[ISN] Linux Advisory Watch - November 9th 2001

From: InfoSec News (isnat_private)
Date: Mon Nov 12 2001 - 01:42:23 PST
Next message: InfoSec News: "Re: [ISN] Hacker watchdog group in the works"
Previous message: InfoSec News: "Re: [ISN] Hacker watchdog group in the works"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  November 9th, 2001                       Volume 2, Number 45a |
+----------------------------------------------------------------+
 
  Editors:     Dave Wreski                Benjamin Thomas
               daveat_private     benat_private
 
 
Linux Advisory Watch is a comprehensive newsletter that outlinesthe
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for procmail, lpd, webalizer,
sendmail, w3m, htdig, iptables, and the Linux kernel.  The vendors include
Caldera, Conectiva, EnGarde, Red Hat, and SuSE.
 
Setup a Rock-Solid Server in Minutes!  The EnGarde Linux distribution was
designed from the ground up as a secure solution, starting with the
principle of least privilege, and carrying it through every aspect of its
implementation.

http://www.engardelinux.org 
   

 ** FREE Apache SSL Guide from Thawte **
 
 Planning Web Server Security? Find out how to implement SSL!
 Get the free Thawte Apache SSL Guide and find the answers to all 
 your Apache SSL security issues and more at: 
 
 http://www.gothawte.com/rd90.html 
 
 
Take advantage of our Linux Security discussion list!  This mailing list
is for general security-related questions and comments. To subscribe send
an e-mail to security-discuss-requestat_private with "subscribe"
as the subject.



+---------------------------------+
|  procmail                       | ----------------------------//
+---------------------------------+

Procmail is an incoming mail processor, typically used to implement mail
filters as well as sorting incoming mail into folders. There are several
signal handling race conditions in procmail that could be used by a local
attacker to gain root privileges.

 Conectiva: 7.0 
 ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
 procmail-3.22-1U70_2cl.i386.rpm 

 Conectiva Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1685.html


  
+---------------------------------+
|  lpd                            | ----------------------------//
+---------------------------------+

There are multiple vulnerabilities in several implementations of the line
printer daemon (lpd).  The line printer daemon enables various clients to
share printers over a network. Review your configuration to be sure you
have applied all relevant patches. We also encourage you to restrict
access to the lpd service to only authorized users.

 PLEASE SEE LPD ADVISORY 
 LDP Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1686.html


  
+---------------------------------+
|  webalizer                      | ----------------------------//
+---------------------------------+

An exploitable bug was found in webalizer which allows a remote attacker
to execute commands on other client machines or revealing sensitive
information by placing HTML tags in the right place. This is possible due
to missing sanity checks on untrusted data - hostnames and search keywords
in this case - that are received by webalizer. This kind of attack is also
known as "Cross-Site Scripting Vulnerability".

 i386 Intel Platform: SuSE-7.3 
 ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/ 
 webalizer-2.01.06-140.i386.rpm 
 3525fd6ab9c27be34edad9bef05ff061 

 SuSE Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/suse_advisory-1687.html

  
  
+---------------------------------+
|  sendmail                       | ----------------------------//
+---------------------------------+

An input validation error exists in Sendmail's debugging functionality.
This could be used by an unauthorized user to gain privilege.

 Caldera: 
 ftp://stage.caldera.com/pub/security/openunix/ 
 CSSA-2001-SCO.31/sendmail.Z 
 d6fbe6e6ab98a0170c2d5029b4ade1bf 

 Caldera Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/caldera_advisory-1688.html



+---------------------------------+
|  w3m                            | ----------------------------//
+---------------------------------+

Ogasawara Satoshi and Kobayashi Shigehiro discovered a vulnerability[1] in
a MIME header parsing routine. A malicious web server administrator could
execute arbitrary code in the client machine by sending malformed MIME
headers inside the server HTTP responses.

 Conectiva: 
 ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/ 
 w3m-0.2.1-4U70_1cl.i386.rpm 

 Conectiva Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1690.html



+---------------------------------+
|  htdig                          | ----------------------------//
+---------------------------------+

In the previous version, the htsearch CGI script used to accept the -c
switch remotely--asking htdig to use a different configuration file. The
update removes this potential exploit.

 Red Hat 7.2 i386: 
 ftp://updates.redhat.com/7.2/en/os/i386/ 
 htdig-3.2.0-1.b4.0.72.i386.rpm 

 ftp://updates.redhat.com/7.2/en/os/i386/ 
 htdig-web-3.2.0-1.b4.0.72.i386.rpm  

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-1691.html


  
   
+---------------------------------+
|  iptables                       | ----------------------------//
+---------------------------------+

A new version of iptables fixing various minor security problems and some
other bugs is available.

 Red Hat i386: 
 ftp://updates.redhat.com/7.2/en/os/i386/iptables-1.2.4-2.i386.rpm 
 6434f2a021ac8ca30b04d3f560f7a76a 

 ftp://updates.redhat.com/7.2/en/os/i386/i 
 ptables-ipv6-1.2.4-2.i386.rpm 
 b8abccb90b6a019a8c0ca5f4c43da8b5 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-1689.html 
 


  
  
+---------------------------------+
|  kernels                        | ----------------------------//
+---------------------------------+

There are is a vulnerability in the kernel's syncookie code which can
allow a remote attacker to potentially guess the cookie and bypass
firewall rules. Some firewall systems implement rules based on the TCP
flags set. They may drop or reject incoming packets that have the SYN bit
set, which normally indicates the start of a new connection.  It is
possible for an attacker to flood the server with SYN packets, causing a
DoS attack.  To protect against this DoS the kernel implements something
called "syncookies".

 PLEASE SEE VENDOR ADVISORY 
 SuSE Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/suse_advisory-1680.html 

 Red Hat Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/redhat_advisory-1681.html 

 Conectiva Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1682.html 

 EnGarde Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-1683.html 

 Caldera Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/caldera_advisory-1684.html



------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-requestat_private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.
Next message: InfoSec News: "Re: [ISN] Hacker watchdog group in the works"
Previous message: InfoSec News: "Re: [ISN] Hacker watchdog group in the works"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b30 : Mon Nov 12 2001 - 07:12:12 PST