[ISN] Linux Advisory Watch - August 5th 2005

From: InfoSec News (isn@private)
Date: Sun Aug 07 2005 - 22:02:39 PDT


+---------------------------------------------------------------------+
|  LinuxSecurity.com                             Weekly Newsletter    |
|  August 5th, 2005                           Volume 6, Number 32a    |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week.  It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for gaim, gopher, pdns, apt-
catcher, ethereal, im-sdk, selinux-policy-targeted, gamin, pam,
netpbm, mkinitrd, kde, arts, NetworkManager, labraw, ckermit,
httpd, gphoto, coreutils, iiimf, yum, gimp, redhead, zlib,
fetchmail, sandbox prsotext, proftpd, nbsmtp, dump, and
SquirrelMail.  The distributors include Debian, Fedora, Gentoo,
and Red Hat.

---

## Internet Productivity Suite: Open Source Security ##
Trust Internet Productivity Suite's open source architecture to
give you the best security and productivity applications available.
Collaborating with thousands of developers, Guardian Digital
security engineers implement the most technologically advanced
ideas and methods into their design.

Click to find out more!
http://store.guardiandigital.com/html/eng/products/software/ips_overview.shtml

---

Network Intrusion Prevention Systems . When They.re Valuable,
and When They.re Not: Part II

By: Daniel Miessler

The true benefit of network IPS lies in what it can do for companies
that can.t keep their systems patched. This may sound negative, but
it.s almost as if the request for NIPS technology is analogous to the
requestor admitting that they cannot stay on top of system
administration.

For anyone willing to make this admission, however, the benefits of
network IPS are quite significant. Consider a medium to large sized
company where upper management doesn.t see the need for additional
(see enough) systems and/or security administrators. (This shouldn.t
require much imagination, by the way).

In an environment like this, vulnerabilities are likely to go
unpatched for weeks, months, or even years . even in the Internet-
facing areas. Many things can lead to machines not getting patched
in these sorts of companies . developers claiming that the main
bread-winning app will break if the patches are applied, administrator
fear of being the cause of downtime, apathy, stupidity . take your
pick.

The point is, a strategically-placed network IPS . say in front of
the Internet-facing environment . can do something absolutely magical
for an systems/security staff -- it can buy them time. Consider a
site passing a ton of traffic into their DMZ via multiple protocols
to dozens or hundreds of machines, and let.s say several of the
applications being interfaced with have known vulnerabilities. If
the person in charge knows that they lack the ability to patch
all the vulnerable systems (inexcusable, I agree), then the NIPS
system can effectively serve as a multi-patch gateway.

If the NIPS product has a signature for 34 of the 42 exploits that
could potentially root 180 machines, then putting a network IPS at
the bottleneck becomes an alternative to 1. getting cracked, and
2. patching. Make no mistake, though . patching is the better
solution, but I recognize that there are sometimes circumstances
that prevent good admins from doing their jobs. There are also
situations where someone who knows the risks lacks the funding
to bring admins aboard that can help them keep their systems in
top shape. For either of these cases, network IPS seems like an
acceptable evil.


Read Entire Article:
http://www.linuxsecurity.com/content/view/119888/49/

----------------------

Linux File & Directory Permissions Mistakes

One common mistake Linux administrators make is having file and directory
permissions that are far too liberal and allow access beyond that which
is needed for proper system operations. A full explanation of unix file
permissions is beyond the scope of this article, so I'll assume you are
familiar with the usage of such tools as chmod, chown, and chgrp. If
you'd like a refresher, one is available right here on linuxsecurity.com.

http://www.linuxsecurity.com/content/view/119415/49/

---

Buffer Overflow Basics

A buffer overflow occurs when a program or process tries to store more
data in a temporary data storage area than it was intended to hold. Since
buffers are created to contain a finite amount of data, the extra
information can overflow into adjacent buffers, corrupting or overwriting
the valid data held in them.

http://www.linuxsecurity.com/content/view/119087/49/

---

Review: The Book of Postfix: State-of-the-Art Message Transport

I was very impressed with "The Book of Postfix" by authors Ralf
Hildebrandt and Pattrick Koetter and feel that it is an incredible
Postfix reference. It gives a great overall view of the operation
and management of Postfix in an extremely systematic and practical
format. It flows in a logical manner, is easy to follow and the
authors did a great job of explaining topics with attention paid
to real world applications and how to avoid many of the associated
pitfalls. I am happy to have this reference in my collection.

http://www.linuxsecurity.com/content/view/119027/49/


--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New gaim packages fix denial of service
  29th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119944


* Debian: New gopher packages fix insecure temporary file creation
  29th, July, 2005

Update package.

http://www.linuxsecurity.com/content/view/119954


* Debian: New pdns packages fix denial of service
  1st, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119988


* Debian: New apt-cacher package fixes arbitrary command execution
  3rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120011



+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

* Fedora Core 3 Update: ethereal-0.10.12-1.FC3.1
  28th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119939


* Fedora Core 3 Update: im-sdk-12.1-10.FC3.1
  28th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119940


* Fedora Core 4 Update: selinux-policy-targeted-1.25.3-6
  28th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119941


* Fedora Core 3 Update: gamin-0.1.1-3.FC3
  29th, July, 2005

This should fix the problem where monitoring desktop files works
initially but sometimes fails after a while. This is a safe update
from 0.1.1-1.FC3

http://www.linuxsecurity.com/content/view/119955


* Fedora Core 4 Update: gamin-0.1.1-3.FC4
  29th, July, 2005

This should fix the problem where monitoring desktop files works
initially but sometimes fails after a while. This is a safe update
from 0.1.1-1.FC4

http://www.linuxsecurity.com/content/view/119956


* Fedora Core 4 Update: pam-0.79-9.4
  29th, July, 2005

This update fixes a regression of pam_userdb against FC3 pam and
links to shared audit library as audit-libs-devel is now fixed.

http://www.linuxsecurity.com/content/view/119957


* Fedora Core 4 Update: netpbm-10.28-1.FC4.1
  29th, July, 2005

Update package.

http://www.linuxsecurity.com/content/view/119958


* Fedora Core 3 Update: netpbm-10.28-1.FC3.1
  29th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119959


* Fedora Core 4 Update: ethereal-0.10.12-1.FC4.1
  29th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119960


* Fedora Core 3 Update: mkinitrd-4.1.18.1-1
  29th, July, 2005

This update should fix the issue a number of people saw after the
recent kernel update where various modules would fail to load during
boot, making systems unbootable. After updating this package, remove,
and reinstall the recent kernel update, and the initrd will be
recreated correctly.

http://www.linuxsecurity.com/content/view/119961


* Fedora Core 4 Update: kdeaddons-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119963


* Fedora Core 4 Update: kdesdk-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119964


* Fedora Core 4 Update: kdepim-3.4.2-0.fc4.2
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119965


* Fedora Core 4 Update: kdemultimedia-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119966


* Fedora Core 4 Update: kdelibs-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119967


* Fedora Core 4 Update: kdewebdev-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119968


* Fedora Core 4 Update: kdebase-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119969


* Fedora Core 4 Update: kdevelop-3.2.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119970


* Fedora Core 4 Update: kdeutils-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119971


* Fedora Core 4 Update: kdenetwork-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119972


* Fedora Core 4 Update: kde-i18n-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119973


* Fedora Core 4 Update: kdegraphics-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119974


* Fedora Core 4 Update: kdegames-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119975


* Fedora Core 4 Update: kdeedu-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119976


* Fedora Core 4 Update: kdebindings-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119977


* Fedora Core 4 Update: kdeartwork-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119978


* Fedora Core 4 Update: kdeadmin-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119979


* Fedora Core 4 Update: kdeaccessibility-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119980


* Fedora Core 4 Update: arts-1.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119981


* Fedora Core 4 Update: NetworkManager-0.4-20.FC4.1
  29th, July, 2005

Network Manager passes logging messages straight to syslog as the
format string.

http://www.linuxsecurity.com/content/view/119982


* Fedora Core 4 Update: libraw1394-1.2.0-1.fc4
  31st, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119986


* Fedora Core 4 Update: selinux-policy-targeted-1.25.3-9
  1st, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119994


* Fedora Core 4 Update: ckermit-8.0.211-2.FC4
  1st, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119995


* Fedora Core 4 Update: httpd-2.0.54-10.1
  2nd, August, 2005

This update security fixes for CVE CAN-2005-2088 and CVE
CAN-2005-1268, along with some minor bug fixes.

http://www.linuxsecurity.com/content/view/120003


* Fedora Core 4 Update: kdegames-3.4.2-0.fc4.2
  2nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120004


* Fedora Core 3 Update: httpd-2.0.53-3.2
  2nd, August, 2005

This update includes version 2.0.53 of the Apache HTTP server, and
also adds security fixes for CVE CAN-2005-2088 and CVE CAN-2005-1268.

http://www.linuxsecurity.com/content/view/120005


* Fedora Core 4 Update: gphoto2-2.1.6-1.1
  2nd, August, 2005

Updated to new release.

http://www.linuxsecurity.com/content/view/120006


* Fedora Core 4 Update: coreutils-5.2.1-48.1
  2nd, August, 2005

This updated package fixes "who -r" and "who -b".

http://www.linuxsecurity.com/content/view/120007


* Fedora Core 4 Update: iiimf-12.2-4.fc4.2
  2nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120008


* Fedora Core 3 Update: yum-2.2.2-0.fc3
  2nd, August, 2005

This update fixes a few minor problems.

http://www.linuxsecurity.com/content/view/120010


* Fedora Core 3 Update: ethereal-0.10.12-1.FC3.2
  3rd, August, 2005

To reduce the risk of future vulnerabilities in Ethereal, the
ethereal and tethereal programs in this update have been compiled as
Position Independant Executables (PIE).

http://www.linuxsecurity.com/content/view/120018


* Fedora Core 4 Update: ethereal-0.10.12-1.FC4.2
  3rd, August, 2005

To reduce the risk of future vulnerabilities in Ethereal, the
ethereal and tethereal programs in this update have been compiled as
Position Independant Executables (PIE).

http://www.linuxsecurity.com/content/view/120019


* Fedora Core 3 Update: gimp-2.2.8-0.fc3.2
  3rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120020


* Fedora Core 4 Update: gimp-2.2.8-0.fc4.2
  3rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120021


* Fedora Core 4 Update: readahead-1.1-1.16_FC4
  3rd, August, 2005

This update should fix a inverted case where readahead would be
triggered on boxes that have less than 384MB of memory, and would not
occur if the box had more than 384MB of memory.

http://www.linuxsecurity.com/content/view/120023




+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

* Gentoo: Ethereal Multiple vulnerabilities
  28th, July, 2005

Ethereal is vulnerable to numerous vulnerabilities potentially
resulting in the execution of arbitrary code or abnormal termination.

http://www.linuxsecurity.com/content/view/119934


* Gentoo: Shorewall Security policy bypass
  29th, July, 2005

A vulnerability in Shorewall allows clients authenticated by MAC
address filtering to bypass all other security rules.

http://www.linuxsecurity.com/content/view/119945


* Gentoo: zlib Buffer overflow
  29th, July, 2005

zlib is vulnerable to a buffer overflow which could potentially lead
to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119946


* Gentoo: fetchmail Buffer Overflow
  29th, July, 2005

fetchmail is susceptible to a buffer overflow resulting in a Denial
of Service or arbitrary code execution.

http://www.linuxsecurity.com/content/view/119947


* Gentoo: Kopete Vulnerability in included Gadu library
  29th, July, 2005

Kopete is vulnerable to several input validation vulnerabilities
which may lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119948


* Gentoo: Mozilla Suite Multiple vulnerabilities
  29th, July, 2005

Several vulnerabilities in the Mozilla Suite allow attacks ranging
from the execution of javascript code with elevated privileges to
inormation leakage.

http://www.linuxsecurity.com/content/view/119949


* Gentoo: Clam AntiVirus Integer overflows
  29th, July, 2005

Clam AntiVirus is vulnerable to integer overflows when handling
several file formats, potentially resulting in the execution of
arbitrary code.

http://www.linuxsecurity.com/content/view/119950


* Gentoo: sandbox Insecure temporary file handling
  29th, July, 2005

The sandbox utility may create temporary files in an insecure manner.

http://www.linuxsecurity.com/content/view/119951


* Gentoo: AMD64 x86 emulation base libraries Buffer overflow
  30th, July, 2005

The x86 emulation base libraries for AMD64 contain a vulnerable
version of zlib which could potentially lead to execution of
arbitrary code.

http://www.linuxsecurity.com/content/view/119983


* Gentoo: pstotext Remote execution of arbitrary code
  31st, July, 2005

pstotext contains a vulnerability which can potentially result in the
execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119984


* Gentoo: Compress:Zlib: Buffer overflow
  1st, August, 2005

Compress::Zlib is vulnerable to a buffer overflow which could
potentially lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119987


* Gentoo: ProFTPD Format string vulnerabilities
  1st, August, 2005

Under specific circumstances, ProFTPD is vulnerable to format string
vulnerabilities, potentially resulting in the execution of arbitrary
code.

http://www.linuxsecurity.com/content/view/119996


* Gentoo: ProFTPD Format string vulnerabilities
  1st, August, 2005

Under specific circumstances, ProFTPD is vulnerable to format string
vulnerabilities, potentially resulting in the execution of arbitrary
code.

http://www.linuxsecurity.com/content/view/119997


* Gentoo: nbSMTP Format string vulnerability
  2nd, August, 2005

nbSMTP is vulnerable to a format string vulnerability which may
result in remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120002



+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Low: dump security update
  3rd, August, 2005

Updated dump packages that address two security issues are now
available for Red Hat Enterprise Linux 2.1. This update has been
rated as having low security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/120016


* RedHat: Moderate: SquirrelMail security update
  3rd, August, 2005

An updated squirrelmail package that fixes two security issues is now
available. This update has been rated as having moderate security
impact by the Red Hat Security Response T am.

http://www.linuxsecurity.com/content/view/120017

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



_________________________________________
Attend ToorCon 
Sept 16-18th, 2005
Convention Center
San Diego, California
www.toorcon.org 



This archive was generated by hypermail 2.1.3 : Sun Aug 07 2005 - 22:20:55 PDT