+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| November 28th, 2003 Volume 4, Number 47a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for BIND, Ethereal, Glibc, Libnids,
phpSysInfo, Stunnel, EPIC, iproute, Pan, and XFree86. The distributors
include Guardian Digital's EnGarde Linux, Gentoo, Mandrake, and Red Hat.
---
>> Free Trial SSL Certificate from Thawte <<
Take your first step towards giving your online business a competitive
advantage. Test-drive a Thawte SSL certificate our easy online guide will
show you how.
Get started now:
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte28
---
Business and IT centers today are controlled by the growth of the
Internet. Just in ten years, technology has changed so rapidly that the
old rules no longer apply. Today, businesses are forced to comply with
the momentum of the Internet, or face extinction. Change is always
difficult, but now more than ever it is necessary. With every change in
business, security must constantly be re- evaluated.
In a typical corporate IT environment, new business requirements arise
each day. The application development team is constantly being asked to
add new features to software, the networking team is increasingly being
asked to provide access at anywhere, anytime and managers have the
opinion, "make it work now, and no you can't have a budget." Well, it's
usually not that bad, but you get the idea. Everyone is being stretched
to the limit and it puts a great strain on the organization. In the
middle of adding more features, access points, and bandwidth, security is
often forgotten. That's okay, isn't it? "We'll just add security later
once we get the system working."
That is exactly the problem all of us have today when working in security.
It is typical to receive a memo at the end of the day stating that ten new
servers is going to be deployed tomorrow morning, then at the end it asks,
"Is this ok with security?" Of course not! The typical problem that we
all face does not have to do with technology, it is simply a people
problem. Unfortunately, attitudes can't be changed over night.
Sometimes, they may not be able to be changed or years. The only way to
address this is through a security awareness program. The smaller the
organization, the easier it should be. People must be reminded daily that
security is important to the organization, and is a high priority. The
quickest way to get results, is to get top management on board. If you
see that key management figures are unwilling to comply, and the
organization is large enough, total security awareness may be an
impossible task.
Security is everyone's problem. One administrator simply patching a
server each week is a good start, but it shouldn't stop there. Having
adequate business security depends on many. Often, it is your job to let
those people know. I realize that this task harder than it sounds, but
hopefully I've given you some inspiration to begin getting others on
board. Don't face the fire alone!
Until next time, cheers!
Benjamin D. Thomas
ben@xxxxxxxxxxxxxxxxx
---
Guardian Digital Launches First Secure Small Business Internet
Productivity Solution
Building a complete Internet security and productivity system for your
organization just got a whole lot simpler and more secure with Guardian
Digital Internet Productivity Suite. Web-based management, spam and virus
control, groupware, VPN services, and more!
Find out more now:
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=ips01
--------------------------------------------------------------------
OpenVPN: An Introduction and Interview with Founder, James Yonan In this
article, Duane Dunston gives a brief introduction to OpenVPN and
interviews its founder James Yonan.
http://www.linuxsecurity.com/feature_stories/feature_story-152.html
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: EnGarde | ----------------------------//
+---------------------------------+
11/26/2003 - BIND
cache poisoning vulnerability
A cache poisoning vulnerability exists in the version of BIND shipped
with all versions of EnGarde Secure Linux. Successful exploitation of
this vulnerability may result in a temporary denial of service until
the bad record expires from the cache.
http://www.linuxsecurity.com/advisories/engarde_advisory-3816.html
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
11/25/2003 - Ethereall
buffer overflow vulnerability
These updated ethereal packages fix a security problem found in
versions prior to 0.9.16. It also fixes several other minor bugs and
problems.
http://www.linuxsecurity.com/advisories/fedora_advisory-3814.html
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
11/24/2003 - Ethereal
multiple vulnerabilities
It may be possible to make Ethereal crash or run arbitrary code by
injecting a purposefully malformed packet onto the wire, or by
convincing someone to read a malformed packet trace file.
http://www.linuxsecurity.com/advisories/gentoo_advisory-3808.html
11/24/2003 - Glibc
buffer overrun vulnerability
A bug in the getgrouplist function can cause a buffer overflow if the
size of the group list is too small to hold all the user's groups. This
overflow can cause segmentation faults in user applications. This
vulnerability exists only when an administrator has placed a user in a
number of groups larger than that expected by an application.
http://www.linuxsecurity.com/advisories/gentoo_advisory-3809.html
11/24/2003 - Libnids
remote code execution
There is a bug in the part of libnids code responsible for TCP
reassembly. The flaw probably allows remote code execution.
http://www.linuxsecurity.com/advisories/gentoo_advisory-3810.html
11/24/2003 - phpSysInfo
directory traversal
phpSysInfo contains two vulnerabilities which could allow local files
to be read or arbitrary PHP code to be executed, under the privileges
of the web server process.
http://www.linuxsecurity.com/advisories/gentoo_advisory-3811.html
+---------------------------------+
| Distribution: Mandrake | ----------------------------//
+---------------------------------+
11/21/2003 - freeswan
directory traversal
The version of freeswan bundled with the latest kernel update did not
match the freeswan package which essentially rendered it unuseable.
This update brings the freeswan package up to date with the kernel
version.
http://www.linuxsecurity.com/advisories/mandrake_advisory-3803.html
11/26/2003 - Stunnel
file descriptor leak
A vulnerability was discovered in stunnel versions 3.24 and earlier, as
well as 4.00, by Steve Grubb. It was found that stunnel leaks a
critical file descriptor that can be used to hijack stunnel's services.
http://www.linuxsecurity.com/advisories/mandrake_advisory-3815.html
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
11/24/2003 - EPIC
Buffer overflow vulnerability
Updated EPIC packages which fix an exploitable buffer overflow
vulnerability are now available.
http://www.linuxsecurity.com/advisories/redhat_advisory-3804.html
11/24/2003 - iproute
Local denial of service vulnerability
Updated iproute packages that close a locally-exploitable denial of
service vulnerability are now available.
http://www.linuxsecurity.com/advisories/redhat_advisory-3805.html
11/24/2003 - stunnel
Signal-handling vulnerability
Updated stunnel packages are now available for Red Hat Linux 7.1, 7.2,
7.3, and 8.0 systems. These updates address problems stemming from
improper use of non-reentrant functions in signal handlers.
http://www.linuxsecurity.com/advisories/redhat_advisory-3806.html
11/24/2003 - Pan
Denial of service vulnerability
Updated Pan packages that close a denial of service vulnerability are
now available.
http://www.linuxsecurity.com/advisories/redhat_advisory-3807.html
11/25/2003 - XFree86
Multiple vulnerabilities
Multiple integer overflows in the transfer and enumeration of font
libraries in XFree86 allow local or remote attackers to cause a denial
of service or execute arbitrary code via heap-based and stack-based
buffer overflow attacks.
http://www.linuxsecurity.com/advisories/redhat_advisory-3812.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
