+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| March 5th, 2004 Volume 5, Number 10a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@private ben@private
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for the Linux kernel, xboing, pwlib,
tcpdump, and libxml2. The distributors include Debian, Fedora, FreeBSD,
and Mandrake.
----
>> Internet Productivity Suite: Open Source Security <<
Trust Internet Productivity Suites open source architecture to give you
the best security and productivity applications available. Collaborating
with thousands of developers, Guardian Digital security engineers
implement the most technologically advanced ideas and methods into their
design.
http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn10
----
Knock Knock, Who's There?
One of the more recent rumblings in the open source community is the
concept of port knocking. This technique involves a daemon listening for
a particular knock sequence. A knock is established by a client trying to
make a connection to a closed port. If the client provides the correct
sequence, the server modifies its firewall rules to allow access to a
specific port for that user. For example, the system may be configured to
open up port 22 if the correct information is sent across a series of
connection attempts.
Port knocking is not a security silver bullet. Like most controls, is
merely another layer. It can work well in conjunction with IP based
access controls and standard forms of user authentication. Because it can
be considered a sophisticated form of security by obscurity, one should
not rely on port knocking alone. Rather, it can be used to provide an
additional level of protection.
For those of you interested in port knocking there is a wonderful resource
available at http://www.portknocking.org The site includes a firewall
primer, sample port knocking software written in PERL, C, Java, and
Python, enough documentation to get started, and a FAQ.
The PERL implementation includes a knockclient and knockdaemon. They both
include enough documentation to install it. Port knocking providesa great
way to hide services that are rarely used. However, it does not take the
place of strong passwords/keys, other forms of authentication, and server
patching. Usage of port knocking does not mean that it is alright to run
a severely outdated version of OpenSSH. It may prevent some compromises,
but does not eliminate the possibility.
Until next time, cheers!
Benjamin D. Thomas
ben@private
---
Guardian Digital Introduces Innovative Open Source
Approach to Combating Email Threats
Guardian Digital, the world's premier open source security company, has
introduced Content and Policy Enforcement (CAPE) technology, an innovative
open source software system for securing enterprise email operations.
Unique in its approach, CAPE technology powers the email security
operations of Secure Mail Suite v3.0, the company's enterprise email and
productivity platform.
http://www.guardiandigital.com/company/press/2004/emailthreats.html
--------------------------------------------------------------------
Interview with Vincenzo Ciaglia, Founder of Netwosix
In this article, a brief introduction of Netwosix is given and the project
founder Vincenzo Ciaglia is interviewed. Netwosix is light Linux
distribution for system administrators and advanced users.
http://www.linuxsecurity.com/feature_stories/feature_story-160.html
--------------------------------------------------------------------
Introduction to Netwox and Interview with Creator Laurent Constantin
In this article Duane Dunston gives a brief introduction to Netwox, a
combination of over 130 network auditing tools. Also, Duane interviews
Laurent Constantin, the creator of Netwox.
http://www.linuxsecurity.com/feature_stories/feature_story-158.html
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
2/27/2004 - kernel
MIPs platform update
Several local root exploits have been discovered recently in the
Linux 2.4.x kernel.
http://www.linuxsecurity.com/advisories/debian_advisory-4091.html
2/27/2004 - xboing
Buffer overflow vulnerabilities
can be exploited by a local attacker to gain gid "games".
http://www.linuxsecurity.com/advisories/debian_advisory-4093.html
3/1/2004 - libapache-mod-python Denial of service vulnerability
Buffer overflow vulnerabilities
Fixes a bug which allows a malformed query string to crash the
corresponding Apache child process.
http://www.linuxsecurity.com/advisories/debian_advisory-4094.html
3/2/2004 - kernel
2.2.x Privilege escalation vulnerability
It turned out that a second (sort of) vulnerability is indeed
exploitable in 2.2.x, but not in 2.4.x, with a different exploit.
http://www.linuxsecurity.com/advisories/debian_advisory-4096.html
3/3/2004 - kernel
2.2.x (alpha) Privilege escalation vulnerability
This is the alpha-chip version of the kernel 2.2.x patch Debian
released yesterday.
http://www.linuxsecurity.com/advisories/debian_advisory-4098.html
3/4/2004 - libxml/libxml2 Buffer overflow vulnerability
2.2.x (alpha) Privilege escalation vulnerability
When fetching a remote resource via FTP or HTTP, the library uses
special parsing routines which can overflow a buffer if passed a
very long URL.
http://www.linuxsecurity.com/advisories/debian_advisory-4107.html
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
3/2/2004 - pwlib
Denial of service vulnerability
Using carefully crafted messages, an attacker can bring about
denial of service.
http://www.linuxsecurity.com/advisories/fedora_advisory-4097.html
3/3/2004 - tcpdump
Multiple vulnerabilities
Carefully crafted packets can cause denial of service in tcpdump,
or execute code as 'pcap' user.
http://www.linuxsecurity.com/advisories/fedora_advisory-4099.html
3/3/2004 - kernel
2.4.x Privilege escalation vulnerability
Rollup rpms fix recently reported kernel vulnerabilities in Red
Hat 7.2-8.
http://www.linuxsecurity.com/advisories/fedora_advisory-4100.html
3/4/2004 - tcpdump
Multiple vulnerabilities
Crafted packets could result in a denial of service, or possibly
execute arbitrary code as the 'pcap' user.
http://www.linuxsecurity.com/advisories/fedora_advisory-4108.html
+---------------------------------+
| Distribution: FreeBSD | ----------------------------//
+---------------------------------+
2/27/2004 - kernel
Improper access vulnerability
Jailed processes can attach to other jails.
http://www.linuxsecurity.com/advisories/freebsd_advisory-4092.html
3/3/2004 - kernel
Denial of service vulnerability
Out-of-sequence tcp packets can be used to execute a low-bandwidth
DoS attack.
http://www.linuxsecurity.com/advisories/freebsd_advisory-4101.html
+---------------------------------+
| Distribution: Mandrake | ----------------------------//
+---------------------------------+
3/4/2004 - pwlib
Denial of service vulnerability
Severity would vary based on the application, but likely would
result in a Denial of Service (DoS).
http://www.linuxsecurity.com/advisories/mandrake_advisory-4109.html
3/4/2004 - libxml2
Buffer overflow vulnerability
Under certain circumstances, this bug could be remotely exploited
to execute arbitrary code.
http://www.linuxsecurity.com/advisories/mandrake_advisory-4110.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Mar 08 2004 - 04:29:26 PST