[ISN] Linux Advisory Watch - December 21st 2001

From: InfoSec News (isnat_private)
Date: Mon Dec 24 2001 - 00:14:09 PST

  • Next message: InfoSec News: "[ISN] Cybercrime fight hampered"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  December 21st, 2001                      Volume 2, Number 51a |
    +----------------------------------------------------------------+
     
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private     benat_private
     
     
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.It
    includes pointers to updated packages and descriptions of each
    vulnerability.
    
    
    This week advisories were released for mailman, htdig, xsane, OpenSSH,
    kerberos, libgtop, glibc, and the Trustix kernel.  The vendors include
    EnGarde, Debian, Immunix, FreeBSD, Mandrake, Red Hat, and Trustix.
    
    8wire.com Review: EnGarde Secure Linux 1.0.1 - EnGarde Secure Linux is a
    Linux distribution that allows anyone - including those with no Linux
    experience - to easily set up their own secure Web and email servers. We
    tested this software on a bare-bones PC and found it very simple to set up
    and use. It's a great value for those looking for a fully functional
    Internet server that can run on old or inexpensive hardware.
    
      http://www.8wire.com/articles/?aid=2350
    
    Why be vulnerable? Its your choice. - Are you looking for a solution that
    provides the applications necessary to easily create thousands of virtual
    Web sites, manage e-mail, DNS, firewalling database functions for an
    entire organization, and supports high-speed broadband connections all
    using a Web-based front-end? EnGarde Secure Professional provides those
    features and more!
    
    Be Secure with EnGarde Secure Professional: 
    http://store.guardiandigital.com/html/eng/493-AA.shtml
    
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.It
    includes pointers to updated packages and descriptions of each
    vulnerability.
      
      
    
    +---------------------------------+
    |  mailman                        | ----------------------------//
    +---------------------------------+
    
    Barry A. Warsaw reported several cross-site scripting security holes in
    Mailman, due to on-existent escaping of CGI variables. These have been
    fixed upstream in version 2.0.8, and the relevant patches have been
    backported to version 1.1-10 in Debian.
    
     Debian Intel IA-32 architecture: 
     http://security.debian.org/dists/stable/updates/main/ 
     binary-i386/mailman_1.1-10_i386.deb 
     MD5 checksum: 27c9d400360a99b39954f563f5d0ed43 
    
     Debian Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/debian_advisory-1751.html
    
    
    +---------------------------------+
    |  htdig                          | ----------------------------//
    +---------------------------------+
    
    A remote attacker may use htsearch as a kind of denial-of-service attack
    by causing it to read a never-ending special file such as `/dev/null'.
    
     FreeBSD [i386] 
     ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/ 
     textproc/htdig-3.1.5_1.tgz 
    
     FreeBSD Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/freebsd_advisory-1753.html 
      
     
    
    +---------------------------------+
    |  xsane                          | ----------------------------//
    +---------------------------------+
    
    A local user may be able to cause xsane (run by another user) to overwrite
    any file for which the latter user has sufficient privilege. While it is
    advisable to run XSane with a non-privileged user account, many users run
    it using the root account, increasing the risk.
    
     FreeBSD [i386] 
     ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/ 
     graphics/xsane-0.82.tgz 
    
     ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/ 
     graphics/xsane-0.82.tgz 
    
     FreeBSD Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/freebsd_advisory-1754.html
    
    
      
    +---------------------------------+
    |  OpenSSH                        | ----------------------------//
    +---------------------------------+
    
    A malicious local user can pass environment variables to the login process
    if the administrator enables the UseLogin option.  This can be abused to
    bypass authentication and gain root access.  Note that this option is not
    enabled by default on TSL.
    
     Mandrake: 
     PLAESE SEE ADVISORY FOR UPDATE 
     Mandrake Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/mandrake_advisory-1749.html 
    
    
     Trustix: 
     PLEASE SEE ADVISORY FOR UPDATE 
    
     Trustix Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1761.html
    
    
      
    +---------------------------------+
    |  kerberos                       | ----------------------------//
    +---------------------------------+
    
    A buffer overflow exists in the telnet portion of Kerberos that could
    provide root access to local users.  MDKSA-2001:068 provided a similar fix
    to the normal telnet packages, but the Kerberized equivalent was not
    updated previously.
    
     Mandrake: 
     PLEASE SEE VENDOR ADVISORY 
    
     Mandrake Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/mandrake_advisory-1755.html
    
    
      
    
    
    +---------------------------------+
    |  libgtop                        | ----------------------------//
    +---------------------------------+
    
    A remote format string vulnerability was found in the libgtop daemon by
    Laboratory intexxia.  By sending a specially crafted format string to the
    server, a remote attacker could potentially execute arbitrary code on the
    remote system with the daemon's permissions.
    
     Mandrake Linux 8.0: 
     8.0/RPMS/libgtop1-1.0.12-4.1mdk.i586.rpm 
     2a063541aa9f9a100dd4c65b732224fd 
    
     8.0/RPMS/libgtop1-devel-1.0.12-4.1mdk.i586.rpm 
     fb4cfb4b72e16121a6dab24e093b1de3 
    
     http://www.linux-mandrake.com/en/ftp.php3 
    
     Mandrake Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/mandrake_advisory-1763.html
    
    
      
    +---------------------------------+
    |  glibc                          | ----------------------------//
    +---------------------------------+
    
    While researching the recent globbing bugs in wu-ftpd, Flavio Veloso
    discovered (with the assistance of Jakub Jelinek ) a buffer overflow in
    glibc's glob(3)  implementation.  This vulnerability can only be triggered
    by programs that use glibc's globbing functions.
    
     EnGarde: 
     http://ftp.engardelinux.org/pub/engarde/stable/updates/ 
     i386/glibc-2.1.3-1.0.4.i386.rpm 
     MD5 Sum:  6a59be712e55c3da6e027ba44599ab9e 
    
     i686/glibc-2.1.3-1.0.4.i386.rpm 
     MD5 Sum:  6a59be712e55c3da6e027ba44599ab9e 
    
     EnGarde Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1752.html 
      
    
     Immunix: 
     PLEASE SEE VENDOR ADVISORY 
    
     Immunix Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1757.html 
    
     Trustix: 
     PLEASE SEE VENDOR ADVISORY 
    
     Trustix Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1760.html 
    
     Red Hat: 
     PLEASE SEE VENDOR ADVISORY 
    
     Red Hat Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/redhat_advisory-1750.html
    
    
      
    
    +---------------------------------+
    |  Trustix kernel                 | ----------------------------//
    +---------------------------------+
    
    The 2.2.20 release of the Linux kernel fixes a number of bugs. In addition
    there are some driver updates and SMP fixes in this package.
    
    
     PLEASE SEE ADVISORY FOR UPDATE 
    
     Trustix Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1762.html
    
    
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Dec 24 2001 - 06:08:16 PST