[ISN] Linux Advisory Watch - November 7th 2003

From: InfoSec News (isn@private)
Date: Sun Nov 09 2003 - 22:30:20 PST

  • Next message: InfoSec News: "[ISN] Hackers reach Defence files: report"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  November 7th, 2003                       Volume 4, Number 44a |
    +----------------------------------------------------------------+
    
       Editors:     Dave Wreski                Benjamin Thomas
                    dave@private     ben@private
    
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.
    It includes pointers to updated packages and descriptions of each
    vulnerability.
    
    This week, advisories were released for bugzilla, fileutils, postgresql,
    apache, CUPS, and thttpd.  The distributors include Conectiva, Guardian
    Digital's EnGarde Linux, Gentoo, Immunix, Mandrake, RedHat, Slackware, and
    SuSE.
    
     >> Get Thawte's NEW Step-by-Step SSL Guide for Apache <<
    
    In this guide you will find out how to test, purchase, install and use a
    Thawte Digital Certificate on you Apache web server. Throughout, best
    practices for set-up are highlighted to help you ensure efficient ongoing
    management of your encryption keys and digital certificates. Get you copy
    of this new guide now:
    
      Click Command:
      http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte26
    
    Although the update has been out for several weeks, the SANS Top20 list
    still remains important.  For administrators and management, it is a good
    way to get an idea of some of the most vulnerable services.  Although best
    practice should dictate that these services have already been eliminated
    or secured, this is often not the case. The SANS Top20 can should be an
    eye-opener to those who do not regularly patch and update systems.
    
    Both the problem and beauty of the Top20 list is its length.  For those of
    us with only Unix and/or Linux based servers, the list is cut down to 10.
    Some of the vulnerabilities listed are related to BIND, RPC, Apache,
    passwords, and clear text services.  The list is very useful because of
    its length giving people a quick idea of some of the biggest problems.
    My concern is that diligence will stop after number 10.  After each of the
    10 Unix system vulnerabilities are addressed, administrators may have a
    false sense of security.  It is important to equally ensure that all other
    services have been patched.  One of the most common-sense ways to reduce
    this workload is simply to not start services, or have software installed
    that may be a potential problem in the future.  Living with only the
    minimum necessary requirements is often difficult.  For example, when
    installing a particular flavor of Linux, it takes much more time to
    individually choose the packages you require, rather than simply
    installing a pre-configured server configuration.
    
    The Top20 list should only be a starting point for those wishing to
    maintain a secure network.  After each item on the list has been
    addressed, security staff should then strive to achieve compliance with
    standards such as BS-7799/ISO-17799, NIST security standards, the ISF's
    Standard of Good Practice, and others.  Once again, the common
    re-occurring theme in information security process and standardization.
    The absolute best way to achieve a secure operating environment is the
    continual re-evaluation of policies, procedures, and practices.
    
    Until next time, cheers!
    Benjamin D. Thomas
    ben@private
    
    ---
    
    CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner!
    Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
    Editor's Choice Award, EnGarde "walked away with our Editor's Choice award
    thanks to the depth of its security strategy..." Find out what the other
    Linux vendors are not telling you.
    
    http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2
    
    --------------------------------------------------------------------
    
    -->  Take advantage of the LinuxSecurity.com Quick Reference Card!
    -->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf
    
    
    +---------------------------------+
    |  Distribution: Conectiva        | ----------------------------//
    +---------------------------------+
    
      11/6/2003 - bugzilla
        multiple vulnerabilities
    
        Several vulnerabilities have been announced and are being fixed in
        this update.
        http://www.linuxsecurity.com/advisories/connectiva_advisory-3760.html
    
      11/6/2003 - apache
        multiple vulnerabilities
    
        New versions of the Apache web server have been made available with
        the following security fixes.
        http://www.linuxsecurity.com/advisories/connectiva_advisory-3761.html
    
    
    +---------------------------------+
    |  Distribution: EnGarde          | ----------------------------//
    +---------------------------------+
    
      11/4/2003 - 'openssl' ASN.1 parsing DoS
        multiple vulnerabilities
    
        This vulnerability (triggered by certain ASN.1 sequences which cause a
        large recursion) is only believed to be exploitable as a denial of
        service on the Windows platform at this time.
        http://www.linuxsecurity.com/advisories/engarde_advisory-3757.html
    
      11/5/2003 - 'apache' mod_alias and mod_rewrite buffer overflow
        multiple vulnerabilities
    
        A buffer overflow in mod_alias and mod_rewrite was discovered in the
        Apache web server.  This vulnerability may be exploited when a regular
        expression with more then nine captures is defined in either the
        httpd.conf or an .htaccess file.
        http://www.linuxsecurity.com/advisories/engarde_advisory-3759.html
    
    
    +---------------------------------+
    |  Distribution: Gentoo           | ----------------------------//
    +---------------------------------+
    
      10/31/2003 - net-www/apache Buffer overflow vulnerability
        multiple vulnerabilities
    
        A buffer overflow could occur in mod_alias and mod_rewrite when a
        regular expression with more than 9 captures is configured.
        http://www.linuxsecurity.com/advisories/gentoo_advisory-3753.html
    
    
    +---------------------------------+
    |  Distribution: Immunix          | ----------------------------//
    +---------------------------------+
    
      10/31/2003 - fileutils
        Memory exhaustion vulnerability
    
        An off-by-one attack that may lead to a memory exhaustion
        vulnerability has been fixed.
        http://www.linuxsecurity.com/advisories/immunix_advisory-3749.html
    
    
    +---------------------------------+
    |  Distribution: Mandrake         | ----------------------------//
    +---------------------------------+
    
      11/3/2003 - postgresql
        Buffer overflow vulnerability
    
        Two bugs were discovered that lead to a buffer overflow in PostgreSQL
        versions 7.2.x and 7.3.x prior to 7.3.4, in the abstract data type
        (ADT) to ASCII conversion functions.
        http://www.linuxsecurity.com/advisories/mandrake_advisory-3755.html
    
      11/3/2003 - apache
        Buffer overflow vulnerability
    
        A buffer overflow in mod_alias and mod_rewrite was discovered in
        Apache versions 1.3.19 and earlier as well as Apache 2.0.47 and
        earlier.
        http://www.linuxsecurity.com/advisories/mandrake_advisory-3756.html
    
      11/6/2003 - CUPS
        denial of service vulnerability
    
        A bug in versions of CUPS prior to 1.1.19 was reported in the Internet
        Printing Protocol (IPP) implementation would result in CUPS going into
        a busy loop, which could result in a Denial of Service (DoS)
        condition.
        http://www.linuxsecurity.com/advisories/mandrake_advisory-3762.html
    
    
    +---------------------------------+
    |  Distribution: RedHat           | ----------------------------//
    +---------------------------------+
    
      11/3/2003 - CUPS
        Denial of Service vulnerability
    
        Updated CUPS packages that fix a problem where CUPS can hang are now
        available.
        http://www.linuxsecurity.com/advisories/redhat_advisory-3754.html
    
      11/6/2003 - fileutils
        denial of service vulnerability
    
        Georgi Guninski discovered a memory starvation denial of service
        vulnerability in the ls program.
        http://www.linuxsecurity.com/advisories/redhat_advisory-3763.html
    
      11/6/2003 - CUPS
        denial of service vulnerability
    
        Paul Mitcheson reported a situation where the CUPS Internet Printing
        Protocol (IPP) implementation in CUPS versions prior to 1.1.19 would
        get into a busy loop.
        http://www.linuxsecurity.com/advisories/redhat_advisory-3764.html
    
    
    +---------------------------------+
    |  Distribution: Slackware        | ----------------------------//
    +---------------------------------+
    
      11/4/2003 - apache
        multiple vulnerabilities
    
        These updates fix local vulnerabilities that could allow users who can
        create or edit Apache config files to gain additional privileges.
        http://www.linuxsecurity.com/advisories/slackware_advisory-3758.html
    
    
    +---------------------------------+
    |  Distribution: SuSE             | ----------------------------//
    +---------------------------------+
    
      11/1/2003 - thttpd
        Remote privilege escalation vulnerability
    
        A Buffer overflow and privilege escalation vulnerabilty have been
        fixed.
        http://www.linuxsecurity.com/advisories/suse_advisory-3752.html
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-request@private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Nov 10 2003 - 03:12:39 PST