[ISN] Linux Advisory Watch - April 19th 2002

From: InfoSec News (isnat_private)
Date: Mon Apr 22 2002 - 01:58:14 PDT
Next message: InfoSec News: "Re: [ISN] Indian hacker turns cyber cop"
Previous message: InfoSec News: "[ISN] IMHO: Dear Bill: Don't Do It!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  April 19th, 2002                         Volume 3, Number 16a |
+----------------------------------------------------------------+
 
  Editors:     Dave Wreski                Benjamin Thomas
               daveat_private     benat_private
 
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for libsafe, imp, syncache/syncookies,
squid, webalizer, xpilot, and demarc.  The vendors include Debian,
FreeBSD, and Mandrake.

* FREE SSL Guide from Thawte - Are you planning your Web Server Security?
Click here to get a FREE Thawte SSL guide and find the answers to all your
SSL security issues.

  http://www.gothawte.com/rd247.html 


Build Complete Internet Presence Quickly and Securely!

EnGarde Secure Linux has everything necessary to create thousands of
virtual Web sites, manage e-mail, DNS, firewalling, and database functions
for an entire organization, all using a secure Web-based front-end.
Engineered to be secure and easy to use!Don't jeopardize your organization
with an off-the shelf Linux!

http://www.guardiandigital.com/promo/ls150402.html 
  


+---------------------------------+
| libsafe                         | ----------------------------//
+---------------------------------+

Wojciech Purczynski discovered that format string protection in libsafe
can be easily bypassed by using flag characters that are implemented in
glibc but are not implemented in libsafe.  It was also discovered that
*printf function wrappers incorrectly parse argument indexing in format
strings, making some incorrect assumptions on the number of arguments and
conversion specifications.

 Mandrake Linux 8.2: 
 http://www.mandrakesecure.net/en/ftp.php 
 8.2/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm 
 4de44dea8f94c02d3f4350479dafe4e5 

 Mandrake Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/mandrake_advisory-2018.html



+---------------------------------+
|  imp                            | ----------------------------//
+---------------------------------+

A cross-site scripting (CSS) problem was discovered in Horde and IMP (a
web based IMAP mail package).

 Debian: Architecture independent archives: 
 http://security.debian.org/dists/stable/updates/main/ 
 binary-all/horde_1.2.6-0.potato.5_all.deb 
 MD5 checksum: df0fe8f732da4edee3f78202c9e2127a 

 http://security.debian.org/dists/stable/updates/main/ 
 binary-all/imp_2.2.6-0.potato.5_all.deb 
 MD5 checksum: ffd216c15b27c1c3449512a5ccaa5af2 

 Debian Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/debian_advisory-2019.html 

 Caldera Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/caldera_advisory-2020.html




+---------------------------------+
|  syncache/syncookies            | ----------------------------//
+---------------------------------+  

Legitimate TCP/IP traffic may cause the machine to crash. Two related
problems with syncache were triggered when syncookies were implemented.

 FreeBSD: 
 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/ 
 SA-02:20/syncache.patch 

 FreeBSD Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/freebsd_advisory-2021.html




+---------------------------------+
|  squid                          | ----------------------------//
+---------------------------------+  

A security issue has recently been found and fixed in the Squid-2.X
releases up to and including 2.4.STABLE4.  Error and boundary conditions
were not checked when handling compressed DNS answer messages in the
internal DNS code (lib/rfc1035.c).  A malicous DNS server could craft a
DNS reply that causes Squid to exit with a SIGSEGV.
 
 Mandrake Linux 8.2: 
 8.2/RPMS/squid-2.4.STABLE6-1.1mdk.i586.rpm 
 48854ffb620b739d98bf2a4d93aa761e 

 http://www.mandrakesecure.net/en/ftp.php 
 Mandrake Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/mandrake_advisory-2022.html



+---------------------------------+
|  webalizer                      | ----------------------------//
+---------------------------------+  

The webalizer has the ability to perform reverse DNS lookups. This ability
is disabled by default, but if enabled, an attacker with command over his
own DNS service, has the ability to gain remote root acces to a machine,
due to a remote buffer overflow in the reverse resolving code.

 PLEASE SEE VENDOR ADVISORY 

 Webalizer Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-2023.html 
 


  
+---------------------------------+
|  xpilot                         | ----------------------------//
+---------------------------------+  

An internal audit by the xpilot (a multi-player tactical manoeuvring game
for X) maintainers revealed a buffer overflow in xpilot server.

This overflow can be abused by remote attackers to gain access to the
server under which the xpilot server is running.

 Debian: Intel IA-32 architecture: 
 http://security.debian.org/dists/stable/updates/main/binary-i386/ 
 xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_i386.deb 
 MD5 checksum: f0d1306de990f6160ba5cc3e1580b2b2 

 http://security.debian.org/dists/stable/updates/main/binary-i386/ 
 xpilot-client-nosound_4.1.0-4.U.4alpha2.4.potato1_i386.deb 
 MD5 checksum: 28b1c0e638e142f93eb2af7ca71f80d5 

 http://security.debian.org/dists/stable/updates/main/binary-i386/ 
 xpilot-client-rplay_4.1.0-4.U.4alpha2.4.potato1_i386.deb 
 MD5 checksum: 4bb509a8a5711bc570c9e2645b926a35 

 http://security.debian.org/dists/stable/updates/main/binary-i386/ 
 xpilot-server_4.1.0-4.U.4alpha2.4.potato1_i386.deb 
 MD5 checksum: b2c7cf184d6ff9b9b52e7e5a324ff3d7 

 Debian Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/debian_advisory-2024.html


  
+---------------------------------+
|  demarc                         | ----------------------------//
+---------------------------------+  

Earlier today we were informed indirectly via a bugtraq posting, of a
security issue in the 1.05 version of our software. While were already
scheduled to release version 1.6 of the software tomorrow, it is advised
that you apply the following official patch to your current installation.
On untrusted networks, the bug could lead to acquisition of administrative
privileges within the Console.

 PLEASE SEE VENDOR ADVISORY 
 Demarc Vendor Advisory: 
 http://www.linuxsecurity.com/advisories/other_advisory-2025.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-requestat_private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
Next message: InfoSec News: "Re: [ISN] Indian hacker turns cyber cop"
Previous message: InfoSec News: "[ISN] IMHO: Dear Bill: Don't Do It!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b30 : Mon Apr 22 2002 - 05:11:36 PDT