[ISN] Linux Advisory Watch - February 8th 2002

From: InfoSec News (isnat_private)
Date: Sun Feb 10 2002 - 23:50:47 PST

  • Next message: InfoSec News: "Re: [ISN] Microsoft developers feel Windows pain"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  February 7th, 2002                       Volume 3, Number  6a |
    +----------------------------------------------------------------+
     
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private     benat_private
     
     
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.It
    includes pointers to updated packages and descriptions of each
    vulnerability.
    
    This week, advisories were released for pine, rsync, FreeBSD kernel, wmtv,
    and telnet.  The vendors include Conectiva, Debian, FreeBSD, and Red Hat.
    Also this week, LinuxSecurity.com has released the latest version of the
    EnGarde Linux Postfix Howto.  It can be found at:
    
    http://www.linuxsecurity.com/feature_stories/feature_story-91.html 
    
    LinuxSecurity.com Feature: Approaches to choosing the strength of your
    security measures - Anton Chuvakin discusses the known approaches to
    choosing the level of security for your organization, risk assessment, and
    finding the balance between effective security practices and the existing
    budget.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-98.html 
      
    
    Why be vulnerable? Its your choice. - Are you looking for a solution that
    provides the applications necessary to easily create thousands of virtual
    Web sites, manage e-mail, DNS, firewalling database functions for an
    entire organization, and supports high-speed broadband connections all
    using a Web-based front-end? EnGarde Secure Professional provides those
    features and more!
     
     http://store.guardiandigital.com
     
     
    +---------------------------------+
    |  pine                           | ----------------------------//
    +---------------------------------+
    
    A vulnerability[2] in the pine URL handler was discovered that allows
    remote attackers to execute arbitrary shell commands in the user's machine
    by encapsulating them in a URL using environment variables. This
    vulnerability only affects users whith the msg-view-url option enabled
    (which is not the default).
    
     ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
     pico-4.44L-1U70_1cl.i386.rpm 
    
     ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
     pine-4.44L-1U70_1cl.i386.rpm 
    
     ftp://atualizacoes.conectiva.com.br/7.0/RPMS/ 
     pilot-4.44L-1U70_1cl.i386.rpm 
    
     Conectiva Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-1877.html
    
    
      
    +---------------------------------+
    |  rsync                          | ----------------------------//
    +---------------------------------+
    
    In Debian Security Advisory DSA-106-1 we reported a exploitable problem in
    rsync. For details please see that advisory. Unfortunately the patch used
    to fix that problem broke rsync.  This has been fixed in version 2.3.2-1.5
    and we recommend you upgrade to that version immediately.
     
     Debian Intel IA-32 architecture: 
     http://security.debian.org/dists/stable/updates/ 
     main/binary-i386/rsync_2.3.2-1.5_i386.deb 
     MD5 checksum: 41891f496f0b38b176de1bd3df04945c 
    
     Debian Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/debian_advisory-1878.html
    
    
      
    
    +---------------------------------+
    |  FreeBSD Kernel                 | ----------------------------//
    +---------------------------------+
    
    On vulnerable FreeBSD systems where procfs is mounted, unprivileged local
    users may be able to cause a kernel panic. A race condition existed where
    a file could be removed between calling fstatfs() and the point where the
    file is accessed causing the file descriptor to become invalid.  This may
    allow unprivileged local users to cause a kernel panic.  Currently only
    the procfs filesystem is known to be vulnerable.
    
     FreeBSD: 
     fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/ 
     CERT/patches/SA-02:09/fstatfs.patch 
    
     FreeBSD Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/freebsd_advisory-1879.html
    
    
      
    +---------------------------------+
    |  wmtv                           | ----------------------------//
    +---------------------------------+
    
    Nicolas Boullis found some security problems in the wmtv package (a
    dockable video4linux TV player for windowmaker) which is distributed in
    Debian GNU/Linux 2.2.  With the current version of wmtv, the configuration
    file is written back as the superuser, and without any further checks.  A
    mailicious user might use that to damage important files.
    
     Debian Intel ia32 architecture: 
     http://security.debian.org/dists/stable/updates/main/ 
     binary-i386/wmtv_0.6.5-2potato2_i386.deb 
     MD5 checksum: 270d8553f9d732d612154dd0927ceece 
    
     Debian Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/debian_advisory-1880.html
    
    
      
    +---------------------------------+
    |  telnet                         | ----------------------------//
    +---------------------------------+
    
    New telnet, telnet-server packages are available for Red Hat Linux 5.2,
    5.2, 7.0 and 7.1. These packages fix a problem where buffer overflows can
    provide root access to local users. It is recommended that all users
    update to the fixed packages.
    
     Red Hat: 7.1 i386: 
     ftp://updates.redhat.com/7.1/en/os/i386/ 
     telnet-0.17-18.1.i386.rpm 
     d4c6ea58c27504771887ada7f89646dd 
    
     ftp://updates.redhat.com/7.1/en/os/i386/ 
     telnet-server-0.17-18.1.i386.rpm 
     3165c07852274f4303c1acebde8ded06 
    
     Red Hat Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/redhat_advisory-1881.html
    
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Feb 11 2002 - 04:32:19 PST