[ISN] Linux Advisory Watch - December 6th 2002

From: InfoSec News (isnat_private)
Date: Mon Dec 09 2002 - 00:52:31 PST

  • Next message: InfoSec News: "[ISN] Huge increase in hackers and pornographers"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  December 6th, 2002                       Volume 3, Number 49a |
    +----------------------------------------------------------------+
    
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private     benat_private
    
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilitiaes that have been announced throughout the week.
    It includes pointers to updated packages and descriptions of each
    vulnerability.
    
    This week, advisories were released for RPC XDR, ypserv, pine, freeswan,
    im, smb2www, xinetd, webalizer, kde, kdelibs, and windowmaker. The
    distributors include Caldera, Conectiva, Debian, Gentoo, Mandrake, and Red
    Hat.
    
     Concerned about the next threat? EnGarde is the undisputed winner!
     Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
     Editor's Choice Award, EnGarde "walked away with our Editor's Choice
     award thanks to the depth of its security strategy..." Find out what the
     other Linux vendors are not telling you.
    
     http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2
    
    
    Network Security Audit - "Information for the right people at right time
    and from anywhere" has been the driving force for providing access to the
    most of the vital information on the network of an organization over the
    Internet. This is a simple guide on conducting a network security audit.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-131.html
    
    
    Security: MySQL and PHP (3 of 3) - This is the third installation of a 3
    part article on LAMP (Linux Apache MySQL PHP). In order to safeguard a
    MySQL server to the basic level, one has to abide by the following
    guidelines.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-130.html
    
    
    +---------------------------------+
    |  Package: RPC XDR               | ----------------------------//
    |  Date: 12-04-2002               |
    +---------------------------------+
    
    Description:
    The implementation of xdr_array can be tricked into writing beyond the
    buffers it allocated when deserializing the XDR stream.
    
    Vendor Alerts:
    
     Caldera:
      ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/
      CSSA-2002-055.0/RPMS
      glibc-2.2.4-25.i386.rpm
      0c879b13edf9d0ad38421432184b7749
    
      Caldera Vendor Advisory:
      http://www.linuxsecurity.com/advisories/caldera_advisory-2637.html
    
    
    
    +---------------------------------+
    |  Package: ypserv                | ----------------------------//
    |  Date: 12-04-2002               |
    +---------------------------------+
    
    Description:
    Requesting a map that doesn't exist will cause a memory leak in the
    server.
    
    Vendor Alerts:
    
     Caldera:
      ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/
      CSSA-2002-054.0/RPMS
      nis-client-2.0-23.i386.rpm
      f416f2e39a29d419832f3b18c04491a2
    
      nis-server-2.0-23.i386.rpm
      b86300ae67587b447262d31f123bc12e
    
      Caldera Vendor Advisory:
      http://www.linuxsecurity.com/advisories/caldera_advisory-2638.html
    
    
    +---------------------------------+
    |  Package: pine                  | ----------------------------//
    |  Date: 12-04-2002               |
    +---------------------------------+
    
    Description:
    By exploiting this, an attacker can prevent the pine user of starting the
    program to manage his/her mailbox. It was not confirmed if it is possible
    to execute arbitrary code by exploiting this vulnerability, but such a
    possibility exists.
    
    Vendor Alerts:
    
     Conectiva:
      ftp://atualizacoes.conectiva.com.br/8/RPMS/
      pico-4.50L-1U80_1cl.i386.rpm
    
      ftp://atualizacoes.conectiva.com.br/8/RPMS/
      pilot-4.50L-1U80_1cl.i386.rpm
    
      ftp://atualizacoes.conectiva.com.br/8/RPMS/
      pine-4.50L-1U80_1cl.i386.rpm
    
      Conectiva Vendor Advisory:
      http://www.linuxsecurity.com/advisories/connectiva_advisory-2639.html
    
    
    
     Gentoo:
      Gentoo Vendor Advisory:
      http://www.linuxsecurity.com/advisories/gentoo_advisory-2618.html
    
     Mandrake:
      Mandrake Vendor Advisory:
      http://www.linuxsecurity.com/advisories/mandrake_advisory-2631.html
    
    
    
    
    +---------------------------------+
    |  Package: freeswan              | ----------------------------//
    |  Date: 12-02-2002               |
    +---------------------------------+
    
    Description:
    Bindview discovered a problem in several IPSEC implementations that do not
    properly handle certain very short packets.  IPSEC is a set of security
    extensions to IP which provide authentication and encryption. Free/SWan in
    Debain is affected by this and is said to cause a kernel panic.
    
    Vendor Alerts:
    
     Debian:
      http://security.debian.org/pool/updates/main/f/freeswan/
      kernel-patch-freeswan_1.96-1.4_all.deb
      Size/MD5 checksum:   889918 30c73e274e84b62125136ec96160d23a
    
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-2628.html
    
    
    
    
    +---------------------------------+
    |  Package: im                    | ----------------------------//
    |  Date: 12-03-2002               |
    +---------------------------------+
    
    Description:
    The impwagent program creates a temporary directory in an insecure manner
    in /tmp using predictable directory names without checking the return code
    of mkdir, so it's possible to seize a permission of the temporary
    directory by local access as another user.
    
    Vendor Alerts:
    
     Debian:
    
      http://security.debian.org/pool/updates/main/i/im/
      im_141-18.1_all.deb
      Size/MD5 checksum:   217416 41a6ad3bc0b0591ba180dd5d646387f9
    
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-2630.html
    
    
    
    
    +---------------------------------+
    |  Package: smb2www               | ----------------------------//
    |  Date: 12-04-2002               |
    +---------------------------------+
    
    Description:
    Robert Luberda found a security problem in smb2www, a Windows Network
    client that is accessible through a web browser.  This could lead a remote
    attacker to execute arbitrary programs under the user id www-data on the
    host where smb2www is running.
    
    Vendor Alerts:
    
     Debian:
      http://security.debian.org/pool/updates/main/s/smb2www/
      smb2www_980804-16.1_all.deb
      Size/MD5 checksum:	79050 6d443251ebe2389c26ac163e739ee80e
    
     Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-2636.html
    
    
    
    
    +---------------------------------+
    |  Package: kdelibs               | ----------------------------//
    |  Date: 12-05-2002               |
    +---------------------------------+
    
    Description:
    The KDE team has discovered a vulnerability in the support for various
    network protocols via the KIO The implementation of the rlogin and
    protocol allows a carefully crafted URL in an HTML page, HTML email or
    other KIO-enabled application to execute arbitrary commands on the system
    using the victim's account on the vulnerable machine.
    
    Vendor Alerts:
    
     Debian:
      PLEASE SEE VENDOR ADVISORY FOR UPDATE
    
     Debian Vendor Advisory:
     http://www.linuxsecurity.com/advisories/debian_advisory-2640.html
    
    
    
    
    +---------------------------------+
    |  Package: windowmaker           | ----------------------------//
    |  Date: 12-05-2002               |
    +---------------------------------+
    
    Description:
    Al Viro discovered a vulnerability in the WindowMaker window manager. A
    function used to load images, for example when configuring a new
    background image or previewing themes, contains a buffer overflow. The
    function calculates the amount of memory necessary to load the image by
    doing some multiplication but does not check the results of this
    multiplication, which may not fit into the destination variable, resulting
    in a buffer overflow when the image is loaded.
    
    Vendor Alerts:
    
     Mandrake:
      PLEASE SEE VENDOR ADVISORY FOR UPDATE
    
      Mandrake Vendor Advisory:
      http://www.linuxsecurity.com/advisories/mandrake_advisory-2632.html
    
    
    
    
    +---------------------------------+
    |  Package: xinetd                | ----------------------------//
    |  Date: 12-05-2002               |
    +---------------------------------+
    
    Description:
    Versions of Xinetd prior to 2.3.7 leak file descriptors for the signal
    pipe to services that are launched by xinetd. This could allow an attacker
    to execute a DoS attack via the pipe. The Common Vulnerabilities and
    Exposures project has assigned the name CAN-2002-0871 to this issue.
    
     Vendor Alerts:
    
     Red Hat:
      ftp://updates.redhat.com/8.0/en/os/i386/xinetd-2.3.7-5.i386.rpm
      26e6f6faec33503f3538a4ac80c82ce2
    
      Red Hat Vendor Advisory:
      http://www.linuxsecurity.com/advisories/redhat_advisory-2629.html
    
    
    
    
    +---------------------------------+
    |  Package: webalizer             | ----------------------------//
    |  Date: 12-02-2002               |
    +---------------------------------+
    
    Description:
    A buffer overflow in Webalizer versions prior to 2.01-10, when configured
    to use reverse DNS lookups, may allow remote attackers to execute
    arbitrary code by connecting to the monitored Web server from an IP
    address that resolves to a long hostname.
    
    Vendor Alerts:
    
     Red Hat:
      ftp://updates.redhat.com/7.2/en/os/i386/
      webalizer-2.01_09-1.72.i386.rpm
      f3d16a9fa3c202031a6cda1da2944e3d
    
      Red Hat Vendor Advisory:
      http://www.linuxsecurity.com/advisories/redhat_advisory-2634.html
    
    
    
    
    +---------------------------------+
    |  Package: kdelibs               | ----------------------------//
    |  Date: 12-02-2002               |
    +---------------------------------+
    
    Description:
    A number of vulnerabilities have been found that affect various versions
    of KDE. This errata provides updates which resolve these issues.
    
    Vendor Alerts:
    
     Red Hat:
      PLEASE SEE VENDOR ADVISORY FOR UPDATE
    
      Red Hat Vendor Advisory:
      http://www.linuxsecurity.com/advisories/redhat_advisory-2635.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Dec 09 2002 - 04:15:56 PST