+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| February 7th, 2002 Volume 3, Number 6a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
daveat_private benat_private
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for pine, rsync, FreeBSD kernel, wmtv,
and telnet. The vendors include Conectiva, Debian, FreeBSD, and Red Hat.
Also this week, LinuxSecurity.com has released the latest version of the
EnGarde Linux Postfix Howto. It can be found at:
http://www.linuxsecurity.com/feature_stories/feature_story-91.html
LinuxSecurity.com Feature: Approaches to choosing the strength of your
security measures - Anton Chuvakin discusses the known approaches to
choosing the level of security for your organization, risk assessment, and
finding the balance between effective security practices and the existing
budget.
http://www.linuxsecurity.com/feature_stories/feature_story-98.html
Why be vulnerable? Its your choice. - Are you looking for a solution that
provides the applications necessary to easily create thousands of virtual
Web sites, manage e-mail, DNS, firewalling database functions for an
entire organization, and supports high-speed broadband connections all
using a Web-based front-end? EnGarde Secure Professional provides those
features and more!
http://store.guardiandigital.com
+---------------------------------+
| pine | ----------------------------//
+---------------------------------+
A vulnerability[2] in the pine URL handler was discovered that allows
remote attackers to execute arbitrary shell commands in the user's machine
by encapsulating them in a URL using environment variables. This
vulnerability only affects users whith the msg-view-url option enabled
(which is not the default).
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/
pico-4.44L-1U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/
pine-4.44L-1U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/
pilot-4.44L-1U70_1cl.i386.rpm
Conectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-1877.html
+---------------------------------+
| rsync | ----------------------------//
+---------------------------------+
In Debian Security Advisory DSA-106-1 we reported a exploitable problem in
rsync. For details please see that advisory. Unfortunately the patch used
to fix that problem broke rsync. This has been fixed in version 2.3.2-1.5
and we recommend you upgrade to that version immediately.
Debian Intel IA-32 architecture:
http://security.debian.org/dists/stable/updates/
main/binary-i386/rsync_2.3.2-1.5_i386.deb
MD5 checksum: 41891f496f0b38b176de1bd3df04945c
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-1878.html
+---------------------------------+
| FreeBSD Kernel | ----------------------------//
+---------------------------------+
On vulnerable FreeBSD systems where procfs is mounted, unprivileged local
users may be able to cause a kernel panic. A race condition existed where
a file could be removed between calling fstatfs() and the point where the
file is accessed causing the file descriptor to become invalid. This may
allow unprivileged local users to cause a kernel panic. Currently only
the procfs filesystem is known to be vulnerable.
FreeBSD:
fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/
CERT/patches/SA-02:09/fstatfs.patch
FreeBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/freebsd_advisory-1879.html
+---------------------------------+
| wmtv | ----------------------------//
+---------------------------------+
Nicolas Boullis found some security problems in the wmtv package (a
dockable video4linux TV player for windowmaker) which is distributed in
Debian GNU/Linux 2.2. With the current version of wmtv, the configuration
file is written back as the superuser, and without any further checks. A
mailicious user might use that to damage important files.
Debian Intel ia32 architecture:
http://security.debian.org/dists/stable/updates/main/
binary-i386/wmtv_0.6.5-2potato2_i386.deb
MD5 checksum: 270d8553f9d732d612154dd0927ceece
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-1880.html
+---------------------------------+
| telnet | ----------------------------//
+---------------------------------+
New telnet, telnet-server packages are available for Red Hat Linux 5.2,
5.2, 7.0 and 7.1. These packages fix a problem where buffer overflows can
provide root access to local users. It is recommended that all users
update to the fixed packages.
Red Hat: 7.1 i386:
ftp://updates.redhat.com/7.1/en/os/i386/
telnet-0.17-18.1.i386.rpm
d4c6ea58c27504771887ada7f89646dd
ftp://updates.redhat.com/7.1/en/os/i386/
telnet-server-0.17-18.1.i386.rpm
3165c07852274f4303c1acebde8ded06
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1881.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-requestat_private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.
This archive was generated by hypermail 2b30 : Mon Feb 11 2002 - 04:32:19 PST