Linux Advisory Watch - October 31st 2003

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  October 31st, 2003                       Volume 4, Number 43a |
+----------------------------------------------------------------+

   Editors:     Dave Wreski                Benjamin Thomas
                dave@xxxxxxxxxxxxxxxxx     ben@xxxxxxxxxxxxxxxxx

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for libnids, thttpd, apache2, gdm, and
fetchmail.  The distributors include Conectiva, Debian, Mandrake, and
Slackware.

 >> FREE Apache SSL Guide from Thawte  <<

Are you worried about your web server security?  Click here to get a FREE
Thawte Apache SSL Guide and find the answers to all your Apache SSL
security needs.

  Click Command:
  http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=vertad_thawteapache

---

One of my favorite Linux network tools has always been ntop.  For those of
you who haven't used it, ntop is a command line tool used to gather
information about network traffic.  It is similar to 'top,' another
command line tool that is used to report CPU and other resource usage.
Ntop can be used for traffic measurement, monitoring, network usage
analysis, and as a security violation detection tool.  Ntop can be
downloaded on http://www.ntop.org, and it is available for a wide range of
operating systems.

Ntop has relatively active community around it.  If you need support there
are several mailing lists that are available.  Also, the Web site provides
several usage guides so using the tool to its fullest extent should not be
a problem.  The documentation provides all of the information that is
necessary.  Ntop provides an easy way for administrators to easily
identify bandwidth utilization problems, identifying hosts in promiscuous
mode, and the use of duplicate IP addresses.

One of the more interesting features is that ntop can be started in Web
mode.  For example, 'prompt$ ntop -w 3000' will allow a remote user to be
able to access ntop information remotely. (http://server.domain.com:3000)

One of the drawbacks is that ntop is not as robust as some of the
enterprise traffic monitoring systems.  The small-time system
administrator should see that as a virtue though.  If you only have
several machines to keep track of, it has all the power that you would
ever need.  Normally, this is a tool that I use when trying to diagnose
problems.  Often, other network reporting tools are too verbose.  Ntop
provides just enough information quickly, in order to make decisions that
may affect configuration changes.

By now, hopefully most of you have used, or consistently use ntop.  If
not, I urge you to take a look.  Ntop can be a great solution to
satisfying your curiosity when you would like to know what is happening on
your network at any given moment.

Until next time, cheers!
Benjamin D. Thomas
ben@xxxxxxxxxxxxxxxxx

---

EnGarde GDSN Subscription Price Reduction -
Guardian Digital, the world's premier open source security company,
announced today that they will be reducing the annual subscription cost of
the Guardian Digital Secure Network for EnGarde Community users from $229
to $60 for a limited time.

http://www.linuxsecurity.com/feature_stories/feature_story-151.html

--------------------------------------------------------------------

CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner!
Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
Editor's Choice Award, EnGarde "walked away with our Editor's Choice award
thanks to the depth of its security strategy..." Find out what the other
Linux vendors are not telling you.

http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------------------+
|  Distribution: Conectiva        | ----------------------------//
+---------------------------------+

  10/29/2003 - libnids
    Remote buffer overflow vulnerability

    A remote attacker may potentially exploit this vulnerability to
    execute arbitrary code in the context of the application using this
    functionality of libnids.
    http://www.linuxsecurity.com/advisories/connectiva_advisory-3747.html

+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

  10/29/2003 - thttpd
    Multiple vulnerabilities

    An information leak and an arbitrary code execution vulnerability have
    been fixed.
    http://www.linuxsecurity.com/advisories/debian_advisory-3748.html


+---------------------------------+
|  Distribution: Mandrake         | ----------------------------//
+---------------------------------+

  10/26/2003 - apache2
    DoS Vulnerability

    A problem was discovered in Apache2 where CGI scripts that output more
    than 4k of output to STDERR will hang the script's execution which can
    cause a Denial of Service on the httpd process
    http://www.linuxsecurity.com/advisories/mandrake_advisory-3744.html


+---------------------------------+
|  Distribution: Slackware        | ----------------------------//
+---------------------------------+

  10/28/2003 - gdm
    multiple vulnerabilities

    These updates fix two vulnerabilities which could allow a local user
    to crash or freeze gdm, preventing access to the machine until a
    reboot.
    http://www.linuxsecurity.com/advisories/slackware_advisory-3745.html

  10/28/2003 - fetchmail
    denial of service vulnerability

    These fix a vulnerability where a specially crafted email could crash
    fetchmail, preventing the user from downloading or forwarding their
    email.
    http://www.linuxsecurity.com/advisories/slackware_advisory-3746.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux