+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| September 21st, 2001 Volume 2, Number 38a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
daveat_private benat_private
This week, advisories were released for most, apache, and windowmaker.
The vendors include Debian, Mandrake, and SuSE. It has been a slow week.
We recommend taking time to make sure that no previous advisories have
been missed. A complete listing of our Linux advisories can be found:
* http://www.linuxsecurity.com/advisories/
Are you tired of rebuilding servers hit by NIMDA?
EnGarde was designed from the ground up as a secure solution, starting
with the principle of least privilege, and carrying it through every
aspect of its implementation.
* http://www.engardelinux.org
Take advantage of our Linux Security discussion list! This mailing list
is for general security-related questions and comments. To subscribe send
an e-mail to security-discuss-requestat_private with "subscribe"
as the subject.
Linux Advisory Watch is a comprehensive newsletter that outlinesthe
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.
+---------------------------------+
| most | ----------------------------//
+---------------------------------+
Pavel Machek has found a buffer overflow in the `most' pager program. The
problem is part of most's tab expansion where the program would write
beyond the bounds two array variables when viewing a malicious file.
This could lead into other data structures being overwritten which in turn
could enable most to execute arbitrary code being able to compromise the
users environment.
Debian Intel ia32 architecture:
http://security.debian.org/dists/stable/updates/main/
binary-i386/most_4.9.0-2.1_i386.deb
MD5 checksum: b998b05837b20e78e143be0ffdc3e44c
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-1610.html
+---------------------------------+
| apache | ----------------------------//
+---------------------------------+
A problem exists with all Apache servers prior to version 1.3.19. The
vulnerablity could allow directory indexing and path discovery on the
vulnerable servers with a custom crafted request consisting of a long path
name created artificially by using numerous slashes. This can cause
modules to misbehave and return a listing of the directory contents by
avoiding the error page.
Mandrake:
PLEASE SEE ADVISORY FOR UPDATE
Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-1611.html
+---------------------------------+
| windowmaker | ----------------------------//
+---------------------------------+
The window manager Window Maker was found vulnerable to a buffer overflow
due to improper bounds checking when setting the window title. An attacker
can remotely exploit this buffer overflow by using malicious web page
titles or terminal escape sequences to set a excessively long window
title. This attack can lead to remote command execution with the
privileges of the user running Window Maker.
i386 Intel Platform: SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/xwm1/
WindowMaker-0.64.0-82.i386.rpm
MD5 Checksum: 0f5508e10089deecf34b51ab8c007bbf
SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-1612.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-requestat_private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.
This archive was generated by hypermail 2b30 : Sat Sep 22 2001 - 04:42:22 PDT