[ISN] Linux Advisory Watch - April 18th, 2003

From: InfoSec News (isnat_private)
Date: Mon Apr 21 2003 - 00:48:53 PDT

  • Next message: InfoSec News: "[ISN] Former Boston College student gets probation in hacking case"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  April 18th, 2003                         Volume 4, Number 15a |
    +----------------------------------------------------------------+
    
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private     benat_private
    
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilitiaes that have been announced throughout the week.
    It includes pointers to updated packages and descriptions of each
    vulnerability.
    
    This week, advisories were released for openssl, mutt, ethereal, xfsdump,
    kdegraphics, lprng, gs-common, epic, lpr, rinetd, glibc, evolution,
    gdkhtml, eyeofgnome, samba, and krb5.  The distributors include Conectiva,
    Debian, Immunix, Mandrake, Red Hat, and Turbo Linux.
    
    SECURE YOUR APACHE SERVERS WITH 128-BIT SSL ENCRYPTION
    Guarantee transmitted data integrity; secure all communication sessions
    and more with SSL encryption from Thawte - a leading global certificate
    provider for the Open Source community. Learn more in our FREE GUIDE Click
    here to get it now!
    
     --> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte14
    
    --------------------------------------------------------------------
    
    LinuxSecurity Feature Extras:
    
    Making It Big: Large Scale Network Forensics (Part 2 of 2) - Proper
    methodology for computer forensics would involve a laundry-list of
    actions and thought processes that an investigator needs to consider
    in order to have the basics covered.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-140.html
    
    --------------------------------------------------------------------
    
    * Comprehensive SPAM Protection! - Guardian Digital's Secure Mail
    Suite is unparalleled in security, ease of management, and features.
    Open source technology constantly adapts to new threats. Email
    firewall, simplified administration, automatically updated.
    
     --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2
    
    --------------------------------------------------------------------
    
    Making It Big: Large Scale Network Forensics (Part 1 of 2) - Computer
    forensics have hit the big time. A previously superniche technology,
    forensics have moved into the collective consciousness of IT sys. admins.
    and Corporate CSOs.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-139.html
    
    
    +---------------------------------+
    |  Package: openssl               | ----------------------------//
    +---------------------------------+
    
    Description:
    There are multiple vulnerabilities in OpenSSL.
    
     Vendor Alerts:
    
     Conectiva:
      Contectiva Vendor Advisory:
      http://www.linuxsecurity.com/advisories/connectiva_advisory-3155.html
    
    
     Debian:
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-3183.html
    
    
    
    +---------------------------------+
    |  Package: mutt                  | ----------------------------//
    +---------------------------------+
    
    Description:
    There is a buffer overflow vulnerability in the mutt code that
    handles IMAP folders.
    
    Vendor Alerts:
    
     Conectiva:
      Contectiva Vendor Advisory:
      http://www.linuxsecurity.com/advisories/connectiva_advisory-3168.html
    
    
    
    
    +---------------------------------+
    |  Package: ethereal              | ----------------------------//
    +---------------------------------+
    
    Description:
    There are multiple vulnerablilites in ethereal.
    
    Vendor Alerts:
    
     Conectiva:
      Contectiva Vendor Advisory:
      http://www.linuxsecurity.com/advisories/connectiva_advisory-3182.html
    
    
    
    +---------------------------------+
    |  Package: xfsdump               | ----------------------------//
    +---------------------------------+
    
    Description:
    Ethan Benson discovered a problem in xfsdump, that contains
    administrative utilities for the XFS filesystem.  When filesystem
    quotas are enabled xfsdump runs xfsdq to save the quota information
    into a file at the root of the filesystem being dumped.  The manner
    in which this file is created is unsafe.
    
    Vendor Alerts:
    
     Debian:
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-3156.html
    
     Mandrake:
      Mandrake Vendor Advisory:
      http://www.linuxsecurity.com/advisories/mandrake_advisory-3185.html
    
    
    
    +---------------------------------+
    |  Package: kdegraphics           | ----------------------------//
    +---------------------------------+
    
    Description:
    The KDE team discoverd a vulnerability in the way KDE uses Ghostscript
    software for processing of PostScript (PS) and PDF files. An attacker
    could provide a malicious PostScript or PDF file via mail or websites that
    could lead to executing arbitrary commands under the privileges of the
    user viewing the file or when the browser generates a directory listing
    with thumbnails.
    
    Vendor Alerts:
    
     Debian:
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-3163.html
    
     Gentoo:
      Gentoo Vendor Advisory:
      http://www.linuxsecurity.com/advisories/gentoo_advisory-3171.html
      http://www.linuxsecurity.com/advisories/gentoo_advisory-3165.html
    
     Turbo Linux:
      Turbo Linux Vendor Advisory:
      http://www.linuxsecurity.com/advisories/turbolinux_advisory-3160.html
    
    
    
    
    +---------------------------------+
    |  Package: lprng                 | ----------------------------//
    +---------------------------------+
    
    Description:
    Karol Lewandowski discovered that psbanner, a printer filter that creates
    a PostScript format banner and is part of LPRng, insecurely creates a
    temporary file for debugging purpose when it is configured as filter.
    The program does not check whether this file already exists or is linked
    to another place writes its current environment and called arguments to
    the file unconditionally with the user id daemon.
    
    Vendor Alerts:
    
     Debian:
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-3164.html
    
    
    
    +---------------------------------+
    |  Package: gs-common             | ----------------------------//
    +---------------------------------+
    
    Description:
    Paul Szabo discovered insecure creation of a temporary file in ps2epsi, a
    script that is distributed as part of gs-common which contains common
    files for different Ghostscript releases. ps2epsiuses a temporary file in
    the process of invoking ghostscript. This file was created in an insecure
    fashion, which could allow a local attacker to overwrite files owned by a
    user who invokes ps2epsi.
    
    Vendor Alerts:
    
     Debian:
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-3169.html
    
    
    
    +---------------------------------+
    |  Package: epic                  | ----------------------------//
    +---------------------------------+
    
    Description:
    Timo Sirainen discovered several problems in EPIC, a popular client for
    Internet Relay Chat (IRC). A malicious server could craft special reply
    strings, triggering the client to write beyond buffer boundaries.  This
    could lead to a denial of service if the client only crashes, but may also
    lead to executing of arbitrary code under the user id of the chatting
    user.
    
    Vendor Alerts:
    
     Debian:
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-3170.html
    
    
    
    +---------------------------------+
    |  Package: lpr                   | ----------------------------//
    +---------------------------------+
    
    Description:
    A buffer overflow has been discovered in lpr, a BSD lpr/lpd line printer
    spooling system.  This problem can be exploited by a local user to gain
    root privileges, even if the printer system is set up properly.
    
    Vendor Alerts:
    
     Debian:
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-3176.html
    
    
    
    +---------------------------------+
    |  Package: rinetd                | ----------------------------//
    +---------------------------------+
    
    Description:
    Sam Hocevar discovered a security problem in rinetd, an IP connection
    redirection server.  When the connection list is full, rinetd resizes the
    list in order to store the new incoming connection.  However, this is done
    improperly, resulting in a denial of service and potentially execution of
    arbitrary code.
    
    Vendor Alerts:
    
     Debian:
      Debian Vendor Advisory:
      http://www.linuxsecurity.com/advisories/debian_advisory-3184.html
    
    
    
    +---------------------------------+
    |  Package: glibc                 | ----------------------------//
    +---------------------------------+
    
    Description:
    Researchers at eEye Digital Security have found integer overflow flaws in
    the XDR library typically used with Sun RPC. While there are no known
    exploits for this problem circulating, we recommend upgrading as soon as
    possible, as it is unlikely StackGuard will prevent exploitation of this
    flaw. Upgrading is especially important for sites using RPC services.
    
    Vendor Alerts:
    
     Immunix:
      Immunix Vendor Advisory:
      http://www.linuxsecurity.com/advisories/immunix_advisory-3178.html
    
    
     Red Hat:
      Red Hat Vendor Advisory:
      http://www.linuxsecurity.com/advisories/redhat_advisory-3167.html
    
    
    
    
    +---------------------------------+
    |  Package: evolution             | ----------------------------//
    +---------------------------------+
    
    Description:
    Several vulnerabilities were discovered in the Evolution email client.
    These problems make it possible for a carefully constructed email message
    to crash the program, causing general system instability by starving
    resources.
    
    Vendor Alerts:
    
     Mandrake:
      Mandrake Vendor Advisory:
      http://www.linuxsecurity.com/advisories/mandrake_advisory-3179.html
    
    
    
    +---------------------------------+
    |  Package: gtkhtml               | ----------------------------//
    +---------------------------------+
    
    Description:
    A vulnerability in GtkHTML was discovered by Alan Cox with the Evolution
    email client.  GtkHTML is used to handle HTML messages in Evolution and
    certain malformed messages could cause Evolution to crash due to this bug.
    
    Vendor Alerts:
    
     Mandrake:
      Mandrake Vendor Advisory:
      http://www.linuxsecurity.com/advisories/mandrake_advisory-3180.html
    
    
     Red Hat:
      Red Hat Vendor Advisory:
      http://www.linuxsecurity.com/advisories/redhat_advisory-3172.html
    
    
    
    +---------------------------------+
    |  Package: eyeofgnome            | ----------------------------//
    +---------------------------------+
    
    Description:
    A vulnerability was discovered in the Eye of GNOME (EOG) program, version
    2.2.0 and earlier, that is used for displaying graphics.  A carefully
    crafted filename passed to eog could lead to the execution of arbitrary
    code as the user executing eog.
    
    Vendor Alerts:
    
     Mandrake:
      Mandrake Vendor Advisory:
      http://www.linuxsecurity.com/advisories/mandrake_advisory-3186.html
    
    
    
    +---------------------------------+
    |  Package: samba                 | ----------------------------//
    +---------------------------------+
    
    Description:
    A buffer overrun condition exists in the samba SMB protocol
    implementation. These vulnerabilities may allow remote attackers to gain
    the root privileges.
    
    Vendor Alerts:
    
     Turbo Linux:
      Turbo Linux Vendor Advisory:
    
      http://www.linuxsecurity.com/advisories/turbolinux_advisory-3159.html
    
    
    
    +---------------------------------+
    |  Package: krb5                  | ----------------------------//
    +---------------------------------+
    
    Description:
    These vulnerabilities may allow remote attackers to gain the realm and to
    cause a denial of krb5 service.
    
    Vendor Alerts:
    
     Turbo Linux:
      Turbo Linux Vendor Advisory:
    
      http://www.linuxsecurity.com/advisories/turbolinux_advisory-3181.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Apr 21 2003 - 02:57:50 PDT