[ISN] Linux Advisory Watch - September 21st 2001

From: InfoSec News (isnat_private)
Date: Sat Sep 22 2001 - 01:43:00 PDT

  • Next message: InfoSec News: "Re: [ISN] 'Nimda' - Norwegian For 'Nasty'"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  September 21st, 2001                     Volume 2, Number 38a |
    +----------------------------------------------------------------+
    
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private    benat_private
    
    
    This week, advisories were released for most, apache, and windowmaker.  
    The vendors include Debian, Mandrake, and SuSE.  It has been a slow week.  
    We recommend taking time to make sure that no previous advisories have
    been missed.  A complete listing of our Linux advisories can be found:
    
    * http://www.linuxsecurity.com/advisories/
    
    Are you tired of rebuilding servers hit by NIMDA? 
    
    EnGarde was designed from the ground up as a secure solution, starting
    with the principle of least privilege, and carrying it through every
    aspect of its implementation.
    
    * http://www.engardelinux.org 
      
    Take advantage of our Linux Security discussion list!  This mailing list
    is for general security-related questions and comments. To subscribe send
    an e-mail to security-discuss-requestat_private with "subscribe"
    as the subject.
    
    Linux Advisory Watch is a comprehensive newsletter that outlinesthe
    security vulnerabilities that have been announced throughout the week.It
    includes pointers to updated packages and descriptions of each
    vulnerability.
    
    
    +---------------------------------+
    |  most                           | ----------------------------//
    +---------------------------------+
    
    Pavel Machek has found a buffer overflow in the `most' pager program. The
    problem is part of most's tab expansion where the program would write
    beyond the bounds two array variables when viewing a malicious file.  
    This could lead into other data structures being overwritten which in turn
    could enable most to execute arbitrary code being able to compromise the
    users environment.
    
     Debian Intel ia32 architecture: 
     http://security.debian.org/dists/stable/updates/main/ 
     binary-i386/most_4.9.0-2.1_i386.deb 
     MD5 checksum: b998b05837b20e78e143be0ffdc3e44c 
    
     Debian Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/debian_advisory-1610.html 
     
    
    
    +---------------------------------+
    |   apache                        | ----------------------------//
    +---------------------------------+
    
    A problem exists with all Apache servers prior to version 1.3.19.  The
    vulnerablity could allow directory indexing and path discovery on the
    vulnerable servers with a custom crafted request consisting of a long path
    name created artificially by using numerous slashes. This can cause
    modules to misbehave and return a listing of the directory contents by
    avoiding the error page.
    
     Mandrake: 
     PLEASE SEE ADVISORY FOR UPDATE 
    
     Mandrake Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/mandrake_advisory-1611.html
    
    
    
    +---------------------------------+
    |   windowmaker                   | ----------------------------//
    +---------------------------------+
    
    The window manager Window Maker was found vulnerable to a buffer overflow
    due to improper bounds checking when setting the window title. An attacker
    can remotely exploit this buffer overflow by using malicious web page
    titles or terminal escape sequences to set a excessively long window
    title.  This attack can lead to remote command execution with the
    privileges of the user running Window Maker.
    
     i386 Intel Platform: SuSE-7.2 
     ftp://ftp.suse.com/pub/suse/i386/update/7.2/xwm1/ 
     WindowMaker-0.64.0-82.i386.rpm 
     MD5 Checksum: 0f5508e10089deecf34b51ab8c007bbf 
    
     SuSE Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/suse_advisory-1612.html
    
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Sep 24 2001 - 05:23:18 PDT