[ISN] Linux Advisory Watch - December 2nd

From: InfoSec News (isn@private)
Date: Mon Dec 05 2005 - 01:08:13 PST


+---------------------------------------------------------------------+
|  LinuxSecurity.com                             Weekly Newsletter    |
|  December 2nd, 2005                         Volume 6, Number 49a    |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week.  It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for zope, gtk, certericq,
gdk-pixbuf, horde2, inkscape, chmlib, fuse, netpbm, and the kernel.
The distributors include Debian, Gentoo, and Mandriva.

----

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.

http://www.msia.norwich.edu/linsec

----

Hacks From Pax: SELinux Policy Development

Hi, and welcome to the final entry in my series of articles on
SELinux. My last three articles have provided an overview and history
of SELinux, discussed how SELinux makes access decisions, and
explained how to administer an SELinux system. Today we'll build on
the SELinux knowledge we've gained and learn how to perform basic
customization of our system's security policy.

Customizing your system's SELinux policy can be necessary when
running an application your policy is unaware of. Particularly,
web based applications might need customization of Apache policy
in order to run properly.

Setting Up a Policy Development Environment

For the purposes of this article, I'll assume you have a server
running EnGarde Secure Community 3.0 (a free downloadable ISO
image is available). Engarde Secure Linux is a good base for
learning SELinux policy since it is a server system only, which
allows for a policy that is easier to understand than distributions
such as Fedora which include many policy modules for X11 and other
desktop applications.

First, log in as root and transition to the sysadm_r role. Generally
policy development is best done with SELinux in permissive mode,
so use the setenforce command to set the proper mode. Be sure your
system is upgraded to the latest release by issuing the apt-get
update command, and then install the necessary policy development
packages by entering apt-get install make m4 gcc python engarde-
policy-sources. Other packages may be installed due to
dependencies.

Compiling Policy

Once this is done, you should change to the policy sources
directory which is /etc/selinux/engarde/src/policy/. The main part
of the policy sources is the policy/modules directory, which
contains directories that contain your actual policy source modules
for all services and applications constrained by SELinux.

The first time you compile a policy, you must make the
configuration files by typing make conf in the main policy
directory. This creates the modules.conf and policy.conf files.
Now you can compile the policy by entering make policy. This gathers
all the modules and compiles them into a binary policy that is
directly used by SELinux.

The next step is to install the newly compiled policy by issuing the
make install command. Next, you must reload the policy by typing make
reload. If you have changed file specifications, you also need to
relabel based on the new policy, this is done by typing make relabel.
Finally, return to enforcing mode using the setenforce command.

One way to speed up this process is to issue all of the compilation
commands in a single command line, as shown below.

# setenforce 0 && make policy install reload relabel reload &&
  setenforce 1

Read Entire Aricle:
http://www.linuxsecurity.com/content/view/120837/49/

----------------------

Linux File & Directory Permissions Mistakes

One common mistake Linux administrators make is having file and
directory permissions that are far too liberal and allow access
beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this
article, so I'll assume you are familiar with the usage of such
tools as chmod, chown, and chgrp. If you'd like a refresher, one
is available right here on linuxsecurity.com.

http://www.linuxsecurity.com/content/view/119415/49/

---

Buffer Overflow Basics

A buffer overflow occurs when a program or process tries to
store more data in a temporary data storage area than it was
intended to hold. Since buffers are created to contain a finite
amount of data, the extra information can overflow into adjacent
buffers, corrupting or overwriting the valid data held in them.

http://www.linuxsecurity.com/content/view/119087/49/

---

Review: The Book of Postfix: State-of-the-Art Message Transport

I was very impressed with "The Book of Postfix" by authors Ralf
Hildebrandt and Pattrick Koetter and feel that it is an incredible
Postfix reference. It gives a great overall view of the operation
and management of Postfix in an extremely systematic and practical
format. It flows in a logical manner, is easy to follow and the
authors did a great job of explaining topics with attention paid
to real world applications and how to avoid many of the associated
pitfalls. I am happy to have this reference in my collection.

http://www.linuxsecurity.com/content/view/119027/49/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New zope2.7 packages fix arbitrary file inclusion
  24th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120884


* Debian: New gtk+2.0 packages fix several vulnerabilities
  29th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120908


* Debian: New centericq packages fix denial of service
  30th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120909


* Debian: New gdk-pixbuf packages fix several vulnerabilities
  1st, December, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120917


* Debian: New horde2 packages fix cross-site scripting
  1st, December, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120918



+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

* Gentoo: Macromedia Flash Player Remote arbitrary code
  25th, November, 2005

A vulnerability has been identified that allows arbitrary code
execution on a user's system via the handling of malicious SWF files.

http://www.linuxsecurity.com/content/view/120893


* Gentoo: Inkscape Buffer overflow
  28th, November, 2005

A vulnerability has been identified that allows a specially crafted
SVG file to exploit a buffer overflow and potentially execute
arbitrary code when opened.

http://www.linuxsecurity.com/content/view/120900


* Gentoo: chmlib, KchmViewer Stack-based buffer overflow
  28th, November, 2005

chmlib and KchmViewer contain a buffer overflow vulnerability which
may lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120901


* Gentoo: chmlib, KchmViewer Stack-based buffer overflow
  28th, November, 2005

chmlib and KchmViewer contain a buffer overflow vulnerability which
may lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120903



+---------------------------------+
|  Distribution: Mandriva         | ----------------------------//
+---------------------------------+

* Mandriva: Updated fuse packages fix vulnerability
  24th, November, 2005

Thomas Beige found that fusermount failed to securely handle special
characters specified in mount points, which could allow a local
attacker to corrupt the contents of /etc/mtab by mounting over a
maliciously-named directory using fusermount.

http://www.linuxsecurity.com/content/view/120891


* Mandriva: Updated netpbm packages fix pnmtopng vulnerabilities
  30th, November, 2005

Greg Roelofs discovered and fixed several buffer overflows in
pnmtopng which is also included in netpbm, a collection of graphic
conversion utilities, that can lead to the execution of  arbitrary
code via a specially crafted PNM file.


http://www.linuxsecurity.com/content/view/120913


* Mandriva: Updated kernel packages fix numerous vulnerabilities
  30th, November, 2005

Updated package.



http://www.linuxsecurity.com/content/view/120914


* Mandriva: Updated kernel packages fix numerous vulnerabilities
  30th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120915


* Mandriva: Updated kernel packages fix numerous vulnerabilities
  30th, November, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120916


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.



This archive was generated by hypermail 2.1.3 : Mon Dec 05 2005 - 01:35:06 PST