[ISN] Linux Advisory Watch - May 24th 2002

From: InfoSec News (isnat_private)
Date: Tue May 28 2002 - 01:28:57 PDT

  • Next message: InfoSec News: "[ISN] URLs in Urdu?"

    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  May 24th, 2002                           Volume 3, Number 21a |
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private     benat_private
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week. It
    includes pointers to updated packages and descriptions of each
    This week, advisories were released for php, fetchmail, webmin, and dhcp.  
    The vendors include Cadera, Mandrake, Red Hat, and SuSE.  Are you
    subscribed to the Linux security discussion list? Take advantage of it!  
    To subscribe send an e-mail to security-discuss-requestat_private
    with "subscribe" as the subject.
    ** Build Complete Internet Presence Quickly and Securely! **  
    EnGarde Secure Linux has everything necessary to create thousands of
    virtual Web sites, manage e-mail, DNS, firewalling, and database functions
    for an entire organization, all using a secure Web-based front-end.
    Engineered to be secure and easy to use!
     --> http://www.guardiandigital.com/promo/ls230502.html 
    * FTP Attack Case Study Part I: The Analysis *
    This article presents a case study of a company network server compromise.
    The attack and other intruder's actions are analyzed. Computer forensics
    investigation is undertaken and results are presented. The article
    provides an opportunity to follow the trail of incident response for the
    real case.
    | php                             | ----------------------------//
    Several flaws have been found in the way PHP handles multipart/form-data
    POST requests. Each of the flaws could allow an attacker to execute
    arbitrary code on the victim's system.
     Caldera Vendor Advisory: 
    | fetchmail                       | ----------------------------//
    When retrieving mail from an IMAP server, the fetchmail e-mail client will
    allocate an array to store the sizes of the messages which it will attempt
    to fetch. The size of the array is determined by the number of messages
    that the server claims to have. Unpatched versions of fetchmail prior to
    5.9.10 did not check whether the number of e-mails the server claimed was
    too high, allowing a malicious server to cause the fetchmail process to
    write data outside of the array bounds.
     Red Hat Linux 7.3 i386: 
     Red Hat Vendor Advisory: 
    | webmin                          | ----------------------------//
    A vulnerability exists in all versions of Webmin prior to 0.970 that
    allows a remote attacker to login to Webmin as any user.  All users of
    Webmin are encouraged to upgrade immediately.
     Mandrake Linux 8.2:8.2 
     Mandrake Vendor Advisory: 
    | dhcp                            | ----------------------------//
    A remote exploitable format string vulnerability was found in the logging
    routines of the dynamic DNS code of dhcpd. This vulnerability allows an
    attacker, usually within the LAN served by the DHCP server, to get remote
    root access to the host running dhcpd.
     i386 Intel Platform: SuSE-8.0 
     SuSE Vendor Advisory: 
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue May 28 2002 - 05:12:05 PDT