[ISN] Linux Advisory Watch - March 31st 2006

From: InfoSec News (isn@private)
Date: Mon Apr 03 2006 - 01:24:26 PDT


+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  March 31st, 2006                           Volume 7, Number 14n    |
|                                                                     |
|  Editorial Team:  Dave Wreski             dave@private    |
|                   Benjamin D. Thomas      ben@private     |
+---------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week advisories were released for firebird2, sendmail, evolution,
kpdf, flex, netpbm-free, file, man, db4, gok, gedit, epiphany,
gnome-power-manager, pyoribit, totem, libglade, gnome-icon-theme,
shared-mime-info, libxklavier, gstreamer, cpio, squirrelmail,
glibc, mtr, tix, xterm, perl, rpm, scim, mrtg, wpa, samba,
bsd-games, mailman, and freeradius.  The distributors include
Debian, Fedora, Gentoo, Mandriva, Red Hat, and SuSE.

---

EnGarde Secure Linux: Why not give it a try?

EnGarde Secure Linux is a Linux server distribution that is geared
toward providing a open source platform that is highly secure by default
as well as easy to administer. EnGarde Secure Linux includes a select
group of open source packages configured to provide maximum security
for tasks such as serving dynamic websites, high availability mail
transport, network intrusion detection, and more. The Community
edition of EnGarde Secure Linux is completely free and open source,
and online security and application updates are also freely
available with GDSN registration.

http://www.engardelinux.org/modules/index/register.cgi

---

Linux Command Reference Manual: Linux File Formats
By: Suhas Desai

Linux File Formats

/etc/crontab

The syntax of each line in this file is: minute, hour, day of
month, Month, day of week, (user name), command

/etc/fstab

Columns are: device file to mount, directory to mount on,
filesystem type, options, backup frequency, and fsck pass number
(To specify the order in which filesystems should be checked on
boot; 0 means no check.) The noauto option stops this mount from
being done automatically on boot.

/etc/hosts

Sets up host address information for local use. The format is:
IPaddress name1 name2.

/etc/inittab

Sets the init configuration. An entry in the inittab file has
the following format: id: runlevels: action: process

/etc/passwd

The file has one line per username, and is divided into seven
colonde limited fields:

 1. Username.
 2. Password, in an encrypted form.
 3. Numeric user id.
 4. Numeric group id.
 5. Full name or other description of account.
    This is called gecos.
 6. The user's home directory.
 7. The user's login shell (program to run at login).

/usr/X11R6/lib/X11/XF86Config

The main XFree86 configuration file.


Read Full Paper
http://www.linuxsecurity.com/images/stories/commandref.pdf

----------------------

EnGarde Secure Community 3.0.4 Released

Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.4 (Version 3.0, Release 4). This release
includes several bug fixes and feature enhancements to the Guardian
Digital WebTool and the SELinux policy, and several new packages
available for installation.

http://www.linuxsecurity.com/content/view/121560/65/

---

Linux File & Directory Permissions Mistakes

One common mistake Linux administrators make is having file and
directory permissions that are far too liberal and allow access
beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this
article, so I'll assume you are familiar with the usage of such
tools as chmod, chown, and chgrp. If you'd like a refresher, one
is available right here on linuxsecurity.com.

http://www.linuxsecurity.com/content/view/119415/49/

---

Buffer Overflow Basics

A buffer overflow occurs when a program or process tries to
store more data in a temporary data storage area than it was
intended to hold. Since buffers are created to contain a finite
amount of data, the extra information can overflow into adjacent
buffers, corrupting or overwriting the valid data held in them.

http://www.linuxsecurity.com/content/view/119087/49/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New firebird2 packages fix denial of service
  23rd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122058


* Debian: New sendmail packages fix arbitrary code execution
  23rd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122059


* Debian: New evolution packages fix arbitrary code execution
  23rd, March, 2006

Ulf Hrnhammar discovered several format string vulnerabilities in
Evolution, a free groupware suite, that could lead to crashes of the
application or the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122065


* Debian: New Linux kernel 2.6.8 packages fix several vulnerabilities
  23rd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122073


* Debian: New kpdf packages fix several vulnerabilities
  24th, March, 2006

Derek Noonburg has fixed several potential vulnerabilities in xpdf,
the Portable Document Format (PDF) suite, which is also present in
koffice, the KDE Office Suite.

http://www.linuxsecurity.com/content/view/122078


* Debian: New Linux kernel 2.4.27 packages fix several
vulnerabilities
  24th, March, 2006


Several local and remote vulnerabilities have been discovered in the
Linux kernel that may lead to a denial of service or the execution of
arbitrary code.

http://www.linuxsecurity.com/content/view/122079


* Debian: New flex packages fix insecure code generation
  27th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122126


* Debian: New netpbm-free packages fix arbitrary command execution
  28th, March, 2006

Max Vozeler from the Debian Audit Project discovered that pstopnm, a
converter from Postscript to the PBM, PGM and PNM formats, launches
Ghostscript in an insecure manner, which might lead to the execution
of arbitrary shell commands, when converting specially crafted
Postscript
files.

http://www.linuxsecurity.com/content/view/122131


+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

* Fedora Core 5 Update: file-4.17-2.fc5
  23rd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122071


* Fedora Core 5 Update: man-1.6c-2.fc5
  24th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122089


* Fedora Core 5 Update: db4-4.3.29-3.fc5
  24th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122090


* Fedora Core 5 Update: gok-1.0.7-1
  24th, March, 2006

A new gok package has been built that fixes several bugs, and adds
support for the zh_HK language.

http://www.linuxsecurity.com/content/view/122091


* Fedora Core 5 Update: gedit-2.14.1-1
  24th, March, 2006

A new version of the gedit package has been built that fixes a
problem with tab drag-and-drop when multiple gedit windows are open.

http://www.linuxsecurity.com/content/view/122092


* Fedora Core 5 Update: epiphany-2.14.0-1
  24th, March, 2006

A new epiphany package has been built that brings the epipany version
in Fedora Core 5 in sync with the version thats shipped with Gnome
2.14.

http://www.linuxsecurity.com/content/view/122093


* Fedora Core 5 Update: evolution-connector-2.6.0-1
  24th, March, 2006

A new evolution-connector package has been built that brings the
version in Fedora Core 5 in sync with the version thats shipped with
Gnome 2.14.

http://www.linuxsecurity.com/content/view/122094


* Fedora Core 5 Update: evolution-data-server-1.6.0-1
  24th, March, 2006

A new evolution-data-server package has been built that brings the
version in Fedora Core 5 in sync with the version thats shipped with
Gnome 2.14.

http://www.linuxsecurity.com/content/view/122095


* Fedora Core 5 Update: gnome-power-manager-2.14.0-1
  24th, March, 2006

A new gnome-power-manager package has been built that brings the
version in Fedora Core 5 in sync with the version that was released
for Gnome 2.14.

http://www.linuxsecurity.com/content/view/122096


* Fedora Core 5 Update: pyorbit-2.14.0-1
  24th, March, 2006

A new pyorbit package has been built that brings the version in
Fedora Core 5 in sync with the version thats shipped with Gnome 2.14.

http://www.linuxsecurity.com/content/view/122097


* Fedora Core 5 Update: totem-1.4.0-2
  24th, March, 2006

A new totem package has been built that brings the version in Fedora
Core 5 in sync with the version thats shipped with Gnome 2.14.

http://www.linuxsecurity.com/content/view/122098


* Fedora Core 5 Update: libglade2-2.5.1-4.fc5.1
  24th, March, 2006

A new libglade package has been released that fixes a problem when
setting the "invisible" character (in password entries) to a
non-ASCII character.

http://www.linuxsecurity.com/content/view/122099


* Fedora Core 5 Update: gnome-icon-theme-2.14.2-1.fc5.1
  24th, March, 2006

An updated gnome-icon-theme package fixes a problem where files with
mimetype application/xml would not get the right icon.

http://www.linuxsecurity.com/content/view/122100


* Fedora Core 5 Update: shared-mime-info-0.17-1.fc5.1
  24th, March, 2006

A new version of the shared-mime-info package has been released that
fixes several bugs.

http://www.linuxsecurity.com/content/view/122101


* Fedora Core 5 Update: libxklavier-2.2-1
  24th, March, 2006

A new libxklavier package has been built that brings the version in
Fedora Core 5 in sync with the version that shipped with Gnome 2.14.

http://www.linuxsecurity.com/content/view/122102


* Fedora Core 5 Update: gnome-vfs2-2.14.0-2
  24th, March, 2006

A new version of the gnome-vfs2 package fixes a packaging error.

http://www.linuxsecurity.com/content/view/122103


* Fedora Core 5 Update: gstreamer-plugins-base-0.10.5-1
  24th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122104


* Fedora Core 5 Update: gstreamer-0.10.4-1
  24th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122105


* Fedora Core 5 Update: cpio-2.6-15.FC5
  27th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122113


* Fedora Core 4 Update: squirrelmail-1.4.6-4.fc4
  27th, March, 2006

This update fixes Bug #185767 where we broke Japanese mail sending in
our previous update. (I would really appreciate it if Chinese and
Korean users would test this and report if it works properly for
incoming and outgoing mail.)

http://www.linuxsecurity.com/content/view/122114


* Fedora Core 5 Update: squirrelmail-1.4.6-4.fc5
  27th, March, 2006

This update fixes Bug #185767 where we broke Japanese mail sending in
our previous update. (I would really appreciate it if Chinese and
Korean users would test this and report if it works properly for
incoming and outgoing mail.)

http://www.linuxsecurity.com/content/view/122115


* Fedora Core 4 Update: glibc-2.3.6-3
  27th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122116


* Fedora Core 5 Update: mtr-0.71-0.FC5.1
  27th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122117


* Fedora Core 4 Update: mtr-0.71-0.FC4.1
  27th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122118


* Fedora Core 5 Update: tix-8.4.0-4
  27th, March, 2006

The tix-8.4.0-3.1 package that shipped with Fedora Core 5 had
libTix8.4.so in the wrong directory.  The tix-8.4.0-4 package
corrects this problem.	The 'package require Tix' command now works
as it should.

http://www.linuxsecurity.com/content/view/122119


* Fedora Core 5 Update: xterm-211-1.FC5
  27th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122121


* Fedora Core 4 Update: perl-5.8.6-24
  27th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122122


* Fedora Core 4 Update: kernel-2.6.16-1.2069_FC4
  30th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122170


* Fedora Core 4 Update: rpm-4.4.1-23
  30th, March, 2006

This update fixes an issue with a double free experienced in
verification with matchpathcon.

http://www.linuxsecurity.com/content/view/122171


* Fedora Core 5 Update: scim-hangul-0.2.2-1.fc5
  30th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122172


* Fedora Core 5 Update: scim-anthy-1.0.0-1.fc5
  30th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122173


* Fedora Core 5 Update: mrtg-2.13.2-0.fc5.1
  30th, March, 2006

Fixes the RouterUptime option.

http://www.linuxsecurity.com/content/view/122174


* Fedora Core 5 Update: wpa_supplicant-0.4.8-6.fc5
  30th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122175


* Fedora Core 5 Update: samba-3.0.22-1.fc5
  30th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122176


+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

* Gentoo: NetHack, Slash'EM, Falcon's Eye Local privilege escalation
  23rd, March, 2006

NetHack, Slash'EM and Falcon's Eye are vulnerable to local privilege
escalation vulnerabilities that could potentially allow the execution
of arbitrary code as other users.

http://www.linuxsecurity.com/content/view/122072


* Gentoo: RealPlayer Buffer overflow vulnerability
  26th, March, 2006

RealPlayer is vulnerable to a buffer overflow that could lead to
remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122106


* Gentoo: OpenOffice.org Heap overflow in included libcurl
  27th, March, 2006

OpenOffice.org contains a vulnerable version of libcurl that may
cause a heap overflow when parsing URLs.

http://www.linuxsecurity.com/content/view/122124


* Gentoo: bsd-games Local privilege escalation in tetris-bsd
  29th, March, 2006

tetris-bsd is prone to local privilege escalation vulnerabilities.

http://www.linuxsecurity.com/content/view/122159


+---------------------------------+
|  Distribution: Mandriva         | ----------------------------//
+---------------------------------+

* Mandriva: Updated FreeRADIUS packages fix EAP-MSCHAPv2 module
vulnerability
  24th, March, 2006

 An unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows

remote attackers to bypass authentication or cause a denial of
service (server crash) via "Insufficient input validation" in the
EAP-MSCHAPv2 state machine module. Updated packages have been
patched to correct this issue.

http://www.linuxsecurity.com/content/view/122077


* Mandriva: Updated mailman packages fix DoS from badly formed mime
multipart messages.
  29th, March, 2006

Scrubber.py, in Mailman 2.1.5 and earlier, when using email 2.5 (part
of Python), is susceptible to a DoS (mailman service stops delivering
for the list in question) if it encounters a badly formed mime
multipart message with only one part and that part has two blank
lines between the first boundary and the end boundary.

http://www.linuxsecurity.com/content/view/122161



+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Critical: RealPlayer security update
  23rd, March, 2006

An updated RealPlayer package that fixes a buffer overflow bug is now
available for Red Hat Enterprise Linux Extras 3 and 4. This update
has been rated as having critical security impact by the Red Hat
Security Response Team.

http://www.linuxsecurity.com/content/view/122057


+---------------------------------+
|  Distribution: SuSE             | ----------------------------//
+---------------------------------+

* SuSE: RealPlayer security problems
  23rd, March, 2006

This update fixes the following security problems in Realplayer:
CVE-2006-0323, CVE-2005-2922.

http://www.linuxsecurity.com/content/view/122060


* SuSE: freeradius authentication bypass
  28th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122127

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org 



This archive was generated by hypermail 2.1.3 : Mon Apr 03 2006 - 01:30:00 PDT