+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| April 12th, 2002 Volume 3, Number 15a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
daveat_private benat_private
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for logwatch, ucdsnmp, IMP/HORDE,
tcpdump, mail, and rshd. The vendors include OpenBSD, Red Hat, and SuSE.
--> Performance and Stability meet Security
EnGarde has everything necessary to create thousands of virtual Web sites,
manage e-mail, DNS, firewalling database functions for an entire
organization, and supports high-speed broadband connections all using a
Web-based front-end. EnGarde Secure Professional provides those features
and more!
http://store.guardiandigital.com/html/eng/promo1.shtml
Linux Security Quick-Start Guide - This document, written by Hal Burgiss,
is an introductory level document that provides the information necessary
for inexperienced Linux users to secure their machine.
http://www.linuxsecurity.com/docs/LDP/Security-Quickstart-HOWTO/index.html
+---------------------------------+
| logwatch | ----------------------------//
+---------------------------------+
Updated LogWatch packages are available that fix tmp file race conditions
which can cause a local user to gain root privileges.
Red Hat: noarch:
ftp://updates.redhat.com/7.2/en/os/
noarch/logwatch-2.6-1.noarch.rpm
ac8ea7498a2d6b14bb325a511cf8ba6b
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2011.html
Red Hat Powertools Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2012.html
+---------------------------------+
| ucdsnmp | ----------------------------//
+---------------------------------+
Several bugs could be triggered in the ucd-snmpd code by using this
testing suite. These bugs lead to remote denial-of-service attacks and may
possibly exploited to break system security remotely.
PLEASE SEE VENDOR ADVISORY
SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-2013.html
+---------------------------------+
| IMP/HORDE | ----------------------------//
+---------------------------------+
The Horde team announces the availability of IMP 2.2.8, which prevents
some potential cross-site scripting (CSS) attacks. Site administrators
should consider upgrading to IMP 3 (our first recommendation), but if this
is not possible, IMP 2.2.8 should be used to prevent these potential
attacks.
ftp://ftp.horde.org/pub/imp/
horde-1.2.8.tar.gz
96ae6dcf03cab2637c14c13d556049e0
imp-2.2.8.tar.gz
9f0e442f61ce542b945016bee2736d2f
patch-horde-1.2.7-1.2.8.gz
daa3f4f3821036d7ef47205dc2c7922c
patch-imp-2.2.7-2.2.8.gz
f3ee21b6b5e40516d46cef955f29e034
Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-2014.html
+---------------------------------+
| tcpdump | ----------------------------//
+---------------------------------+
Updated tcpdump, libpcap, and arpwatch packages are available for Red Hat
Linux 6.2 and 7.x. These updates close vulnerabilities present in versions
of tcpdump up to 3.5.1 and various other bugs.
Red Hat 7.2 i386:
ftp://updates.redhat.com/7.2/en/os/i386/
tcpdump-3.6.2-10.7x.i386.rpm
064982643eaa2f6a19a318e0c50f2b84
ftp://updates.redhat.com/7.2/en/os/i386/
libpcap-0.6.2-10.7x.i386.rpm
a00187999381db2a22dadc1a1f1ebca9
ftp://updates.redhat.com/7.2/en/os/i386/
arpwatch-2.1a11-10.7x.i386.rpm
b456a14d95d7fdf36f00ef0f41ebc1f4
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2015.html
+---------------------------------+
| mail (OpenBSD) | ----------------------------//
+---------------------------------+
OpenBSD 3.0 and 2.9 contain a potential localhost root compromise, found
by Milos Urbanek. Earlier versions of OpenBSD are not affected. The
mail(1) program will process tilde escapes even when it is not in
interactive mode. Since mail(1) is called by the default cron(8) jobs,
this can lead to a localhost root compromise.
Patch for OpenBSD 3.0:
ftp://ftp.openbsd.org/pub/OpenBSD/
patches/3.0/common/018_mail.patch
Patch for OpenBSD 2.9:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/023_mail.patch
OpenBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/openbsd_advisory-2017.html
+---------------------------------+
| rshd (OpenBSD) | ----------------------------//
+---------------------------------+
Under certain conditions, on systems using YP with netgroups in the
password database, it is possible for the rshd(8) and rexecd(8) daemons to
execute the shell from a different user's password entry. Due to a similar
problem, atrun(8) may change to the wrong home directory when running
at(1) jobs. This only affects OpenBSD 3.0. Prior versions of OpenBSD are
not affected. The following patch has been in the 3.0-stable branch for
some time:
OpenBSD
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/016_approval.patch
OpenBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/openbsd_advisory-2016.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-requestat_private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
of the mail.
This archive was generated by hypermail 2b30 : Sat Apr 13 2002 - 03:19:14 PDT