[ISN] Linux Advisory Watch - April 19th 2002

From: InfoSec News (isnat_private)
Date: Mon Apr 22 2002 - 01:58:14 PDT

  • Next message: InfoSec News: "Re: [ISN] Indian hacker turns cyber cop"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  April 19th, 2002                         Volume 3, Number 16a |
    +----------------------------------------------------------------+
     
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private     benat_private
     
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.It
    includes pointers to updated packages and descriptions of each
    vulnerability.
    
    This week, advisories were released for libsafe, imp, syncache/syncookies,
    squid, webalizer, xpilot, and demarc.  The vendors include Debian,
    FreeBSD, and Mandrake.
    
    * FREE SSL Guide from Thawte - Are you planning your Web Server Security?
    Click here to get a FREE Thawte SSL guide and find the answers to all your
    SSL security issues.
    
      http://www.gothawte.com/rd247.html 
    
    
    Build Complete Internet Presence Quickly and Securely!
    
    EnGarde Secure Linux has everything necessary to create thousands of
    virtual Web sites, manage e-mail, DNS, firewalling, and database functions
    for an entire organization, all using a secure Web-based front-end.
    Engineered to be secure and easy to use!Don't jeopardize your organization
    with an off-the shelf Linux!
    
    http://www.guardiandigital.com/promo/ls150402.html 
      
    
    
    +---------------------------------+
    | libsafe                         | ----------------------------//
    +---------------------------------+
    
    Wojciech Purczynski discovered that format string protection in libsafe
    can be easily bypassed by using flag characters that are implemented in
    glibc but are not implemented in libsafe.  It was also discovered that
    *printf function wrappers incorrectly parse argument indexing in format
    strings, making some incorrect assumptions on the number of arguments and
    conversion specifications.
    
     Mandrake Linux 8.2: 
     http://www.mandrakesecure.net/en/ftp.php 
     8.2/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm 
     4de44dea8f94c02d3f4350479dafe4e5 
    
     Mandrake Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/mandrake_advisory-2018.html
    
    
    
    +---------------------------------+
    |  imp                            | ----------------------------//
    +---------------------------------+
    
    A cross-site scripting (CSS) problem was discovered in Horde and IMP (a
    web based IMAP mail package).
    
     Debian: Architecture independent archives: 
     http://security.debian.org/dists/stable/updates/main/ 
     binary-all/horde_1.2.6-0.potato.5_all.deb 
     MD5 checksum: df0fe8f732da4edee3f78202c9e2127a 
    
     http://security.debian.org/dists/stable/updates/main/ 
     binary-all/imp_2.2.6-0.potato.5_all.deb 
     MD5 checksum: ffd216c15b27c1c3449512a5ccaa5af2 
    
     Debian Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/debian_advisory-2019.html 
    
     Caldera Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/caldera_advisory-2020.html
    
    
    
    
    +---------------------------------+
    |  syncache/syncookies            | ----------------------------//
    +---------------------------------+  
    
    Legitimate TCP/IP traffic may cause the machine to crash. Two related
    problems with syncache were triggered when syncookies were implemented.
    
     FreeBSD: 
     ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/ 
     SA-02:20/syncache.patch 
    
     FreeBSD Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/freebsd_advisory-2021.html
    
    
    
    
    +---------------------------------+
    |  squid                          | ----------------------------//
    +---------------------------------+  
    
    A security issue has recently been found and fixed in the Squid-2.X
    releases up to and including 2.4.STABLE4.  Error and boundary conditions
    were not checked when handling compressed DNS answer messages in the
    internal DNS code (lib/rfc1035.c).  A malicous DNS server could craft a
    DNS reply that causes Squid to exit with a SIGSEGV.
     
     Mandrake Linux 8.2: 
     8.2/RPMS/squid-2.4.STABLE6-1.1mdk.i586.rpm 
     48854ffb620b739d98bf2a4d93aa761e 
    
     http://www.mandrakesecure.net/en/ftp.php 
     Mandrake Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/mandrake_advisory-2022.html
    
    
    
    +---------------------------------+
    |  webalizer                      | ----------------------------//
    +---------------------------------+  
    
    The webalizer has the ability to perform reverse DNS lookups. This ability
    is disabled by default, but if enabled, an attacker with command over his
    own DNS service, has the ability to gain remote root acces to a machine,
    due to a remote buffer overflow in the reverse resolving code.
    
     PLEASE SEE VENDOR ADVISORY 
    
     Webalizer Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-2023.html 
     
    
    
      
    +---------------------------------+
    |  xpilot                         | ----------------------------//
    +---------------------------------+  
    
    An internal audit by the xpilot (a multi-player tactical manoeuvring game
    for X) maintainers revealed a buffer overflow in xpilot server.
    
    This overflow can be abused by remote attackers to gain access to the
    server under which the xpilot server is running.
    
     Debian: Intel IA-32 architecture: 
     http://security.debian.org/dists/stable/updates/main/binary-i386/ 
     xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_i386.deb 
     MD5 checksum: f0d1306de990f6160ba5cc3e1580b2b2 
    
     http://security.debian.org/dists/stable/updates/main/binary-i386/ 
     xpilot-client-nosound_4.1.0-4.U.4alpha2.4.potato1_i386.deb 
     MD5 checksum: 28b1c0e638e142f93eb2af7ca71f80d5 
    
     http://security.debian.org/dists/stable/updates/main/binary-i386/ 
     xpilot-client-rplay_4.1.0-4.U.4alpha2.4.potato1_i386.deb 
     MD5 checksum: 4bb509a8a5711bc570c9e2645b926a35 
    
     http://security.debian.org/dists/stable/updates/main/binary-i386/ 
     xpilot-server_4.1.0-4.U.4alpha2.4.potato1_i386.deb 
     MD5 checksum: b2c7cf184d6ff9b9b52e7e5a324ff3d7 
    
     Debian Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/debian_advisory-2024.html
    
    
      
    +---------------------------------+
    |  demarc                         | ----------------------------//
    +---------------------------------+  
    
    Earlier today we were informed indirectly via a bugtraq posting, of a
    security issue in the 1.05 version of our software. While were already
    scheduled to release version 1.6 of the software tomorrow, it is advised
    that you apply the following official patch to your current installation.
    On untrusted networks, the bug could lead to acquisition of administrative
    privileges within the Console.
    
     PLEASE SEE VENDOR ADVISORY 
     Demarc Vendor Advisory: 
     http://www.linuxsecurity.com/advisories/other_advisory-2025.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Apr 22 2002 - 05:11:36 PDT