[ISN] Linux Advisory Watch - April 16th 2004

From: InfoSec News (isn@private)
Date: Mon Apr 19 2004 - 01:58:49 PDT

  • Next message: InfoSec News: "[ISN] Vulnerable to risk: Other resorts susceptible to a similar outage"

    +----------------------------------------------------------------+
    |  LinuxSecurity.com                        Linux Advisory Watch |
    |  April 16th, 2004                         Volume 5, Number 16a |
    +----------------------------------------------------------------+
    
      Editors:     Dave Wreski                Benjamin Thomas
                   dave@private     ben@private
    
    Linux Advisory Watch is a comprehensive newsletter that outlines the
    security vulnerabilities that have been announced throughout the week.
    It includes pointers to updated packages and descriptions of each
    vulnerability.
    
    This week, advisories were released for apache, the Linux kernel, mysql,
    xonix, ssmtp, openoffice, squid, cvs, Heimdal, iproute, pwlib, scorched,
    tcpdump, cadaver, and mailman. The distributors include Conectiva, Debian,
    Fedora, FreeBSD, Gentoo, Mandrake, Red Hat, and SuSE.
    
    ----
    
    >> Secure Online Data Transfer with SSL <<
    
    Get Thawte's new introductory guide to SSL security which covers the
    basics of how it operates. A discussion of the various applications of SSL
    certificates and their appropriate deployment is also included along with
    details of how to test SSL on your web server.
    
    http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=thawte02
    
    ----
    
    Professional Associations
    
    Those of you who have been in the IT industry for years are probably
    already familiar with most professional organizations.  Some of the more
    popular include ISSA (Information Systems Security Association),
    USENIX/SAGE, ACM, IAPSC, and countless others.  Most organizations require
    its members to pay dues, but that is not without value. Because there are
    so many different organizations, it is a better idea to pick one or two
    and get heavily involved.  Many organizations are worldwide, but have
    local chapters.  This provides many opportunities for benefit.
    
    Did you ever wish you knew the right people?  Local chapter meetings are
    great for professional networking.  Some organizations have quarterly
    meetings, others hold them monthly.  Chapter events are a great
    opportunity to meet people that have similar interests and needs. If you
    are in search for a specific security solution, often you will find
    someone at a meeting who can offer it.  Conversely, if you're a business
    owner and wish to extend your services, meetings can be helpful.
    
    Organizations such as the ISSA offer educational benefits.  Usually
    meetings include a lecture that is centered around an information security
    topic.  Other meetings can include practical demonstrations and
    round-table discussions.  Also, ad hoc study groups are often formed to
    prepare for certification exams.
    
    Do you need additional credentials on your resume/cv?  Do you wish you
    could prove to management that you are ready for a leadership position?
    Professional organizations also offer its members the chance to lead.
    Positions such as chapter president, vice president, secretary, etc. open
    for election each year.  Although time consuming, it can be a worthwhile
    commitment.
    
    Finally, most professional organizations have monthly/quarterly journals
    that are written by members.  Rather than being subject to corporate
    pressures, you'll find the articles in these journals are of high quality
    and relatively unbiased.  Usually you can also find archives of past
    papers/publications on each organization's Web site.
    
    For more information about some of the professional organizations that
    I've mentioned, please see the following Web sites:
    
    Information Systems Security Association
    http://www.issa.org
    
    Association for Computing Machinery
    http://www.acm.org
    
    USENIX/SAGE
    http://www.usenix.org
    
    International Association of Professional Security Consultants
    http://www.iapsc.org/
    
    
    Until next time, cheers!
    Benjamin D. Thomas
    ben@private
    
    ----
    
    Guardian Digital Launches Next Generation Internet
    Defense & Detection System
    
    Guardian Digital has announced the first fully open source system designed
    to provide both intrusion detection and prevention functions. Guardian
    Digital Internet Defense & Detection System (IDDS) leverages best-in-class
    open source applications to protect networks and hosts using a unique
    multi-layered approach coupled with the security expertise and ongoing
    security vigilance provided by Guardian Digital.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-163.html
    
    --------------------------------------------------------------------
    
    Interview with Siem Korteweg: System Configuration Collector
    
    In this interview we learn how the System Configuration Collector (SCC)
    project began, how the software works, why Siem chose to make it open
    source, and information on future developments.
    
    http://www.linuxsecurity.com/feature_stories/feature_story-162.html
    
    --------------------------------------------------------------------
    
    >> Internet Productivity Suite:  Open Source Security <<
    
    Trust Internet Productivity Suite's open source architecture to give you
    the best security and productivity applications available. Collaborating
    with thousands of developers, Guardian Digital security engineers
    implement the most technologically advanced ideas and methods into their
    design.
    
    
    http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn10
    
    
    -->  Take advantage of the LinuxSecurity.com Quick Reference Card!
    -->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf
    
    +---------------------------------+
    |  Distribution: Conectiva        | ----------------------------//
    +---------------------------------+
    
     4/12/2004 - 'mod_python' DoS
    
    
       This update fixes a remote denial of service vulnerabiliy in
       Apache web-servers which have mod_python enabled.
       http://www.linuxsecurity.com/advisories/conectiva_advisory-4216.html
    
     4/13/2004 - 'squid' ACL bypass vulnerability
    
       This update fixes a vulnerability that allows a malicious user to
       bypass url_regex  ACLs by using a specially crafted URL.
       http://www.linuxsecurity.com/advisories/conectiva_advisory-4217.html
    
     4/14/2004 - apache
       Multiple vulnerabilities
    
       Patch corrects non-filtered escape sequences and a DoS attack.
       http://www.linuxsecurity.com/advisories/conectiva_advisory-4219.html
    
    
    
    +---------------------------------+
    |  Distribution: Debian           | ----------------------------//
    +---------------------------------+
    
     4/14/2004 - kernel
       Multiple vulnerabilities
    
       This is three advisories in one, each for the same group of kernel
       2.4.x vulnerabilities.  The first is for the PA-RISC architecture,
       the second for the IA-64 architecture, and the third for the
       PowerPC/apus and S/390 architectures.
       http://www.linuxsecurity.com/advisories/debian_advisory-4229.html
    
     4/14/2004 - mysql
       Insecure temporary file vulnerabilities
    
       Two scripts contained in the package don't create temporary files
       in a secure fashion, which could lead to a root exploit.
       http://www.linuxsecurity.com/advisories/debian_advisory-4230.html
    
     4/15/2004 - kernel
       2.4.18 Multiple vulnerabilities
    
       Here is a patch release specifically for kernel 2.4.18 on the i386
       architecture, fixing multiple kernel security issues, and fixing a
       build error from a previous patch to same.
       http://www.linuxsecurity.com/advisories/debian_advisory-4231.html
    
     4/15/2004 - xonix
       Privilege retention vulnerability
    
       A local attacker could exploit this vulnerability to gain gid
       "games".
       http://www.linuxsecurity.com/advisories/debian_advisory-4232.html
    
     4/15/2004 - ssmtp
       Format string vulnerability
    
       These vulnerabilities could potentially be exploited by a remote
       mail relay to gain the privileges of the ssmtp process (including
       potentially root).
       http://www.linuxsecurity.com/advisories/debian_advisory-4233.html
    
    
    
    +---------------------------------+
    |  Distribution: Fedora           | ----------------------------//
    +---------------------------------+
    
     4/14/2004 - kernel
       Multiple vulnerabilities
    
       This patch fixes a variety of buffer overflow and information leak
       vulnerabilities.
       http://www.linuxsecurity.com/advisories/fedora_advisory-4228.html
    
     4/15/2004 - kernel
       Corrected md4sums
    
       Something went wrong with the md5sums in yesterdays announcement.
       http://www.linuxsecurity.com/advisories/fedora_advisory-4234.html
    
     4/15/2004 - openoffice
       Multiple format string vulnerabilities
    
       This patch fixes vulnerabilities that may allow execution of
       arbitrary code, as well as other bugfixes.
       http://www.linuxsecurity.com/advisories/fedora_advisory-4238.html
    
     4/15/2004 - squid
       2.5 ACL escape vulnerability
    
       This is a backport of an older patch which prevented crafted URLs
       from being able to ignore Squid's ACLs.
       http://www.linuxsecurity.com/advisories/fedora_advisory-4239.html
    
    
    
    +---------------------------------+
    |  Distribution: FreeBSD          | ----------------------------//
    +---------------------------------+
    
     4/15/2004 - cvs
       Chroot escape vulnerability
    
       This patch fixes two cvs errors, one with the client and one with
       the server.  Both allow chroot escapes.
       http://www.linuxsecurity.com/advisories/freebsd_advisory-4240.html
    
    
    
    +---------------------------------+
    |  Distribution: Gentoo           | ----------------------------//
    +---------------------------------+
    
     4/9/2004 - Heimdal
       Cross-realm scripting vulnerability
    
       Heimdal contains cross-realm vulnerability allowing someone with
       control over a realm to impersonate anyone in the cross-realm
       trust path.
       http://www.linuxsecurity.com/advisories/gentoo_advisory-4211.html
    
     4/9/2004 - iproute
       Denial of service vulnerability
    
       The iproute package allows local users to cause a denial of
       service.
       http://www.linuxsecurity.com/advisories/gentoo_advisory-4212.html
    
     4/9/2004 - pwlib
       Multiple vulnerabilities
    
       Multiple vulnerabilites have been found in pwlib that may lead to
       a remote denial of service or buffer overflow attack.
       http://www.linuxsecurity.com/advisories/gentoo_advisory-4213.html
    
     4/9/2004 - Scorched
       3D Format string attack vulnerability
    
       Scorched 3D is vulnerable to a format string attack in the chat
       box that leads to Denial of Service on the game server and
       possibly allows execution of arbitrary code.
       http://www.linuxsecurity.com/advisories/gentoo_advisory-4214.html
    
     4/15/2004 - cvs
       Multiple vulnerabilities
    
       There are two vulnerabilities in CVS; one in the server and one in
       the client. These vulnerabilities allow the reading and writing of
       arbitrary files on both client and server.
       http://www.linuxsecurity.com/advisories/gentoo_advisory-4235.html
    
    
    
    +---------------------------------+
    |  Distribution: Mandrake         | ----------------------------//
    +---------------------------------+
    
     4/9/2004 - ipsec-tools Signature non-verification vulnerability
       Multiple vulnerabilities
    
       Racoon does not verify the RSA signature during phase one of a
       connection using either main or aggressive mode.  Only the
       certificate of the client is verified, the certificate is not used
       to verify the client's signature.
       http://www.linuxsecurity.com/advisories/mandrake_advisory-4215.html
    
     4/14/2004 - cvs
       Chroot escape vulnerability
    
       A maliciously configured server could then create any file with
       content on the local user's disk.
       http://www.linuxsecurity.com/advisories/mandrake_advisory-4226.html
    
     4/14/2004 - kernel
       Multiple vulnerabilities
    
       This patch fixes a large variety of kernel bugs, including an
       assortment of filesystem related vulnerabilities.
       http://www.linuxsecurity.com/advisories/mandrake_advisory-4227.html
    
     4/15/2004 - tcpdump
       Multiple vulnerabilities
    
       Corrects out of bounds read and DoS attack.
       http://www.linuxsecurity.com/advisories/mandrake_advisory-4236.html
    
    
    
    +---------------------------------+
    |  Distribution: Red Hat          | ----------------------------//
    +---------------------------------+
    
     4/14/2004 - cvs
       Chroot escape vulnerability
    
       Updated cvs packages that fix a client vulnerability that could be
       exploited by a malicious server are now available.
       http://www.linuxsecurity.com/advisories/redhat_advisory-4222.html
    
     4/14/2004 - cadaver
       Multiple format string vulnerabilities
    
       An updated cadaver package that fixes a vulnerability in neon
       exploitable by a malicious DAV server is now available.
       http://www.linuxsecurity.com/advisories/redhat_advisory-4223.html
    
     4/14/2004 - mailman
       Denial of service vulnerability
    
       An updated mailman package that closes a DoS vulnerability in
       mailman introduced by RHSA-2004:019 is now available.
       http://www.linuxsecurity.com/advisories/redhat_advisory-4224.html
    
     4/14/2004 - OpenOffice
       Multiple format string vulnerabilities
    
       An attacker could create a malicious WebDAV server in such a way
       as to allow arbitrary code execution on the client.
       http://www.linuxsecurity.com/advisories/redhat_advisory-4225.html
    
     4/15/2004 - subversion
       Multiple format string vulnerabilities
    
       An attacker could create a malicious WebDAV server in such a way
       as to allow arbitrary code execution on the client connecting via
       subserversion.
       http://www.linuxsecurity.com/advisories/redhat_advisory-4237.html
    
    
    
    +---------------------------------+
    |  Distribution: Suse             | ----------------------------//
    +---------------------------------+
    
     4/14/2004 - kernel
       Multiple vulnerabilities
    
       Two vulnerabilities, one involving symlink names and one involving
       the JFS filesystem, can both be used to gain root privileges.
       http://www.linuxsecurity.com/advisories/suse_advisory-4220.html
    
     4/14/2004 - cvs
       Chroot escape vulnerability
    
       Patches an ability for a rogue CVS server to remotely create
       arbitrary absolute-path files with the user's permission.
       http://www.linuxsecurity.com/advisories/suse_advisory-4221.html
    
    ------------------------------------------------------------------------
    Distributed by: Guardian Digital, Inc.                LinuxSecurity.com
    
         To unsubscribe email vuln-newsletter-request@private
             with "unsubscribe" in the subject of the message.
    ------------------------------------------------------------------------
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Mon Apr 19 2004 - 03:39:32 PDT