[ISN] Linux Advisory Watch - November 28th 2003

From: InfoSec News (isn@private)
Date: Mon Dec 01 2003 - 01:42:49 PST

  • Next message: InfoSec News: "[ISN] Watching the Net's background radiation"

    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  November 28th, 2003                      Volume 4, Number 47a |
      Editors:     Dave Wreski                Benjamin Thomas
                   dave@private     ben@private
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.
    It includes pointers to updated packages and descriptions of each
    This week, advisories were released for BIND, Ethereal, Glibc, Libnids,
    phpSysInfo, Stunnel, EPIC, iproute, Pan, and XFree86. The distributors
    include Guardian Digital's EnGarde Linux, Gentoo, Mandrake, and Red Hat.
    >> Free Trial SSL Certificate from Thawte <<
    Take your first step towards giving your online business a competitive
    advantage. Test-drive a Thawte SSL certificate our easy online guide will
    show you how.
    Get started now:
    Business and IT centers today are controlled by the growth of the
    Internet.  Just in ten years, technology has changed so rapidly that the
    old rules no longer apply.  Today, businesses are forced to comply with
    the momentum of the Internet, or face extinction. Change is always
    difficult, but now more than ever it is necessary. With every change in
    business, security must constantly be re- evaluated.
    In a typical corporate IT environment, new business requirements arise
    each day.  The application development team is constantly being asked to
    add new features to software, the networking team is increasingly being
    asked to provide access at anywhere, anytime and managers have the
    opinion, "make it work now, and no you can't have a budget."  Well, it's
    usually not that bad, but you get the idea.  Everyone is being stretched
    to the limit and it puts a great strain on the organization.  In the
    middle of adding more features, access points, and bandwidth, security is
    often forgotten.  That's okay, isn't it?  "We'll just add security later
    once we get the system working."
    That is exactly the problem all of us have today when working in security.
    It is typical to receive a memo at the end of the day stating that ten new
    servers is going to be deployed tomorrow morning, then at the end it asks,
    "Is this ok with security?" Of course not!  The typical problem that we
    all face does not have to do with technology, it is simply a people
    problem. Unfortunately, attitudes can't be changed over night.
    Sometimes, they may not be able to be changed or years.  The only way to
    address this is through a security awareness program.  The smaller the
    organization, the easier it should be.  People must be reminded daily that
    security is important to the organization, and is a high priority.  The
    quickest way to get results, is to get top management on board.  If you
    see that key management figures are unwilling to comply, and the
    organization is large enough, total security awareness may be an
    impossible task.
    Security is everyone's problem.  One administrator simply patching a
    server each week is a good start, but it shouldn't stop there.  Having
    adequate business security depends on many.  Often, it is your job to let
    those people know.  I realize that this task harder than it sounds, but
    hopefully I've given you some inspiration to begin getting others on
    board.  Don't face the fire alone!
    Until next time, cheers!
    Benjamin D. Thomas
    Guardian Digital Launches First Secure Small Business Internet
    Productivity Solution
    Building a complete Internet security and productivity system for your
    organization just got a whole lot simpler and more secure with Guardian
    Digital Internet Productivity Suite. Web-based management, spam and virus
    control, groupware, VPN services, and more!
    Find out more now:
    OpenVPN: An Introduction and Interview with Founder, James Yonan In this
    article, Duane Dunston gives a brief introduction to OpenVPN and
    interviews its founder James Yonan.
    -->  Take advantage of the LinuxSecurity.com Quick Reference Card!
    -->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf
    |  Distribution: EnGarde          | ----------------------------//
     11/26/2003 - BIND
       cache poisoning vulnerability
       A cache poisoning vulnerability exists in the version of BIND shipped
       with all versions of EnGarde Secure Linux.  Successful exploitation of
       this vulnerability may result in a temporary denial of service until
       the bad record expires from the cache.
    |  Distribution: Fedora           | ----------------------------//
     11/25/2003 - Ethereall
       buffer overflow vulnerability
       These updated ethereal packages fix a security problem found in
       versions prior to 0.9.16. It also fixes several other minor bugs and
    |  Distribution: Gentoo           | ----------------------------//
     11/24/2003 - Ethereal
       multiple vulnerabilities
       It may be possible to make Ethereal crash or run arbitrary code by
       injecting a purposefully malformed packet onto the wire, or by
       convincing someone to read a malformed packet trace file.
     11/24/2003 - Glibc
       buffer overrun vulnerability
       A bug in the getgrouplist function can cause a buffer overflow if the
       size of the group list is too small to hold all the user's groups. This
       overflow can cause segmentation faults in user applications. This
       vulnerability exists only when an administrator has placed a user in a
       number of groups larger than that expected by an application.
     11/24/2003 - Libnids
       remote code execution
       There is a bug in the part of libnids code responsible for TCP
       reassembly. The flaw probably allows remote code execution.
     11/24/2003 - phpSysInfo
       directory traversal
       phpSysInfo contains two vulnerabilities which could allow local files
       to be read or arbitrary PHP code to be executed, under the privileges
       of the web server process.
    |  Distribution: Mandrake         | ----------------------------//
     11/21/2003 - freeswan
       directory traversal
       The version of freeswan bundled with the latest kernel update did not
       match the freeswan package which essentially rendered it unuseable.
       This update brings the freeswan package up to date with the kernel
     11/26/2003 - Stunnel
       file descriptor leak
       A vulnerability was discovered in stunnel versions 3.24 and earlier, as
       well as 4.00, by Steve Grubb.  It was found that stunnel leaks a
       critical file descriptor that can be used to hijack stunnel's services.
    |  Distribution: Red Hat          | ----------------------------//
     11/24/2003 - EPIC
       Buffer overflow vulnerability
       Updated EPIC packages which fix an exploitable buffer overflow
       vulnerability are now available.
     11/24/2003 - iproute
       Local denial of service vulnerability
       Updated iproute packages that close a locally-exploitable denial of
       service vulnerability are now available.
     11/24/2003 - stunnel
       Signal-handling vulnerability
       Updated stunnel packages are now available for Red Hat Linux 7.1, 7.2,
       7.3, and 8.0 systems.  These updates address problems stemming from
       improper use of non-reentrant functions in signal handlers.
     11/24/2003 - Pan
       Denial of service vulnerability
       Updated Pan packages that close a denial of service vulnerability are
       now available.
     11/25/2003 - XFree86
       Multiple vulnerabilities
       Multiple integer overflows in the transfer and enumeration of font
       libraries in XFree86 allow local or remote attackers to cause a denial
       of service or execute arbitrary code via heap-based and stack-based
       buffer overflow attacks.
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
         To unsubscribe email vuln-newsletter-request@private
             with "unsubscribe" in the subject of the message.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Dec 01 2003 - 04:25:17 PST