisory-3491.html
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
7/21/2003 - 2.4 kernel mulitple vulnerabilities
denial of service vulnerability
http://www.linuxsecurity.com/advisories/redhat_advisory-3477.html
7/21/2003 - mozilla
heap overflow vulnerability
http://www.linuxsecurity.com/advisories/redhat_advisory-3478.html
7/24/2003 - semi
arbitrary code execution vulnerability
http://www.linuxsecurity.com/advisories/redhat_advisory-3493.html
+---------------------------------+
| Distribution: Trustix | ----------------------------//
+---------------------------------+
7/18/2003 - 'nfs-utils' Denial of Service
arbitrary code execution vulnerability
http://www.linuxsecurity.com/advisories/trustix_advisory-3472.html
+---------------------------------+
| Distribution: TurboLinux | ----------------------------//
+---------------------------------+
7/24/2003 - nfs-utils off-by-one vulnerability
arbitrary code execution vulnerability
http://www.linuxsecurity.com/advisories/turbolinux_advisory-3492.html
+---------------------------------+
| Distribution: YDL | ----------------------------//
+---------------------------------+
7/18/2003 - nfs-utils Buffer overflow vulnerability
arbitrary code execution vulnerability
http://www.linuxsecurity.com/advisories/yellowdog_advisory-3473.html
7/18/2003 - ethereal
Multiple vulnerabilities
http://www.linuxsecurity.com/advisories/yellowdog_advisory-3474.html
7/24/2003 - semi
arbitrary code execution vulnerability
http://www.linuxsecurity.com/advisories/yellowdog_advisory-3494.html
7/24/2003 - xpdf
arbitrary command execution vulnerability
http://www.linuxsecurity.com/advisories/yellowdog_advisory-3495.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
