Linux Advisory Watch - September 12th 2003

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  September 12th, 2003                     Volume 4, Number 36a |
+----------------------------------------------------------------+

   Editors:     Dave Wreski                Benjamin Thomas
                dave@xxxxxxxxxxxxxxxxx     ben@xxxxxxxxxxxxxxxxx

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.

This week advisories were released for pam_smb, exim, stunnel, wu-ftpd,
mah-jong, sane-backends, pine, GtkHTML, and inetd.  The distributors
include Conectiva, Debian, Guardian Digital's EnGarde Secure Linux, Red
Hat, Slackware, and SuSE.

 >> FREE Apache SSL Guide from Thawte  <<

Are you worried about your web server security?  Click here to get a FREE
Thawte Apache SSL Guide and find the answers to all your Apache SSL
security needs.

  Click Command:
  http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=vertad_thawteapache

---

It has been an exciting week for me.  My wife and I have been preparing to
move over 2000 miles away.  After months of consideration, I have decided
that it is in my best interest to return to school.  I will be pursuing a
Master's of Science in Information Security at Royal Holloway, University
of London.  I will continue to write Linux Advisory Watch as well as other
projects that I am involved in while abroad.

The course that I have chosen is quite interesting.  It was established in
1992 and includes study in security management, network security, host
operating system security, standards and evaluation, advanced
cryptography, database security, computer crime, as well as multiple
industrial seminars.  A thesis written on a specic area of information
security is required to complete the course.  I have decided go full-time,
so it will be completed in a year.  I have talked with many students who
have completed the course and they are all quite pleased.  I look forward
to getting back in the classroom.

As you can imagine, I did not jump into this overnight.  I have wanted to
go to graduate school for quite some time.  I also considered a getting a
MBA from the University of Louisville (my home town), and a Master's of
Science in Computer Science (MSCS) with concentration in information
security from James Madison University.  Although the NSA accreditation is
very appealing, several of the modules taught do not seem to be strictly
dedicated to security. It seems to be a very good program, but London is
calling.

While attending Royal Holloway, University of London, I expect to learn
many things in addition to security that will be helpful throughout life.
First, I will gain international experience, meet friends from around the
world, and see how America is perceived from an outside perspective.  I
also hope to be able to dedicate more time to several of the projects that
I am working on.  If you have experiences from, or live in London, I would
love to hear from you!  From time to time, I will be sharing my
experiences and knowledge that I gain.

Until next time, cheers!
Benjamin D. Thomas
ben@xxxxxxxxxxxxxxxxx

----

FEATURE: A Practical Approach of Stealthy Remote Administration This paper
is written for those paranoid administrators who are looking for a
stealthy technique of managing sensitive servers (like your enterprise
firewall console or IDS).

http://www.linuxsecurity.com/feature_stories/feature_story-149.html

--------------------------------------------------------------------

CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner!
Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
Editor's Choice Award, EnGarde "walked away with our Editor's Choice award
thanks to the depth of its security strategy..." Find out what the other
Linux vendors are not telling you.

http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2

--------------------------------------------------------------------

Expert vs. Expertise: Computer Forensics and the Alternative OS

No longer a dark and mysterious process, computer forensics have been
significantly on the scene for more than five years now. Despite this,
they have only recently gained the notoriety they deserve.

http://www.linuxsecurity.com/feature_stories/feature_story-147.html


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Conectiva        | ----------------------------//
+---------------------------------+

  9/5/2003 - pam_smb
    Remote buffer overflow

    A buffer overflow vulnerability has been discovered in the pam_smb
    module. An attacker can execute arbitrary code in the context of the
    program using the module by supplying a long password.
    http://www.linuxsecurity.com/advisories/connectiva_advisory-3601.html

  9/5/2003 - exim
    Remote buffer overflow

    A remote heap buffer overflow vulnerability[2] has been reported[3] in
    the Exim server. Carefully constructed EHLO/HELO messages can cause a
    buffer overflow.
    http://www.linuxsecurity.com/advisories/connectiva_advisory-3602.html

  9/5/2003 - stunnel
    File descriptor and DoS vulnerabilities

    A file descriptor leak and denial of service vulnerability have been
    fixed.
    http://www.linuxsecurity.com/advisories/connectiva_advisory-3603.html


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

  9/5/2003 - 'exim' buffer overflow
    File descriptor and DoS vulnerabilities

    A buffer overflow exists in exim, which is the standard mail transport
    agent in Debian.  By supplying a specially crafted HELO or EHLO
    command, an attacker could cause a constant string to be written past
    the end of a buffer allocated on the heap.  This vulnerability is not
    believed at this time to be exploitable to execute arbitrary code.
    http://www.linuxsecurity.com/advisories/debian_advisory-3598.html

  9/5/2003 - 'wu-ftpd' insecure program execution
    File descriptor and DoS vulnerabilities

    wu-ftpd, an FTP server, implements a feature whereby multiple files
    can be fetched in the form of a dynamically constructed archive file,
    such as a tar archive.  This feature may be abused to execute
    arbitrary programs with the privileges of the wu-ftpd process.
    http://www.linuxsecurity.com/advisories/debian_advisory-3599.html

  9/8/2003 - exim
    buffer overflow vulnerability

    A buffer overflow exists in exim.
    http://www.linuxsecurity.com/advisories/debian_advisory-3604.html

  9/8/2003 - mah-jong multiple vulnerabilities
    buffer overflow vulnerability

    Nicolas Boullis discovered two vulnerabilities in mah-jong.
    http://www.linuxsecurity.com/advisories/debian_advisory-3605.html

  9/11/2003 - sane-backends multiple vulnerabilities
    buffer overflow vulnerability

    Thes problems allow a remote attacker to cause a segfault fault and/or
    consume arbitrary amounts of memory.
    http://www.linuxsecurity.com/advisories/debian_advisory-3611.html


+---------------------------------+
|  Distribution: EnGarde          | ----------------------------//
+---------------------------------+

  9/11/2003 - 'pine' buffer overflows
    buffer overflow vulnerability

    The pine e-mail client shipped with EnGarde Secure Linux contains
    buffer overflows which may be exploited by a remote attacker by
    sending the victim a specially crafted email.
    http://www.linuxsecurity.com/advisories/engarde_advisory-3607.html


+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

  9/5/2003 - 'httpd' vulnerabilities
    buffer overflow vulnerability

    Updated httpd packages that fix several minor security issues are now
    available for Red Hat Linux 8.0 and 9.
    http://www.linuxsecurity.com/advisories/redhat_advisory-3600.html

  9/11/2003 - GtkHTML
    denial of service vulnerability

    Alan Cox discovered that certain malformed messages could cause the
    Evolution mail component to crash due to a null pointer dereference in
    the GtkHTML library.
    http://www.linuxsecurity.com/advisories/redhat_advisory-3612.html

  9/11/2003 - pine
    buffer overflow vulnerability

    A buffer overflow exists in the way unpatched versions of Pine prior
    to 4.57 handle the 'message/external-body' type.
    http://www.linuxsecurity.com/advisories/redhat_advisory-3613.html


+---------------------------------+
|  Distribution: Slackware        | ----------------------------//
+---------------------------------+

  9/9/2003 - inetd
    denial of service vulnerability

    These updates fix a previously hard-coded limit of 256
    connections-per-minute, after which the given service is disabled for
    ten minutes.
    http://www.linuxsecurity.com/advisories/slackware_advisory-3606.html

  9/11/2003 - pine
    arbitrary code execution vulnerability

    Upgraded pine packages are available for Slackware 8.1, 9.0 and -
    current.
    http://www.linuxsecurity.com/advisories/slackware_advisory-3614.html


+---------------------------------+
|  Distribution: SuSE             | ----------------------------//
+---------------------------------+

  9/5/2003 - 'pam_smb' privilege escalation
    arbitrary code execution vulnerability

    Dave Airlie informed us about a bug in the authentication code of
    pam_smb that allows a remote attacker to gain access to a system using
    pam_smb by issuing a too long password string.
    http://www.linuxsecurity.com/advisories/suse_advisory-3597.html

  9/11/2003 - pine
    arbitrary code execution vulnerability

    The well known and widely used mail client pine is vulnerable to a
    buffer overflow.  The vulnerability exists in the code processing
    'message/external-body' type messages.
    http://www.linuxsecurity.com/advisories/suse_advisory-3615.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux