+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| May 20th, 2005 Volume 6, Number 20a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for kde, phpsysinfo, fonts-xorg,
gaim, phpBB, mozilla suite, PostgreSQL, FreeRADIUS, ncpfs, kdelibs,
cyrus-imapd, rsh, glibc, ia32el, and the Red Hat kernel. The
distributors include Conectiva, Debian, Fedora, Gentoo, and Red Hat.
---
## Internet Productivity Suite: Open Source Security ##
Trust Internet Productivity Suite's open source architecture to
give you the best security and productivity applications available.
Collaborating with thousands of developers, Guardian Digital
security engineers implement the most technologically advanced
ideas and methods into their design.
Click to find out more!
http://store.guardiandigital.com/html/eng/products/software/ips_overview.shtml
---
Buffer Overflow Basics
By: Suhas Desai
A buffer overflow occurs when a program or process tries to store
more data in a temporary data storage area than it was intended to
hold. Since buffers are created to contain a finite amount of data,
the extra information can overflow into adjacent buffers, corrupting
or overwriting the valid data held in them.
Buffer overflows are a fertile source of bugs and malicious attacks.
They occur when a program attempts to write data past the end of a
buffer. A buffer is a contiguous allocated chunk of memory, such as
an array or pointer in C. Limitation of C and C++ is there are no
automatic bounds checking on the buffer where user can write past
a buffer as given in example.
Note: All examples are compiled on Linux platform having x86
configuration.
int main ()
{
int buffer [10];
buffer[20]=10;
}
After execution of this program it won.t give errors but program
attempts to write beyond the allocated memory for the buffer which
results for unexpected output.
void function (char *str)
{
char buffer[16];
strcpy(buffer,str);
}
int main()
{
char *str=.I am greater than 16 bytes.;
function(str);
}
This program is guaranteed to cause unexpected behavior, because
a string (str) of 27 bytes has been copied to a location (buffer)
that has been allocated for only 16 bytes. The extra bytes run past
the buffer and overwrite the space allocated for the FP, return
address and so on. This corrupts the process stack. The function
used to copy the string is strcpy, which completes no checking of
bounds. Using strncpy would have prevented this corruption of
the stack.
Example:
int main()
{
char buff[15]={0};
printf(.Enter your name:.);
scanf(buff,.%s.);
}
In this example, program reads a string from the standard input but
does not check strings length. If the string has more than 14
characters, then it causes a buffer overflow as scanf() tries to
write the remaining character past buff.s end.
Note: One character is always reserved for a null terminator.
The result is most likely a segmentation fault that crashes the
program. In certain conditions, the users will receive a shell.s
prompt after the crash. Even if the shell has restricted
privileges, they can examine the values of environment
variables; list the current directory files to detect the
network with the pig command.
Read full article:
http://www.linuxsecurity.com/content/view/119087/49/
----------------------
Measuring Security IT Success
In a time where budgets are constrained and Internet threats are
on the rise, it is important for organizations to invest in network
security applications that will not only provide them with powerful
functionality but also a rapid return on investment.
http://www.linuxsecurity.com/content/view/118817/49/
---
Getting to Know Linux Security: File Permissions
Welcome to the first tutorial in the 'Getting to Know Linux Security'
series. The topic explored is Linux file permissions. It offers an
easy to follow explanation of how to read permissions, and how to set
them using chmod. This guide is intended for users new to Linux
security, therefore very simple. If the feedback is good, I'll
consider creating more complex guides for advanced users. Please
let us know what you think and how these can be improved.
Click to view video demo:
http://www.linuxsecurity.com/content/view/118181/49/
---
The Tao of Network Security Monitoring: Beyond Intrusion Detection
To be honest, this was one of the best books that I've read on network
security. Others books often dive so deeply into technical discussions,
they fail to provide any relevance to network engineers/administrators
working in a corporate environment. Budgets, deadlines, and flexibility
are issues that we must all address. The Tao of Network Security
Monitoring is presented in such a way that all of these are still
relevant. One of the greatest virtues of this book is that is offers
real-life technical examples, while backing them up with relevant case
studies.
http://www.linuxsecurity.com/content/view/118106/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Contectiva | ----------------------------//
+---------------------------------+
Conectiva: kde Fixes for multiple KDE security vulnerabilities
17th, May, 2005
KDE[1] is a very popular graphical desktop environment available for
GNU/Linux and other operating systems.
http://www.linuxsecurity.com/content/view/119126
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New phpsysinfo packages fix cross site scripting
18th, May, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119140
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
* Fedora Core 3 Update: fonts-xorg-6.8.2-0.FC3.1
16th, May, 2005
The fonts-xorg packages included in the initial release of Fedora
Core 3 contain a number of minor glitches which have been fixed
in this update release.
http://www.linuxsecurity.com/content/view/119123
* Fedora Core 3 Update: squid-2.5.STABLE9-1.FC3.6
17th, May, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119135
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: Gaim Denial of Service and buffer overflow vulnerabilties
12th, May, 2005
Gaim contains two vulnerabilities, potentially resulting in the
execution of arbitrary code or Denial of Service.
http://www.linuxsecurity.com/content/view/119107
* Gentoo: phpBB Cross-Site Scripting Vulnerability
14th, May, 2005
phpBB is vulnerable to a cross-site scripting attack that could allow
arbitrary scripting code execution.
http://www.linuxsecurity.com/content/view/119117
* Gentoo: Mozilla Suite, Mozilla Firefox Remote compromise
15th, May, 2005
Several vulnerabilities in the Mozilla Suite and Firefox allow an
attacker to conduct cross-site scripting attacks or to execute
arbitrary code.
http://www.linuxsecurity.com/content/view/119118
* Gentoo: PostgreSQL Multiple vulnerabilities
15th, May, 2005
PostgreSQL is vulnerable to Denial of Service attacks and possibly
allows unprivileged users to gain administrator rights.
http://www.linuxsecurity.com/content/view/119119
* Gentoo: FreeRADIUS Buffer overflow and SQL injection vulnerability
17th, May, 2005
The FreeRADIUS server is vulnerable to a buffer overflow and an SQL
injection attack, possibly allowing the compromise of the system.
http://www.linuxsecurity.com/content/view/119129
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Moderate: ncpfs security update
17th, May, 2005
An updated ncpfs package is now available. This update has been
rated as having moderate security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/119130
* RedHat: Important: kdelibs security update
17th, May, 2005
Updated kdelibs packages that fix a flaw in kimgio input validation
are now available for Red Hat Enterprise Linux 4. This update has been
rated as having important security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/119131
* RedHat: Moderate: cyrus-imapd security update
17th, May, 2005
Updated cyrus-imapd packages that fix several buffer overflow
security issues are now available. This update has been rated
as having moderate security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/119132
* RedHat: Low: rsh security update
18th, May, 2005
Updated rsh packages that fix various bugs and a theoretical security
issue are now available. This update has been rated as having low
security impact by the Red Hat Security Response Team
http://www.linuxsecurity.com/content/view/119141
* RedHat: Low: openssh security update
18th, May, 2005
Updated openssh packages that fix a potential security vulnerability
and various other bugs are now available for Red Hat Enterprise
Linux 3. This update has been rated as having low security impact
by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/119142
* RedHat: Low: glibc security update
18th, May, 2005
Updated glibc packages that address several bugs are now available.
This update has been rated as having low security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/119143
* RedHat: Low: ia32el security update
18th, May, 2005
An updated ia32el package that fixes several bugs is now available.
This update has been rated as having low security impact by
the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/119144
* RedHat: Updated kernel packages available for Red Hat
18th, May, 2005
Updated kernel packages are now available as part of ongoing
support and maintenance of Red Hat Enterprise Linux version 3.
This is the fifth regular update.
http://www.linuxsecurity.com/content/view/119145
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
