+----------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | July 25th, 2003 Volume 4, Number 29a | +----------------------------------------------------------------+ Editors: Dave Wreski Benjamin Thomas dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilitiaes that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for apache, kernel, nfs-utils, cups, phpgroupware, fdclone, several, gnupg, phpgroupware, mpg123, mozilla, semi, ethereal, and xpdf. The distributors include Conectiva, Debian, Guardian Digital's EnGarde Linux, Gentoo, Mandrake, Red Hat, Trustix, TurboLinux, and YellowDog Linux. When a child wants to get a candy bar at a local market, what normally happens? Most often, the child pleads a case to his/her parents and hopes for the best. If he/she is well behaved, the child may get the candy bar. However, if the child has recently been disobedient, the parent would probably refuse to buy it. How does this relate to information security? A healthy security budget can be considered your candy bar. It can be difficult to lock down a security budget. In today.s sluggish economy, all money spent must be fully justified and approved. How can decision makers in an organization be persuaded to spend adequate money on security? Decision makers in an organization need justification for every project. Rather than using FUD for persuasion, it can be more effective to prepare a business case for each project. For example, if an upgrade to the current email server farm is seriously needed to better manage Spam and Viruses, a business case would be helpful to provide proper justification. Writing one forces the proper amount of research and consideration of alternatives. What is normally found in a business case? Generally, an executive summary is the first major section included. It should be no more than a single type written page, and summarize all information found in the remaining portion of the document. It is advisable to write the executive summary last. Next, it is logical to include an introduction section. This section should provide background information, the purpose of the particular business case, and information regarding the subject matter. It is a good idea to provide a bulleted list with key goals & objectives, and discuss organizational environmental factors. The analysis portion of the newsletter should follow. It should include an explanation of the project goals & objectives, the scope, justification of business risks, and alternative solutions. Finally, the business case should include a section on business impact. This should include benefits, a high-level ROI analysis, proposed time frame, and a listing of project risks. Business cases can be written many different ways. It is most important that the audience is considered. More information can on writing business cases can be found on Google. Also, if you contact me, I can point you to several helpful resources. Until next time, Benjamin D. Thomas ben@xxxxxxxxxxxxxxxxx ==> INTRODUCING: Secure Mail Suite from Guardian Digital <== Unparalleled E-Mail Security. Secure Mail Suite is the most Dynamic, Rigorous Protection for Your Email System on the market today. It Clobbers Spam. Detects and Disables Viruses. And its Killer Firewall Keeps Your Data -- and Your System and Safe and Secure. All in an Easy-to-Manage Application that's Simple to Administer and Maintain. Secure Mail Suite is Guardian Digital's Optimum Solution to Mail Security. It's based on Open-Source Engineering, so it's constantly Improving. And with Guardian Digital Engarde Support, Secure Mail Suite Stays On Guard for You -- for Many Reliable Years. Secure Mail Suite. Sweet! From the First Name in Open-Source Security. Guardian Digital. --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2 REVIEW: Linux Security Cookbook There are rarely straightforward solutions to real world issues, especially in the field of security. The Linux Security Cookbook is an essential tool to help solve those real world problems. By covering situations that apply to everyone from the seasoned Systems Administrator to the security curious home user, the Linux Security Cookbook distinguishes itself as an indispensible reference for security oriented individuals. http://www.linuxsecurity.com/feature_stories/feature_story-145.html --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf -------------------------------------------------------------------- >> FREE Apache SSL Guide from Thawte << Are you worried about your web server security? Click here to get a FREE Thawte Apache SSL Guide and find the answers to all your Apache SSL security needs. Click Command: http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte25 -------------------------------------------------------------------- FEATURE: Real-Time Alerting with Snort Real-time alerting is a feature of an IDS or any other monitoring application that notifies a person of an event in an acceptably short amount of time. The amount of time that is acceptable is different for every person. http://www.linuxsecurity.com/feature_stories/feature_story-144.html +---------------------------------+ | Distribution: Conectiva | ----------------------------// +---------------------------------+ 7/22/2003 - nfs-utils buffer overflow vulnerability denial of service vulnerability http://www.linuxsecurity.com/advisories/connectiva_advisory-3482.html 7/22/2003 - kernel multiple vulnerabilities http://www.linuxsecurity.com/advisories/connectiva_advisory-3483.html 7/22/2003 - cups multiple vulnerabilities http://www.linuxsecurity.com/advisories/connectiva_advisory-3484.html 7/24/2003 - phpgroupware XSS vulnerability http://www.linuxsecurity.com/advisories/connectiva_advisory-3486.html 7/24/2003 - apache denial of service vulnerability http://www.linuxsecurity.com/advisories/connectiva_advisory-3487.html +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ 7/24/2003 - fdclone insecure tmp file vulnerability http://www.linuxsecurity.com/advisories/debian_advisory-3488.html +---------------------------------+ | Distribution: EnGarde | ----------------------------// +---------------------------------+ 7/24/2003 - several local 'kernel' vulnerabilities http://www.linuxsecurity.com/advisories/engarde_advisory-3485.html +---------------------------------+ | Distribution: Gentoo | ----------------------------// +---------------------------------+ 7/19/2003 - gnupg Unauthorized acess http://www.linuxsecurity.com/advisories/gentoo_advisory-3475.html 7/19/2003 - nfs-utils Denial of service Unauthorized acess http://www.linuxsecurity.com/advisories/gentoo_advisory-3476.html +---------------------------------+ | Distribution: Mandrake | ----------------------------// +---------------------------------+ 7/24/2003 - phpgroupware multiple vulnerabilities http://www.linuxsecurity.com/advisories/mandrake_advisory-3489.html 7/24/2003 - xpdf arbitrary command execution vulnerability http://www.linuxsecurity.com/advisories/mandrake_advisory-3490.html 7/24/2003 - mpg123 denial of service vulnerability http://www.linuxsecurity.com/advisories/mandrake_advisory-3491.html +---------------------------------+ | Distribution: Red Hat | ----------------------------// +---------------------------------+ 7/21/2003 - 2.4 kernel mulitple vulnerabilities denial of service vulnerability http://www.linuxsecurity.com/advisories/redhat_advisory-3477.html 7/21/2003 - mozilla heap overflow vulnerability http://www.linuxsecurity.com/advisories/redhat_advisory-3478.html 7/24/2003 - semi arbitrary code execution vulnerability http://www.linuxsecurity.com/advisories/redhat_advisory-3493.html +---------------------------------+ | Distribution: Trustix | ----------------------------// +---------------------------------+ 7/18/2003 - 'nfs-utils' Denial of Service arbitrary code execution vulnerability http://www.linuxsecurity.com/advisories/trustix_advisory-3472.html +---------------------------------+ | Distribution: TurboLinux | ----------------------------// +---------------------------------+ 7/24/2003 - nfs-utils off-by-one vulnerability arbitrary code execution vulnerability http://www.linuxsecurity.com/advisories/turbolinux_advisory-3492.html +---------------------------------+ | Distribution: YDL | ----------------------------// +---------------------------------+ 7/18/2003 - nfs-utils Buffer overflow vulnerability arbitrary code execution vulnerability http://www.linuxsecurity.com/advisories/yellowdog_advisory-3473.html 7/18/2003 - ethereal Multiple vulnerabilities http://www.linuxsecurity.com/advisories/yellowdog_advisory-3474.html 7/24/2003 - semi arbitrary code execution vulnerability http://www.linuxsecurity.com/advisories/yellowdog_advisory-3494.html 7/24/2003 - xpdf arbitrary command execution vulnerability http://www.linuxsecurity.com/advisories/yellowdog_advisory-3495.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------