+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | October 29th, 2004 Volume 5, Number 43a | +---------------------------------------------------------------------+ Editors: Dave Wreski Benjamin D. Thomas dave@private ben@private Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for mozilla, zlib, kernel, glib2, MySQL, Gaim, MIT, Netatalk, socat, mpg123, rssh, xpdf, gpdf, cups, kdegraphics, squid, and libtiff. The distributors include Conectiva, Fedora, Gentoo, Mandrake, Red Hat, Slackware, and SuSE. ----- >> The Perfect Productivity Tools << WebMail, Groupware and LDAP Integration provide organizations with the ability to securely access corporate email from any computer, collaborate with co-workers and set-up comprehensive addressbooks to consistently keep employees organized and connected. http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn05 ----- Developing A Security Policy Create a simple, generic policy for your system that your users can readily understand and follow. It should protect the data you're safeguarding, as well as the privacy of the users. Some things to consider adding are who has access to the system (Can my friend use my account?), who's allowed to install software on the system, who owns what data, disaster recovery, and appropriate use of the system. A generally accepted security policy starts with the phrase: "That which is not expressly permitted is prohibited" This means that unless you grant access to a service for a user, that user shouldn't be using that service until you do grant access. Make sure the policies work on your regular user account, Saying, ``Ah, I can't figure this permissions problem out, I'll just do it as root'' can lead to security holes that are very obvious, and even ones that haven't been exploited yet. Additionally, there are several questions you will need to answer to successfully develop a security policy: What level of security do your users expect? How much is there to protect, and what is it worth? Can you afford the down-time of an intrusion? Should there be different levels of security for different groups? Do you trust your internal users? Have you found the balance between acceptable risk and secure? You should develop a plan on who to contact when there is a security problem that needs attention. There are quite a few documents available on developing a Site Security Policy. You can start with the SANS Security Policy Project. http://www.sans.org/resources/policies/ Excerpt from the LinuxSecurity Administrator's Guide: http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide.html Written by: Dave Wreski (dave@private) ------ --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Conectiva | ----------------------------// +---------------------------------+ 10/22/2004 - mozilla upstream fix This announcement updates mozilla packages for Conectiva Linux 9 and 10 to mozilla version 1.7.3. This updates fixes lots of vulnerabilities. http://www.linuxsecurity.com/advisories/conectiva_advisory-5004.html 10/25/2004 - zlib denial of service vulnerabilities fix Due to a Debian bug report[3], a denial of service vulnerability[4] was discovered in the zlib compression library versions 1.2.x, in the inflate() and inflateBack() functions. http://www.linuxsecurity.com/advisories/conectiva_advisory-5020.html 10/26/2004 - kernel vulnerabilities fix This announcement fixes a vulnerability in the Linux kernel which could allow a local attacker to obtain sensitive information due to an issue when handling 64-bit file offset pointers. http://www.linuxsecurity.com/advisories/conectiva_advisory-5024.html 10/27/2004 - foomatic-filters vulnerability vulnerabilities fix The foomatic-rip filter in foomatic-filters contains a vulnerability[2][3] caused by insufficient checking of command-line parameters and environment variables which may allow arbitrary remote command execution on the print server with the permissions of the spooler user ("lp"). http://www.linuxsecurity.com/advisories/conectiva_advisory-5029.html +---------------------------------+ | Distribution: Fedora | ----------------------------// +---------------------------------+ 10/26/2004 - cups-1.1.20-11.6 update vulnerabilities fix A problem with PDF handling was discovered by Chris Evans, and has been fixed. The Common Vulnerabilities and Exposures project (www.mitre.org) has assigned the name CAN-2004-0888 to this issue. http://www.linuxsecurity.com/advisories/fedora_advisory-5023.html 10/27/2004 - glib2 and gtk2 md5sums update The md5sums of the glib2-2.4.7-1.1 and gtk2-2.4.13-2.1 updates don't match the ones in the announcements I sent out. http://www.linuxsecurity.com/advisories/fedora_advisory-5026.html +---------------------------------+ | Distribution: Gentoo | ----------------------------// +---------------------------------+ 10/24/2004 - MySQL Multiple vulnerabilities Several vulnerabilities including privilege abuse, Denial of Service, and potentially remote arbitrary code execution have been discovered in MySQL. http://www.linuxsecurity.com/advisories/gentoo_advisory-5013.html 10/24/2004 - Gaim Multiple vulnerabilities Multiple vulnerabilities have been found in Gaim which could allow a remote attacker to crash the application, or possibly execute arbitrary code. http://www.linuxsecurity.com/advisories/gentoo_advisory-5014.html 10/25/2004 - MIT krb5 Insecure temporary file use in send-pr.sh The send-pr.sh script, included in the mit-krb5 package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility. http://www.linuxsecurity.com/advisories/gentoo_advisory-5016.html 10/25/2004 - Netatalk Insecure tempfile handling in etc2ps.sh The etc2ps.sh script, included in the Netatalk package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility. http://www.linuxsecurity.com/advisories/gentoo_advisory-5017.html 10/25/2004 - socat Format string vulnerability socat contains a format string vulnerability that can potentially lead to remote or local execution of arbitrary code with the privileges of the socat process. http://www.linuxsecurity.com/advisories/gentoo_advisory-5018.html 10/27/2004 - mpg123 Buffer overflow vulnerabilities Buffer overflow vulnerabilities have been found in mpg123 which could lead to execution of arbitrary code. http://www.linuxsecurity.com/advisories/gentoo_advisory-5025.html 10/27/2004 - rssh Format string vulnerability rssh is vulnerable to a format string vulnerability that allows arbitrary execution of code with the rights of the connected user, thereby bypassing rssh restrictions. http://www.linuxsecurity.com/advisories/gentoo_advisory-5027.html +---------------------------------+ | Distribution: Mandrake | ----------------------------// +---------------------------------+ 10/22/2004 - xpdf vulnerabilities fix Chris Evans discovered numerous vulnerabilities in the xpdf package which can result in DOS or possibly arbitrary code execution. http://www.linuxsecurity.com/advisories/mandrake_advisory-5000.html 10/22/2004 - gpdf DoS vulnerability fix Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as gpdf. http://www.linuxsecurity.com/advisories/mandrake_advisory-5001.html 10/22/2004 - cups DoS vulnerabilities fix Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code. http://www.linuxsecurity.com/advisories/mandrake_advisory-5002.html 10/22/2004 - kdegraphics DoS vulnerability fix Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as kpdf. http://www.linuxsecurity.com/advisories/mandrake_advisory-5003.html 10/22/2004 - squid SNMP processing vulnerability fix iDEFENSE discovered a Denial of Service vulnerability in squid version 2.5.STABLE6 and previous. The problem is due to an ASN1 parsing error where certain header length combinations can slip through the validations performed by the ASN1 parser, leading to the server assuming there is heap corruption or some other exceptional condition, and closing all current connections then restarting. http://www.linuxsecurity.com/advisories/mandrake_advisory-5007.html 10/22/2004 - gpdf DoS vulnerability fix Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code. http://www.linuxsecurity.com/advisories/mandrake_advisory-5008.html 10/22/2004 - kdegraphics DoS vulnerability fix Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code. http://www.linuxsecurity.com/advisories/mandrake_advisory-5009.html 10/22/2004 - CUPS DoS vulnerabilities fix Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code. http://www.linuxsecurity.com/advisories/mandrake_advisory-5010.html 10/22/2004 - xpdf vulnerabilities fix Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. http://www.linuxsecurity.com/advisories/mandrake_advisory-5011.html +---------------------------------+ | Distribution: Red Hat | ----------------------------// +---------------------------------+ 10/22/2004 - CUPS security issues fix Updated cups packages that fix denial of service issues, a security information leak, as well as other various bugs are now available. http://www.linuxsecurity.com/advisories/redhat_advisory-5005.html 10/22/2004 - libtiff update Updated libtiff packages that fix various buffer and integer overflows are now available. http://www.linuxsecurity.com/advisories/redhat_advisory-5006.html 10/27/2004 - mysql-server update update An updated mysql-server package that fixes various security issues is now available in the Red Hat Enterprise Linux 3 Extras channel of Red Hat Network. http://www.linuxsecurity.com/advisories/redhat_advisory-5030.html 10/27/2004 - xchat SOCKSv5 proxy security issue fix An updated xchat package that fixes a stack buffer overflow in the SOCKSv5 proxy code. http://www.linuxsecurity.com/advisories/redhat_advisory-5031.html 10/27/2004 - xpdf security flaws fix An updated xpdf package that fixes a number of integer overflow security flaws is now available. http://www.linuxsecurity.com/advisories/redhat_advisory-5032.html +---------------------------------+ | Distribution: Slackware | ----------------------------// +---------------------------------+ 10/22/2004 - Gaim buffer overflow A buffer overflow in the MSN protocol handler for GAIM 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and may allow the execution of arbitrary code. http://www.linuxsecurity.com/advisories/slackware_advisory-5015.html 10/26/2004 - apache, mod_ssl, php security issues fix buffer overflow New apache and mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix security issues. http://www.linuxsecurity.com/advisories/slackware_advisory-5021.html +---------------------------------+ | Distribution: Suse | ----------------------------// +---------------------------------+ 10/22/2004 - libtiff security vulnerability fix Chris Evans found several security related problems during an audit of the image handling library libtiff, some related to buffer overflows, some related to integer overflows and similar. http://www.linuxsecurity.com/advisories/suse_advisory-5012.html 10/26/2004 - xpdf, gpdf, kdegraphics3-pdf, pdftohtml, cups security vulnerability fix security vulnerability fix Chris Evans found several integer overflows and arithmetic errors. Additionally Sebastian Krahmer from the SuSE Security-Team found similar bugs in xpdf 3. http://www.linuxsecurity.com/advisories/suse_advisory-5019.html 10/26/2004 - xpdf, gpdf, kdegraphics3-pdf, pdftohtml, cups remote system compromise security vulnerability fix Chris Evans found several integer overflows and arithmetic errors. Additionally Sebastian Krahmer from the SuSE Security-Team found similar bugs in xpdf 3. http://www.linuxsecurity.com/advisories/suse_advisory-5022.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Mon Nov 01 2004 - 12:33:16 PST