+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | October 21st, 2005 Volume 6, Number 43a | +---------------------------------------------------------------------+ Editors: Dave Wreski Benjamin D. Thomas dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for Ruby, hylafax, Mozilla, module-assistant, Lynx, phpMyAdmin, AbiWord, netpbm, gdb, xloadimage, and openldap. The distributors include Debian, Gentoo, and Red Hat. --- Local User Security By: Dave Wreski Getting access to a local user account is one of the first things that system intruders attempt while on their way to exploiting the root account. With lax local security, they can then "upgrade" their normal user access to root access using a variety of bugs and poorly setup local services. If you make sure your local security is tight, then the intruder will have another hurdle to jump. Local users can also cause a lot of havoc with your system even (especially) if they really are who they say they are. Providing accounts to people you don't know or for whom you have no contact information is a very bad idea. You should make sure you provide user accounts with only the minimal requirements for the task they need to do. If you provide your son (age 10) with an account, you might want him to only have access to a word processor or drawing program, but be unable to delete data that is not his. Several good rules of thumb when allowing other people legitimate access to your Linux machine: * Give them the minimal amount of privileges they need. * Be aware when/where they login from, or should be logging in from. * Make sure you remove inactive accounts, which you can determine by using the 'last' command and/or checking log files for any activity by the user. * The use of the same userid on all computers and networks is advisable to ease account maintenance, and permits easier analysis of log data. * The creation of group user-id's should be absolutely prohibited. User accounts also provide accountability, and this is not possible with group accounts. Many local user accounts that are used in security compromises have not been used in months or years. Since no one is using them they, provide the ideal attack vehicle. Read more from the Linux Security Howto: http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/ ---------------------- Linux File & Directory Permissions Mistakes One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com. http://www.linuxsecurity.com/content/view/119415/49/ --- Buffer Overflow Basics A buffer overflow occurs when a program or process tries to store more data in a temporary data storage area than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. http://www.linuxsecurity.com/content/view/119087/49/ --- Review: The Book of Postfix: State-of-the-Art Message Transport I was very impressed with "The Book of Postfix" by authors Ralf Hildebrandt and Pattrick Koetter and feel that it is an incredible Postfix reference. It gives a great overall view of the operation and management of Postfix in an extremely systematic and practical format. It flows in a logical manner, is easy to follow and the authors did a great job of explaining topics with attention paid to real world applications and how to avoid many of the associated pitfalls. I am happy to have this reference in my collection. http://www.linuxsecurity.com/content/view/119027/49/ -------- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ * Debian: New Ruby 1.8 packages fix safety bypass 13th, October, 2005 Updated package. http://www.linuxsecurity.com/content/view/120589 * Debian: New hylafax packages fix insecure temporary files 13th, October, 2005 Updated package. http://www.linuxsecurity.com/content/view/120590 * Debian: New Mozilla packages fix several vulnerabilities 20th, October, 2005 Updated package. http://www.linuxsecurity.com/content/view/120623 * Debian: New module-assistant package fixes insecure temporary file 20th, October, 2005 Updated package. http://www.linuxsecurity.com/content/view/120624 +---------------------------------+ | Distribution: Gentoo | ----------------------------// +---------------------------------+ * Gentoo: KOffice, KWord RTF import buffer overflow 14th, October, 2005 KOffice and KWord are vulnerable to a buffer overflow in the RTF importer, potentially resulting in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/120596 * Gentoo: SPE Insecure file permissions 15th, October, 2005 SPE files are installed with world-writeable permissions, potentially leading to privilege escalation. http://www.linuxsecurity.com/content/view/120600 * Gentoo: Perl, Qt-UnixODBC, CMake RUNPATH issues 17th, October, 2005 Multiple packages suffer from RUNPATH issues that may allow users in the "portage" group to escalate privileges. http://www.linuxsecurity.com/content/view/120605 * Gentoo: Lynx Buffer overflow in NNTP processing 17th, October, 2005 Lynx contains a buffer overflow that may be exploited to execute arbitrary code. http://www.linuxsecurity.com/content/view/120607 * Gentoo: phpMyAdmin Local file inclusion vulnerability 17th, October, 2005 phpMyAdmin contains a local file inclusion vulnerability that may lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/120608 * Gentoo: AbiWord New RTF import buffer overflows 20th, October, 2005 AbiWord is vulnerable to an additional set of buffer overflows during RTF import, making it vulnerable to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/120625 * Gentoo: Netpbm Buffer overflow in pnmtopng 20th, October, 2005 The pnmtopng utility, part of the Netpbm tools, contains a vulnerability which can potentially result in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/120626 +---------------------------------+ | Distribution: Red Hat | ----------------------------// +---------------------------------+ * RedHat: Moderate: openldap and nss_ldap security update 17th, October, 2005 Updated openldap and nss_ldap packages that correct a potential password disclosure issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120602 * RedHat: Moderate: openldap and nss_ldap security update 17th, October, 2005 Updated openldap and nss_ldap packages that correct a potential password disclosure issue and possible authentication vulnerability are now available. http://www.linuxsecurity.com/content/view/120603 * RedHat: Critical: lynx security update 17th, October, 2005 An updated lynx package that corrects a security flaw is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120604 * RedHat: Moderate: netpbm security update 18th, October, 2005 Updated netpbm packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120613 * RedHat: Low: gdb security update 18th, October, 2005 An updated gdb package that fixes minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120614 * RedHat: Low: xloadimage security update 18th, October, 2005 A new xloadimage package that fixes bugs in handling malformed tiff and pbm/pnm/ppm images, and in handling metacharacters in file names is now available. http://www.linuxsecurity.com/content/view/120615 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------