+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| August 3rd, 2001 Volume 2, Number 31a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
daveat_private benat_private
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability
This week, advisories were released for telnetd, windowmaker, apache-ssl,
openssl, the Linux kernel, and imp. The vendors include Caldera, Debian,
and FreeBSD.
Maximize your security with EnGarde! EnGarde was designed from the ground
up as a secure solution, starting with the principle of least privilege,
and carrying it through every aspect of its implementation.
http://www.engardelinux.org
EnGarde Quick Start Guide - This is a document that provides you with the
information necessary to quickly begin using your EnGarde system.
http://www.guardiandigital.com/docs/EnGardeManual/ESLQuick-1.0.1.pdf
HTML Version:
http://www.linuxsecurity.com/vuln-newsletter.html
+---------------------------------+
| telnetd | ----------------------------//
+---------------------------------+
Due to incorrect bounds checking of data buffered for output to the remote
client, an attacker can cause the telnetd process to overflow the buffer
and crash, or execute arbitrary code as the user running telnetd, usually
root. A valid user account and password is not required to exploit this
vulnerability, only the ability to connect to a telnetd server.
FreeBSD:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/
SA-01:49/telnetd-crypto.patch
FreeBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/freebsd_advisory-1524.html
+---------------------------------+
| windowmaker | ----------------------------//
+---------------------------------+
Under certain circumstances, remote webservers may cause windowmaker
to crash and potentially execute arbitrary code as the user running
windowmaker.
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/
x11-wm/windowmaker-0.65.1.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/
x11-wm/windowmaker-0.65.1.tgz
FreeBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/freebsd_advisory-1525.html
+---------------------------------+
| apache-ssl | ----------------------------//
+---------------------------------+
This vulnerability makes it possible for a malicious remote user to
launch an information gathering attack, which could potentially
result in compromise of the system. Additionally, this vulnerability
affects all releases of Apache previous to 1.3.19.
Debian: i386
Intel IA-32 architecture:
http://security.debian.org/dists/stable/updates/main/binary-i386/
apache-common_1.3.9-14_i386.deb
MD5 checksum: 10e72df77f3f80966ab64e7894c341ac
http://security.debian.org/dists/stable/updates/main/binary-i386/
apache-dev_1.3.9-14_i386.deb
MD5 checksum: b995eb96a35f173f4a0eddfb4eef9d4a
http://security.debian.org/dists/stable/updates/main/binary-i386/
apache_1.3.9-14_i386.deb
MD5 checksum: 584bf2147b543caf47fcc5cb0c8f00f1
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-1526.html
+---------------------------------+
| OpenSSL | ----------------------------//
+---------------------------------+
By successfully exploiting a flaw in the PRNG, an attacker can gain
important information that may allow him to deduce nonces (leading to
the compromise of the protocol session) or encryption keys (allowing
the attacker to obtain the plaintext of the encrypted data). Whether
or not this flaw is exploitable depends upon the specifics of the
application using OpenSSL. No vulnerable applications or protocols
are currently known.
FreeBSD:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:51/openssl.patch
FreeBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/freebsd_advisory-1527.html
UPDATED FreeBSD Advisory:
http://www.linuxsecurity.com/advisories/freebsd_advisory-1529.html
+---------------------------------+
| Linux kernel | ----------------------------//
+---------------------------------+
A remotely exploitable IP masquerading vulnerability in the Linux
kernel can be used to penetrate protected private networks.
Linux Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-1528.html
+---------------------------------+
| imp | ----------------------------//
+---------------------------------+
There are several security problems with IMP, a PHP based webmail
application, shipped as part of OpenLinux 3.1 Server. These
vulnerabilities allowed attackers to execute commands with the
privileges of the httpd account.
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS
9dfb2e378b4b81d481fd1b1d55a362aa RPMS/horde-1.2.6-1.i386.rpm
bb45a7379b387c1ac2760aa4cba22eea RPMS/imp-2.2.6-1.i386.rpm
Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-1531.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-requestat_private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 03:01:46 PDT