[ISN] Linux Advisory Watch - May 9th 2003

From: InfoSec News (isnat_private)
Date: Mon May 12 2003 - 01:30:35 PDT

  • Next message: InfoSec News: "[ISN] Businesses 'unaware of basic on-line security'"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  May 9th, 2002                            Volume 4, Number 18a |
    +----------------------------------------------------------------+
    
      Editors:     Dave Wreski                Benjamin Thomas
                   daveat_private     benat_private
    
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilitiaes that have been announced throughout the week.
    It includes pointers to updated packages and descriptions of each
    vulnerability.
    
    This week, advisories were released for samba, file, tcpsec, krb5, vnc,
    snort, epic4, balsa, leksbot, libgtop, fuzz, openssh, MySQL, and
    mod_auth_any.  The distributors include SCO, Conectiva, Connectiva,
    Debian, Gentoo, and RedHat.
    
    Have you noticed any changes with this week's newsletter? It probably will
    not take you long to realize that something is different. First, rather
    than sorting security advisories by package, we are now sorting by
    distribution. The purpose of that is to allow you to more easily find
    information about your desired distribution. Second, the description
    information provided with each advisory is shorter and probably more
    informative. For example, rather than giving extreme detail on some
    vulnerabilities and little to none on others, we are now making an effort
    to provide a consistent level of detail for all advisories listed.
    Hopefully, these changes will allow this newsletter to be more helpful to
    you.
    
    In addition, each week we will include commentary on particularly
    significant advisories, security news, opinion, tips, research, and
    anything else that may be interesting to readers.
    
    Do you have any suggestions? We are currently in the first phase of a
    three-part reconstruction effort to improve the quality of our
    newsletters. Our goal is to provide a single place for security advisory
    information that can be accessed quickly. How can we make your job easier?
    What would you like to see in our newsletters? Do you welcome this change?
    Do you have any other suggestions on how we can improve?
    
    We look forward to hearing from you!
    newsat_private
    
    
    SECURE YOUR SERVERS WITH 128-BIT SSL ENCRYPTION
    
    Guarantee transmitted data integrity, secure all communication sessions
    and more with SSL encryption from Thawte- a leading global certificate
    provider. Learn more in our FREE GUIDE--click here to get
    
    Find out more!
    http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte17
    
    
    At the RealWorld Linux Expo in Toronto, Guardian Digital launched the next
    generation of the Community edition of EnGarde Secure Linux - the
    secure and easy to manage system for building a complete Internet
    presence while protecting your information assets.
    
    Download the FREE trial today!
    http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=freetrial
    
    
    --------------------------------------------------------------------
    
    * Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
    unparalleled in security, ease of management, and features. Open source
    technology constantly adapts to new threats. Email firewall, simplified
    administration, automatically updated.
    
     --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2
    
    --------------------------------------------------------------------
    
    Days of the Honeynet: Attacks, Tools, Incidents - Among other benefits,
    running a honeynet makes one acutely aware about "what is going on" out
    there. While placing a network IDS outside one's firewall might also
    provide a similar flood of alerts, a honeypot provides a unique
    prospective on what will be going on when a related server is compromised
    used by the intruders.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-141.html
    
    
    +---------------------------------+
    |  Distribution: SCO              | ----------------------------//
    +---------------------------------+
    
     5/7/2003 - samba
       multiple vulnerabilities
    
       This updates fixes multiple vulnerabilities in samba.
       http://www.linuxsecurity.com/advisories/caldera_advisory-3240.html
    
     5/7/2003 - file
       buffer overflow vulnerability
    
       The file command is vulnerable to a buffer overflow when given a
       maliciously crafted binary to examine.
       http://www.linuxsecurity.com/advisories/caldera_advisory-3241.html
    
     5/7/2003 - tcpsec
       SYN+FIN packet discarding vulnerability
    
       Allowing TCP packets with both the SYN and FIN bits set
       significantly improve an attacker's chances of circumventing a
       firewall.
       http://www.linuxsecurity.com/advisories/caldera_advisory-3242.html
    
    
    +---------------------------------+
    |  Distribution: Conectiva        | ----------------------------//
    +---------------------------------+
    
     5/5/2003 - krb5
       Multiple vulnerabilities
    
       Cryptographic weakness, buffer overrun and underrun, faulty length
       checks, and integer signedness vulnerabilities have been fixed.
       http://www.linuxsecurity.com/advisories/connectiva_advisory-3232.html
    
     5/5/2003 - vnc
       Multiple vulnerabilities
    
       Cryptographic weakness, buffer overrun and underrun, faulty length
       checks, and integer signedness vulnerabilities have been fixed.
       http://www.linuxsecurity.com/advisories/connectiva_advisory-3233.html
    
    
    +---------------------------------+
    |  Distribution: Connectiva       | ----------------------------//
    +---------------------------------+
    
     5/7/2003 - snort
       integer overflow vulnerability
    
       There is a remotely exploitable integer overflow vulnerability in
       Snort.
       http://www.linuxsecurity.com/advisories/connectiva_advisory-3243.html
    
    
    +---------------------------------+
    |  Distribution: Debian           | ----------------------------//
    +---------------------------------+
    
     5/5/2003 - epic4
       buffer overflow vulnerability
    
       A malicious server could craft special reply strings, triggering
       the client to write beyond buffer boundaries.
       http://www.linuxsecurity.com/advisories/debian_advisory-3231.html
    
     5/6/2003 - balsa
       off-by-one vulnerabilities
    
       Byrial Jensen discovered a couple of off-by-one buffer overflow in
       the IMAP code of Mutt.
       http://www.linuxsecurity.com/advisories/debian_advisory-3235.html
    
     5/6/2003 - leksbot
       improper setuid-root execution
    
       Due to a packaging error, the program /usr/bin/KATAXWR was
       inadvertently installed setuid root.
       http://www.linuxsecurity.com/advisories/debian_advisory-3236.html
    
     5/7/2003 - libgtop
       Remote buffer overflow vulnerability
    
       Due to a packaging error, the program /usr/bin/KATAXWR was
       inadvertently installed setuid root.
       http://www.linuxsecurity.com/advisories/debian_advisory-3244.html
    
     5/7/2003 - fuzz
       Local privilege escalation vulnerability
    
       Due to a packaging error, the program /usr/bin/KATAXWR was
       inadvertently installed setuid root.
       http://www.linuxsecurity.com/advisories/debian_advisory-3245.html
    
    
    +---------------------------------+
    |  Distribution: Gentoo           | ----------------------------//
    +---------------------------------+
    
     5/2/2003 - openssh
       Information disclosure vulnerability
    
       Due to a packaging error, the program /usr/bin/KATAXWR was
       inadvertently installed setuid root.
       http://www.linuxsecurity.com/advisories/gentoo_advisory-3226.html
    
    
    +---------------------------------+
    |  Distribution: RedHat           | ----------------------------//
    +---------------------------------+
    
     5/2/2003 - MySQL
       Multiple vulnerabilities
    
       Due to a packaging error, the program /usr/bin/KATAXWR was
       inadvertently installed setuid root.
       http://www.linuxsecurity.com/advisories/redhat_advisory-3227.html
    
     5/2/2003 - mod_auth_any
       Arbitrary command execution vulnerability
    
       Due to a packaging error, the program /usr/bin/KATAXWR was
       inadvertently installed setuid root.
       http://www.linuxsecurity.com/advisories/redhat_advisory-3228.html
    
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-requestat_private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon May 12 2003 - 04:15:01 PDT