+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| March 10th 2006 Volume 7, Number 11a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, perhaps the most interesting articles include tutos, bmv,
xpdf, libtasn, gnutls, tar, squirrelmail, zoph, kernel, shadow-utils,
ncurses, mc, cman, dlm, GFS, system-config-bind, WordPress, MPlayer,
zoo, libaio, samba, freeciv, kdegraphics, php, initscrips, openssh,
spamassassin, mailman, and python. The distributors include Debian,
Fedora, Gentoo, Mandriva, and Red Hat.
----
EnGarde Secure Linux: Why not give it a try?
EnGarde Secure Linux is a Linux server distribution that is geared
toward providing a open source platform that is highly secure by default
as well as easy to administer. EnGarde Secure Linux includes a select
group of open source packages configured to provide maximum security
for tasks such as serving dynamic websites, high availability mail
transport, network intrusion detection, and more. The Community
edition of EnGarde Secure Linux is completely free and open source,
and online security and application updates are also freely
available with GDSN registration.
http://www.engardelinux.org/modules/index/register.cgi
----
Human Body and Server
By: Blessen Cherian
In this article I would like to describe how care for a human body
is similar to a server. It is a globally accepted fact that
everything is interrelated to each other in this world in one
way or the other. Let me try to prove it in the case of a human
body and a human built server.
0.1 Introduction
In this article I would like to describe how a human body is
similar to a server. It is a globally accepted fact that everything
is interrelated to each other in this world in one way or another.
Let me try to prove it in the case of a human body and a human built
server.
0.2 How is a Human Body Similar to a Server?
Being hacked is similar to getting affected by some diseases. Let
us take the example of a human body being affected by some viral
fever.
Why/when do you get affected by a viral fever?
It happens mainly when
1) Body loses its immunity to fight Germs
2) Through unhealthy Surroundings
This is the same in the case of the servers. A server gets
Hacked due to similar reasons like:-
1) Lack of security measures
2) Interacting with already Hacked Servers
0.3 Whats Human Health and Server health?
An individual is said to be healthy when he is free from diseases. A
server is said to be healthy when its safe from hackers and provide
optimum performance.
0.4 Whats Human Immunity and Server Immunity?
Human Immunity is the ability of the body to fight Germs and keep
the body healthy. Server Immunity is the ability of the Server to
fight against hackers and keep the servers safe and secured.
0.5 How do we increase the immunity of the Human body and Server ?
To increase the Human Body Immunity, the person or the individual
should keep his body healthy by :-
1) Consuming good foods
2) Taking care of his body by planned exercises/workouts.
3) Without straining his body much.
4) Conducting regular Body checkup with the advice of a good Doctor
When it comes to Server Immunity, we should follow the given below
options to keep them healthy.
1) Do not overload server.
2) Implement server security measures.
3) Install only secured software.
4) Conducting regular server audits by security experts.
Read Full Paper
http://www.linuxsecurity.com/content/view/121817/49/
----------------------
EnGarde Secure Community 3.0.4 Released
Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.4 (Version 3.0, Release 4). This release
includes several bug fixes and feature enhancements to the Guardian
Digital WebTool and the SELinux policy, and several new packages
available for installation.
http://www.linuxsecurity.com/content/view/121560/65/
---
Linux File & Directory Permissions Mistakes
One common mistake Linux administrators make is having file and
directory permissions that are far too liberal and allow access
beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this
article, so I'll assume you are familiar with the usage of such
tools as chmod, chown, and chgrp. If you'd like a refresher, one
is available right here on linuxsecurity.com.
http://www.linuxsecurity.com/content/view/119415/49/
---
Buffer Overflow Basics
A buffer overflow occurs when a program or process tries to
store more data in a temporary data storage area than it was
intended to hold. Since buffers are created to contain a finite
amount of data, the extra information can overflow into adjacent
buffers, corrupting or overwriting the valid data held in them.
http://www.linuxsecurity.com/content/view/119087/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New tutos package fixes several vulnerabilities
2nd, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121790
* Debian: new bmv packages fix arbitrary code execution
2nd, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121791
* Debian: New xpdf packages fix several problems
2nd, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121792
* Debian: New libtasn1-2 packages fix arbitrary code execution
6th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121812
* Debian: New gnutls11 packages fix arbitrary code execution
6th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121813
* Debian: New tar packages fix arbitrary code execution
7th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121829
* Debian: New squirrelmail packages fix several vulnerabilities
8th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121849
* Debian: New zoph packages fix SQL injection
9th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121857
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
* Fedora Core 4 Update: kernel-2.6.15-1.1833_FC4
2nd, March, 2006
This update rebases to the latest -stable release (2.6.15.5), which
fixes a number of security problems.
http://www.linuxsecurity.com/content/view/121795
* Fedora Core 4 Update: squirrelmail-1.4.6-1.fc4
3rd, March, 2006
Upgrade to version upstream 1.4.6 which solves these issues in
addition to several bugs.
http://www.linuxsecurity.com/content/view/121805
* Fedora Core 4 Update: squirrelmail-1.4.6-3.fc4
6th, March, 2006
Nicholas Mailhot discovered that the previous squirrelmail update
broke several non-English languages. This update fixes that issue.
http://www.linuxsecurity.com/content/view/121815
* Fedora Core 4 Update: shadow-utils-4.0.12-7.FC4
6th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121816
* Fedora Core 4 Update: ncurses-5.4-19.fc4
7th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121835
* Fedora Core 4 Update: mc-4.6.1a-5.fc4
7th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121836
* Fedora Core 4 Update: gnbd-kernel-2.6.11.2-20050420.133124.FC4.58
8th, March, 2006
Update to latest Fedora Core Kernel.
http://www.linuxsecurity.com/content/view/121842
* Fedora Core 4 Update: cman-kernel-2.6.11.5-20050601.152643.FC4.23
8th, March, 2006
Update to latest Fedora Core Kernel.
http://www.linuxsecurity.com/content/view/121843
* Fedora Core 4 Update: dlm-kernel-2.6.11.5-20050601.152643.FC4.22
8th, March, 2006
Update to latest Fedora Core Kernel.
http://www.linuxsecurity.com/content/view/121844
* Fedora Core 4 Update: GFS-kernel-2.6.11.8-20050601.152643.FC4.8
8th, March, 2006
Update to latest Fedora Core Kernel.
http://www.linuxsecurity.com/content/view/121845
* Fedora Core 4 Update: system-config-bind-4.0.0-40_FC4
8th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/121856
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: WordPress SQL injection vulnerability
4th, March, 2006
WordPress is vulnerable to an SQL injection vulnerability.
http://www.linuxsecurity.com/content/view/121806
* Gentoo: teTeX, pTeX, CSTeX Multiple overflows in included
4th, March, 2006
CSTeTeX, pTeX, and teTeX include vulnerable XPdf code to handle PDF
files, making them vulnerable to the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/121807
* Gentoo: MPlayer Multiple integer overflows
4th, March, 2006
MPlayer is vulnerable to integer overflows in FFmpeg and ASF decoding
that could potentially result in the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/121808
* Gentoo: IMAP Proxy Format string vulnerabilities
6th, March, 2006
Format string vulnerabilities in IMAP Proxy may lead to the execution
of arbitrary code when connected to malicious IMAP servers.
http://www.linuxsecurity.com/content/view/121823
* Gentoo: zoo Stack-based buffer overflow
6th, March, 2006
A stack-based buffer overflow in zoo may be exploited to execute
arbitrary code through malicious ZOO archives.
http://www.linuxsecurity.com/content/view/121824
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated mozilla-thunderbird packages fix vulnerability
3rd, March, 2006
The WYSIWYG rendering engine in Mozilla Thunderbird 1.0.7 and earlier
allows user-complicit attackers to bypass javascript security
settings and obtain sensitive information or cause a crash via an
e-mail containing a javascript URI in the SRC attribute of an IFRAME
tag, which is executed when the user edits the e-mail/
http://www.linuxsecurity.com/content/view/121801
* Mandriva: New libaio packages provide Oracle Express support
6th, March, 2006
The libaio package is being made available as an official/main
package to provide out-of-the-box support for Oracle Express in
Mandriva Linux 2006.
http://www.linuxsecurity.com/content/view/121825
* Mandriva: Updated samba packages fix bugs
7th, March, 2006
Samba provides SMB/CIFS services (such as file and printer sharing)
used by clients compatible with Microsoft Windows(TM). This update
introduces a new version of Samba for CS3.0 users. Main changes
include.
http://www.linuxsecurity.com/content/view/121840
* Mandriva: Updated freeciv packages fix DoS vulnerabilities
7th, March, 2006
A Denial of Service vulnerability was discovered in the civserver
component of the freeciv game on certain incoming packets. The
updated packages have been patched to fix this issue.
http://www.linuxsecurity.com/content/view/121841
* Mandriva: Updated kdegraphics packages fixes overflow
vulnerabilities
8th, March, 2006
Marcelo Ricardo Leitner discovered the official published kpdf
patches for several previous xpdf vulnerabilities were lacking some
hunks published by upstream xpdf. As a result, kpdf is still
vulnerable to certain carefully crafted pdf files.
http://www.linuxsecurity.com/content/view/121855
* Mandriva: Updated php packages fix vulnerability
9th, March, 2006
A flaw in the PHP gd extension in versions prior to 4.4.1 could allow
a remote attacker to bypass safe_mode and open_basedir restrictions
via unknown attack vectors.
http://www.linuxsecurity.com/content/view/121871
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Moderate: initscripts security update
7th, March, 2006
An updated initscripts package that fixes a privilege escalation
issue and several bugs is now available. This update has been rated
as having moderate security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/121830
* RedHat: Low: openssh security update
7th, March, 2006
Updated openssh packages that fix bugs in sshd and add auditing of
user logins are now available for Red Hat Enterprise Linux 4. This
update has been rated as having low security impact by the Red Hat
Security Response Team.
http://www.linuxsecurity.com/content/view/121831
* RedHat: Moderate: squid security update
7th, March, 2006
An updated squid package that fixes a security vulnerability as well
as several issues is now available. This update has been rated as
having moderate security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/121832
* RedHat: Moderate: spamassassin security update
7th, March, 2006
An updated spamassassin package that fixes a denial of service flaw
is now available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/121833
* RedHat: Updated kernel packages available for Red Hat
7th, March, 2006
Updated kernel packages are now available as part of ongoing support
and maintenance of Red Hat Enterprise Linux version 4. This is the
third regular update. This update has been rated as having moderate
security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/121834
* RedHat: Moderate: mailman security update
7th, March, 2006
An updated mailman package that fixes two security issues is now
available for Red Hat Enterprise Linux 3 and 4. This update has been
rated as having moderate security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/121837
* RedHat: Moderate: RHAPS security and enhancement update
7th, March, 2006
Red Hat Application Server Release 2 Update 1 is now available. This
update contains an upgrade of several RHAPS components to newer
releases, including JOnAS 4.6.3, Tomcat 5.5.12 and Struts 1.2.8. This
update has been rated as having moderate security impact by the Red
Hat Security Response Team.
http://www.linuxsecurity.com/content/view/121838
* RedHat: Moderate: python security update
9th, March, 2006
Updated Python packages are now available to correct a security
issue. This update has been rated as having moderate security impact
by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/121869
* RedHat: Important: kdegraphics security update
9th, March, 2006
Updated kdegraphics packages that fully resolve a security issue in
kpdf are now available. This update has been rated as having
important security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/121870
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
