[ISN] Linux Advisory Watch - August 03, 2001

From: InfoSec News (isnat_private)
Date: Mon Aug 06 2001 - 01:17:39 PDT

  • Next message: InfoSec News: "[ISN] Code Red Worm Update"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                      Linux  Advisory Watch  |
    |  August 3rd, 2001                         Volume 2, Number 31a |
    +----------------------------------------------------------------+
     
      Editors:     Dave Wreski                  Benjamin Thomas
                   daveat_private       benat_private
     
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.  
    It includes pointers to updated packages and descriptions of each
    vulnerability
    
    This week, advisories were released for telnetd, windowmaker, apache-ssl,
    openssl, the Linux kernel, and imp.  The vendors include Caldera, Debian,
    and FreeBSD.
    
    Maximize your security with EnGarde!  EnGarde was designed from the ground
    up as a secure solution, starting with the principle of least privilege,
    and carrying it through every aspect of its implementation.
    
    http://www.engardelinux.org 
    
    EnGarde Quick Start Guide - This is a document that provides you with the
    information necessary to quickly begin using your EnGarde system.
    
    http://www.guardiandigital.com/docs/EnGardeManual/ESLQuick-1.0.1.pdf 
    
    
    
    HTML Version:
    http://www.linuxsecurity.com/vuln-newsletter.html
       
     
    +---------------------------------+
    |  telnetd                        | ----------------------------//
    +---------------------------------+
    
    Due to incorrect bounds checking of data buffered for output to the remote
    client, an attacker can cause the telnetd process to overflow the buffer
    and crash, or execute arbitrary code as the user running telnetd, usually
    root. A valid user account and password is not required to exploit this
    vulnerability, only the ability to connect to a telnetd server.
    
     FreeBSD: 
     ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/ 
     SA-01:49/telnetd-crypto.patch 
    
     FreeBSD Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/freebsd_advisory-1524.html
    
    
    +---------------------------------+
    |  windowmaker                    | ----------------------------//
    +---------------------------------+
    
    Under certain circumstances, remote webservers may cause windowmaker
    to crash and potentially execute arbitrary code as the user running
    windowmaker. 
    
     ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/ 
     x11-wm/windowmaker-0.65.1.tgz 
    
     ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/ 
     x11-wm/windowmaker-0.65.1.tgz 
    
     FreeBSD Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/freebsd_advisory-1525.html 
    
    
      
    +---------------------------------+
    |   apache-ssl                    | ----------------------------//
    +---------------------------------+
    
    This vulnerability makes it possible for a malicious remote user to
    launch an information gathering attack, which could potentially
    result in compromise of the system. Additionally, this vulnerability
    affects all releases of Apache previous to 1.3.19. 
    
     Debian: i386 
     Intel IA-32 architecture: 
    
     http://security.debian.org/dists/stable/updates/main/binary-i386/ 
     apache-common_1.3.9-14_i386.deb 
     MD5 checksum: 10e72df77f3f80966ab64e7894c341ac 
    
     http://security.debian.org/dists/stable/updates/main/binary-i386/ 
     apache-dev_1.3.9-14_i386.deb 
     MD5 checksum: b995eb96a35f173f4a0eddfb4eef9d4a 
    
     http://security.debian.org/dists/stable/updates/main/binary-i386/ 
     apache_1.3.9-14_i386.deb 
     MD5 checksum: 584bf2147b543caf47fcc5cb0c8f00f1 
    
     Debian Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/debian_advisory-1526.html
    
    
      
    +---------------------------------+
    |   OpenSSL                       | ----------------------------//
    +---------------------------------+
    
    By successfully exploiting a flaw in the PRNG, an attacker can gain
    important information that may allow him to deduce nonces (leading to
    the compromise of the protocol session) or encryption keys (allowing
    the attacker to obtain the plaintext of the encrypted data).  Whether
    or not this flaw is exploitable depends upon the specifics of the
    application using OpenSSL.  No vulnerable applications or protocols
    are currently known. 
    
     FreeBSD: 
    
    ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:51/openssl.patch
    
     FreeBSD Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/freebsd_advisory-1527.html 
    
     UPDATED FreeBSD Advisory: 
     http://www.linuxsecurity.com/advisories/freebsd_advisory-1529.html
    
    
      
    +---------------------------------+
    |  Linux kernel                   | ----------------------------//
    +---------------------------------+
    
    A remotely exploitable IP masquerading vulnerability in the Linux
    kernel can be used to penetrate protected private networks. 
    
     Linux Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1528.html
    
    
    
    +---------------------------------+
    |  imp                            | ----------------------------//
    +---------------------------------+
    
    There are several security problems with IMP, a PHP based webmail
    application, shipped as part of OpenLinux 3.1 Server. These
    vulnerabilities allowed attackers to execute commands with the
    privileges of the httpd account. 
    
     ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS 
    
     9dfb2e378b4b81d481fd1b1d55a362aa  RPMS/horde-1.2.6-1.i386.rpm 
     bb45a7379b387c1ac2760aa4cba22eea  RPMS/imp-2.2.6-1.i386.rpm 
    
     Caldera Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/caldera_advisory-1531.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 03:01:46 PDT