[ISN] Linux Advisory Watch - November 30th 2001

From: InfoSec News (isnat_private)
Date: Sun Dec 02 2001 - 23:49:27 PST

  • Next message: InfoSec News: "[ISN] Open source mounts IDS challenge"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  November 30th, 2001                      Volume 2, Number 48a |
    +----------------------------------------------------------------+
     
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private     benat_private
     
     
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.It
    includes pointers to updated packages and descriptions of each
    vulnerability.
    
    This week, advisories were released for wu-ftp, imp, rpm, postfix, sasl,
    and sendmail.  The vendors include Caldera, Conectiva, Immunix, Red Hat,
    Slackware and SuSE.
    
     * Do you need more free time?
    
    Are you looking for a solution that provides the applications necessary to
    easily create thousands of virtual Web sites, manage e-mail, DNS,
    firewalling database functions for an entire organization, and supports
    high-speed broadband connections all using a Web-based front-end? EnGarde
    Secure Professional provides those features and more!
    
     EnGarde Secure Professional:
     http://store.guardiandigital.com/html/eng/493-AA.shtml
    
    
    
      ** FREE Apache SSL Guide from Thawte ** 
     
     Planning Web Server Security? Find out how to implement SSL! Get 
     the free Thawte Apache SSL Guide and find the answers to all your 
     Apache SSL security issues and more at: 
     
     http://www.gothawte.com/rd92.html 
     
     
    Take advantage of our Linux Security discussion list!  This mailing list
    is for general security-related questions and comments. To subscribe send
    an e-mail to security-discuss-requestat_private with "subscribe"
    as the subject.
     
     
     
    +---------------------------------+
    | wu-ftp                          | ----------------------------//
    +---------------------------------+
    
    An overflowable buffer exists in earlier versions of wu-ftpd. An attacker
    could gain access to the machine by sending malicious commands.
    
     Red Hat Linux 7.2: i386: 
     ftp://updates.redhat.com/7.2/en/os/i386/ 
     wu-ftpd-2.6.1-20.i386.rpm 
     7306f24d3d7d518068c5e08959d43bdd 
    
     Red Hat Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/redhat_advisory-1711.html 
    
     SuSE-7.3 
     ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/ 
     wuftpd-2.6.0-344.i386.rpm 
     d1b549b8c2d91d66a8b35fe17a1943b3 
    
     SuSE Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/suse_advisory-1718.html 
    
     Caldera: 
     ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS 
    
     RPMS/wu-ftpd-2.6.1-13OL.i386.rpm 
     d6a618f9fe6a3ae99a1c54a405ab169a 
    
     Caldera Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/caldera_advisory-1719.html 
      
    
     Conectiva: 
     ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
     wu-ftpd-2.6.1-6U70_1cl.i386.rpm 
    
     Conectiva Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1720.html 
      
    
     Immunix: 
     http://download.immunix.org/ImmunixOS/7.0/updates/ 
     RPMS/wu-ftpd-2.6.1-6_imnx_4.i386.rpm 
     c6c2fa2fa60f2cfe5b496ad0281fa486 
    
     Immunix Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1721.html
    
    
      
    
    +---------------------------------+
    | imp                             | ----------------------------//
    +---------------------------------+
    
    The webmail frontend IMP has a cross site scripting problem, allowing a
    remote attacker to send you an E-mail with a malformed URL that when
    clicked on will open your mail session to the attacker, allowing him to
    read and delete your E-mails.
    
     Caldera: 
     ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/ 
     Server/current/RPMS 
     RPMS/horde-1.2.7-1.i386.rpm 
     53a9d75c760851f79fa72cb451416f96 
    
     RPMS/imp-2.2.7-1.i386.rpm 
     4bb1af4dcd98af6f168543476f691b95 
    
     Caldera Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/caldera_advisory-1715.html 
     
    
    
    +---------------------------------+
    | rpm                             | ----------------------------//
    +---------------------------------+
    
    A malicious user could exploit this vulnerability by sending a carefully
    crafted rpm package to the printing system, which will query the package
    to extract the information to print and will execute arbitrary code
    choosen by the attacker with the privileges of the lp user.
    
     PLEASE SEE VENDOR ADVISORY FOR UPDATE 
    
     Conectiva Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1712.html
    
    
      
      
    +---------------------------------+
    | postfix                         | ----------------------------//
    +---------------------------------+
    
    Wietse Venema reported[1] a vulnerability[2] in Postfix where a remote
    attacker could cause a DoS (denial of service) condition on the server.
    The SMTP session log could grow to an unreasonable size and possibly
    exhaust the server's memory if no other limits were in place.
    
     Conectiva: 
     ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
     postfix-doc-20010228pl02-7U70_1cl.i386.rpm 
    
     ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
     postfix-20010228pl02-7U70_1cl.i386.rpm 
    
     Conectiva Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1709.html 
      
    
     Red Hat Powertools 7.1: i386: 
     ftp://updates.redhat.com/7.1/en/powertools/i386/
     postfix-20011125-  1SASL.i386.rpm 
     60402b08bd489052146eec437838a829 
    
     Red Hat Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/redhat_advisory-1714.html
    
    
    
      
    +---------------------------------+
    | sasl                            | ----------------------------//
    +---------------------------------+
    
    There is a format string bug in the Cyrus SASL library, and the library is
    used by sendmail. We are not sure whether this vulnerability can be
    exploited remotely just by connecting to sendmail, but if it is, the
    attacker would gain root access.
    
     Caldera: 
     ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/ 
     Server/current/RPMS 
    
     RPMS/libsasl-1.5.24-4.i386.rpm 
     67e101e2ff0a259e57bbcc9eee616a1f 
    
     Caldera Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/caldera_advisory-1716.html 
      
    
     Red Hat: 
     PLEASE SEE ADVISORY FOR UPDATE 
    
     Red Hat Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/redhat_advisory-1722.html 
     http://www.linuxsecurity.com/advisories/redhat_advisory-1723.html
    
    
      
    +---------------------------------+
    |  sendmail                       | ----------------------------//
    +---------------------------------+
    
    An input validation error in sendmail has been discovered by Cade Cairns
    of SecurityFocus.  This problem can be exploited by local users to gain
    root access.  It is not exploitable by remote attackers without shell
    access. New packages based on sendmail.8.11.6 have been prepared for
    Slackware 7.1 and 8.0.
    
     Slackware 8.0:  
     ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/ 
     patches/packages/procmail.tgz 
     56099f1bce9643e44342711878a7ceb0 
    
     ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/  
     patches/packages/sendmail.tgz 
     3d03fd648ecf40eed56ff915780fb8ab 
    
     ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/ 
     patches/packages/smailcfg.tgz 
     1a13d98a11d0af853893a640909d8958 
    
     Slackware Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/slackware_advisory-1573.html
    
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Dec 03 2001 - 06:41:07 PST