[ISN] Linux Advisory Watch - May 6th 2005

From: InfoSec News (isn@private)
Date: Fri May 06 2005 - 06:18:41 PDT


+---------------------------------------------------------------------+
|  LinuxSecurity.com                             Weekly Newsletter    |
|  May 6th, 2005                              Volume 6, Number 18a    |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week.  It includes pointers to updated packages and descriptions of
each vulnerability.

This week, perhaps the most interesting articles include ethereal,
prozilla, smartlist, kdewebdev, wireless-tools, gimp, bootparamd,
tcpdump, kdelibs, vte, php, words, util-linux, lapack, gnuutils,
and glibc.  The distributors include Conectiva, Debian, Fedora,
Gentoo, and Red Hat.

---

## Internet Productivity Suite: Open Source Security ##

Trust Internet Productivity Suite's open source architecture to
give you the best security and productivity applications available.
Collaborating with thousands of developers, Guardian Digital
security engineers implement the most technologically advanced
ideas and methods into their design.

Click to find out more!
http://store.guardiandigital.com/html/eng/products/software/ips_overview.shtml

---

Review: The Book of Postfix: State-of-the-Art Message Transport
By: Pete O'Hara

I was very impressed with "The Book of Postfix" by authors Ralf
Hildebrandt and Patrick Koetter and feel that it is an incredible
Postfix reference. It gives a great overall view of the operation
and management of Postfix in an extremely systematic and practical
format. It flows in a logical manner, is easy to follow and the
authors did a great job of explaining topics with attention paid
to real world applications and how to avoid many of the associated
pitfalls. I am happy to have this reference in my collection.

The authors have taken the time to clearly answer the key
questions that are of real practical value. There is no excessive
or superflous material here that, although may good to know, won't
divert attention from the topic of configuring a solid MTA. The
book is very well focused and the authors' hard work is obvious.
There are sections where someone else may have left good enough
alone but they went the extra mile to make sure that this book
answered the important questions fully.

"The Book of Postfix" starts with "A Postmaster's Primer To Email"
and continues through all of the key topics in a sensible progression
so that even if you are fairly new to administering email you are
taught in a sequential manner that promotes understanding. The
comprehensive list of topics encompasses single and multiple
domain servers, dial-ups, SMTP restrictions, internal and external
content filters, mail gateways, SMTP proxy, SMTP authentication,
SASL, LDAP, SQL integration, Transport Layer Security, chroots,
rate limiting, performance tuning, and trouble shooting. It
covers a good amount of ground.

The numerous "NOTE" and "CAUTION" sections provide great additional
detail to real world scenarious that I found extremely relevant and
useful. For each topic there is also an invaluable "TESTING"
section so that you can verify for yourself that you are in fact
getting the expected behavior. The imperative topic of security
is always kept in mind in the confugrations and the accompanying
diagrams and flow charts do an excellent job of enhancing the text
and providing extra clarity.

Read complete review:
http://www.linuxsecurity.com/content/view/119027/49/

----------------------

Measuring Security IT Success

In a time where budgets are constrained and Internet threats are
on the rise, it is important for organizations to invest in network
security applications that will not only provide them with powerful
functionality but also a rapid return on investment.

In most organizations IT success is generally calculated through
effectiveness, resource usage and, most importantly, how quickly the
investment can be returned. To correctly quantify the ROI of
information technology, organizations usually measure cost savings
and increased profits since the initial implementation. Additionally,
ROI can also be affected based on the overall impact the investment
has on employee productivity and overall work environment of the company.

http://www.linuxsecurity.com/content/view/118817/49/

---

Getting to Know Linux Security: File Permissions

Welcome to the first tutorial in the 'Getting to Know Linux Security'
series.  The topic explored is Linux file permissions.  It offers an
easy to follow explanation of how to read permissions, and how to set
them using chmod.  This guide is intended for users new to Linux
security, therefore very simple.  If the feedback is good, I'll
consider creating more complex guides for advanced users.  Please
let us know what you think and how these can be improved.

Click to view video demo:
http://www.linuxsecurity.com/content/view/118181/49/

---

The Tao of Network Security Monitoring: Beyond Intrusion Detection

To be honest, this was one of the best books that I've read on network
security. Others books often dive so deeply into technical discussions,
they fail to provide any relevance to network engineers/administrators
working in a corporate environment. Budgets, deadlines, and flexibility
are issues that we must all address. The Tao of Network Security
Monitoring is presented in such a way that all of these are still
relevant. One of the greatest virtues of this book is that is offers
real-life technical examples, while backing them up with relevant case
studies.

http://www.linuxsecurity.com/content/view/118106/49/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Conectiva        | ----------------------------//
+---------------------------------+

* Conectiva: kernel Kernel update
  2nd, May, 2005

The Linux kernel is responsible for handling the basic functions of
the GNU/Linux operating system.

http://www.linuxsecurity.com/content/view/119036


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New ethereal packages fix buffer overflow
  28th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119006


* Debian: New prozilla packages fix arbitrary code execution
  28th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119007


* Debian: New ethereal packages fix buffer overflow
  28th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119009


* Debian: New smartlist packages fix unauthorised un/subscription
  3rd, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119045


+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

* Fedora Core 3 Update: kdewebdev-3.3.1-2.1
  28th, April, 2005

Updated package

http://www.linuxsecurity.com/content/view/119013


* Fedora Core 3 Update: wireless-tools-27-2.2.0.fc3
  28th, April, 2005

Fix iwlist command for devices that need more time to scan
all their channels (ie Atheros 5212abg cards)

http://www.linuxsecurity.com/content/view/119016


* Fedora Core 3 Update: spamassassin-3.0.3-3.fc3
  29th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119020


* Fedora Core 3 Update: gimp-2.2.6-0.fc3.2
  30th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119025


* Fedora Core 3 Update: bootparamd-0.17-19.FC3
  2nd, May, 2005

Updated package

http://www.linuxsecurity.com/content/view/119032


* Fedora Core 3 Update: tcpdump-3.8.2-8.FC3
  2nd, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119033


* Fedora Core 3 Update: kdelibs-3.3.1-2.12.FC3
  2nd, May, 2005

A buffer overflow was found in the kimgio library for KDE 3.3.1. An
attacker could create a carefully crafted PCX image in such a way
that it would cause kimgio to execute arbitrary code when processing
the image.

http://www.linuxsecurity.com/content/view/119034


* Fedora Core 3 Update: vte-0.11.13-1.fc3
  2nd, May, 2005

A whole bunch of upstream fixes for speed, rendering glitches
and memory use reduction.

http://www.linuxsecurity.com/content/view/119037


* Fedora Core 3 Update: perl-5.8.5-12.FC3
  2nd, May, 2005

Security and packaging fixes.

http://www.linuxsecurity.com/content/view/119038


* Fedora Core 3 Update: php-4.3.11-2.5
  3rd, May, 2005

This update fixes a compatibility issue between the PHP "snmp"
extension (in the php-snmp package) and the recent upgrade of
the net-snmp library=20 to version 5.2.1

http://www.linuxsecurity.com/content/view/119044


* Fedora Core 3 Update: policycoreutils-1.18.1-2.12
  3rd, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119046


* Fedora Core 3 Update: words-3.0-2.3
  4th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119052


* Fedora Core 3 Update: util-linux-2.12a-24.1
  4th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119053


* Fedora Core 3 Update: system-config-bind-4.0.0-11
  4th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119054


* Fedora Core 3 Update: dhcp-3.0.1-42_FC3
  4th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119055


* Fedora Core 3 Update: lapack-3.0-26.fc3
  5th, May, 2005

This update fixes problems in some lapack libraries (problems with
compiler optimalization). This version contains all patches present
in fc4 lapack version.

http://www.linuxsecurity.com/content/view/119060


* Fedora Core 3 Update: system-config-bind-4.0.0-12
  5th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119061


* Fedora Core 3 Update: gnutls-1.0.20-3.1.1
  5th, May, 2005

New gnutls version fixes CAN-2005-1431 problem (possible DOS attack)

http://www.linuxsecurity.com/content/view/119062


+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

* Gentoo: Heimdal Buffer overflow vulnerabilities
  28th, April, 2005

Buffer overflow vulnerabilities have been found in the telnet client
in Heimdal which could lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119008


* Gentoo: Pound Buffer overflow vulnerability
  30th, April, 2005

Pound is vulnerable to a buffer overflow that could lead to the
remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119022


* Gentoo: eGroupWare XSS and SQL injection vulnerabilities
  30th, April, 2005

eGroupWare is affected by several SQL injection and cross-site
scripting (XSS) vulnerabilities.

http://www.linuxsecurity.com/content/view/119023


* Gentoo: phpMyAdmin Insecure SQL script installation
  30th, April, 2005

phpMyAdmin leaves the SQL install script with insecure permissions,
potentially leading to a database compromise.

http://www.linuxsecurity.com/content/view/119024


* Gentoo: Horde Framework Multiple XSS vulnerabilities
  1st, May, 2005

Various modules of the Horde Framework are vulnerable to multiple
cross-site scripting (XSS) vulnerabilities.

http://www.linuxsecurity.com/content/view/119026


* Gentoo: Oops! Remote code execution
  5th, May, 2005

The Oops! proxy server contains a remotely exploitable format string
vulnerability, which could potentially lead to the execution of
arbitrary code.

http://www.linuxsecurity.com/content/view/119063


+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Low: glibc security update
  28th, April, 2005

Updated glibc packages that address several bugs are now available.
This update has been rated as having low security impact by the Red
Hat

http://www.linuxsecurity.com/content/view/119010


* RedHat: Important: kernel security update
  28th, April, 2005

Updated kernel packages are now available as part of ongoing support
and maintenance of Red Hat Enterprise Linux version 2.1. This is the
seventh regular update. This security advisory has been rated as having
important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119011


* RedHat: Important: kernel security update
  28th, April, 2005

Updated kernel packages are now available as part of ongoing support
and maintenance of Red Hat Enterprise Linux version 2.1 for 64-bit
architectures. This is the seventh regular update.
This security advisory has been rated as having important security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119012


* RedHat: Important: Mozilla security update
  28th, April, 2005

Updated Mozilla packages that fix various security bugs are now
available. This update has been rated as having Important security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119014


* RedHat: Moderate: PHP security update
  28th, April, 2005

Updated PHP packages that fix various security issues are now
available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119015


* RedHat: Low: nasm security update
  4th, May, 2005

An updated nasm package that fixes multiple security issues is now
available. This update has been rated as having low security impact
by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119049


* RedHat: Moderate: evolution security update
  4th, May, 2005

Updated evolution packages that fix various security issues are now
available. This update has been rated as having moderate security
impact by theRed Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119050


* RedHat: Moderate: PHP security update
  4th, May, 2005

Updated PHP packages that fix various security issues are now
available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119051

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



_________________________________________
InfoSec News v2.0 - Coming Soon!
http://www.infosecnews.org



This archive was generated by hypermail 2.1.3 : Fri May 06 2005 - 13:37:14 PDT