+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| June 9th, 2006 Volume 7, Number 24n |
| |
| Editorial Team: Dave Wreski dave@private |
| Benjamin D. Thomas ben@private |
+---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week, advisories were released for motor, typespeed, lynx-cur,
xmcd, postgresql, centericq, freeradius, spamassassin, dia, tetex,
squirrelmail, mc, gdm, gnome-panel, dovecot, evolution, x11, libtiff,
openldap, MySQL, postgresql, quagga, zebra, and rug. The distributors
include Debian, Fedora, Mandriva, Red Hat, and SuSE.
---
Security on your mind?
Protect your home and business networks with the free, community
version of EnGarde Secure Linux. Don't rely only on a firewall to
protect your network, because firewalls can be bypassed. EnGarde
Secure Linux is a security-focused Linux distribution made to protect
your users and their data.
The security experts at Guardian Digital fortify every download of
EnGarde Secure Linux with eight essential types of open source
packages. Then we configure those packages to provide maximum
security for tasks such as serving dynamic websites, high
availability mail, transport, network intrusion detection,
and more. The result for you is high security, easy
administration, and automatic updates.
The Community edition of EnGarde Secure Linux is completely
free and open source. Updates are also freely available when
you register with the Guardian Digital Secure Network.
http://www.engardelinux.org/modules/index/register.cgi
---
EnGarde Secure Linux v3.0.7 Now Available
Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.7 (Version 3.0, Release 7). This
release includes several bug fixes and feature enhancements
to the Guardian Digital WebTool and the SELinux policy,
several updated packages, and several new packages
available for installation.
The following reported bugs from bugs.engardelinux.org
are fixed in this release:
#0000067 SIMAP AND SPOP3 packages are built
disabling plaintext auth
Several other bugs are fixed in this release as well.
New features include:
* A new package (hwlister) which can be used to
generate an inventory of all the hardware which
comprises your system. This package is now
installed by default with EnGarde Secure Linux.
* PHP was re-build with cURL support and a race
condition was fixed in shadow-utils.
* The latest stable versions of: MySQL (5.0.22),
apache (2.0.58), asterisk (1.2.8), bacula (1.38.9),
imap (2004g), openssl (0.9.8b), php5 (5.1.4),
postfix (2.2.10), snort (2.4.4), sudo (1.6.8p12),
syslog-ng (1.6.11), vim (6.4.010), and zaptel (1.2.6).
* Several new packages:
- binstats (1.08)
Binstats is a statistics generation tool for installed
programs. It is also useful for cleaning up a system by
helping find duplicate executables, unused libraries,
statically linked binaries and duplicate man pages.
- bitchx (1.1)
BitchX is an IRC (Internet Relay Chat) client that is
based on ircII (but heavily modified). It is ncurses based
and allows the user to get onto IRC without requiring the
use of GUI client.
- bittorrent (4.9.2)
Bittorrent is a scatter-gather network file transfer
protocol used for distributing files. It works in the
opposite method of regular downloads with regard to the
fact that the more people are currently downloading a
file using bittorrent, the faster it will go.
- ethereal (0.99.0)
Ethereal is a network protocol analyzer. This version is
ncurses based and allows the user to examine and capture
data from a live network.
- hyperion (1.0.2)
Hyperion is an IRC daemon that allows clients to connect
to it. This is the server that is used by Freenode.
- john (1.7.0.2)
"John" is a password cracker whose primary purpose is to
detect weak passwords in order to strengthen the overall
security of a system.
- libapache-mod_fcgid (1.09)
mod_fcgid is an apache web server module that acts as a
binary compatibility alternative to mod_fastcgi. It comes
with a new process management strategy.
- libapache-mod_mono (1.1.14)
mod_mono is an apache web server module that provides
ASP.NET support for the apache web server.
- libapache-mod_security (1.9.3)
mod_security is an apache web server module that acts as an
intrusion detection and prevention engine for web applications.
It acts as another line of defense between improperly coded
applications and the webserver.
- makejail (0.0.5)
Makejail, in conjunction with binstats, determines which binaries
a program is going to need to be chrooted and creates a chroot
jail for it.
- mc (4.6.0)
Midnight Commander is a console based ncurses visual file manager
similar to Norton Commander. It has the ability to handle
archives, FTP site, and many other files built in.
- paketto (1.10)
The Paketto Keiretsu is a collection of tools that use new and
unusual strategies for manipulating TCP/IP networks. scanrand is
said to be faster than nmap and more useful in some scenarios.
- psad (1.4.5)
PSAD is a collection of utilities that work with the linux
firewalling code (IPTables) to detect port scans and other
suspect traffic. It also includes the ability to configure
threshold levels based on how stringent your ruleset is.
- slat (2.0)
SLAT provides a systematic way of determining if your SE Linux
policy achieves your desired security goal. This is a useful
tool when creating or modifying SELinux policy.
All new users downloading EnGarde Secure Linux for the first
time or users who use the LiveCD environment should download this
release.
Users who are currently using EnGarde Secure Linux do not need
to download this release -- they can update their machines via
the Guardian Digital Secure Network WebTool module.
http://www.linuxsecurity.com/content/view/123016/65/
----------------------
Linux File & Directory Permissions Mistakes
One common mistake Linux administrators make is having file and
directory permissions that are far too liberal and allow access
beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this
article, so I'll assume you are familiar with the usage of such
tools as chmod, chown, and chgrp. If you'd like a refresher, one
is available right here on linuxsecurity.com.
http://www.linuxsecurity.com/content/view/119415/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New motor packages fix arbitrary code execution
31st, May, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122940
* Debian: New typespeed packages fix arbitrary code execution
31st, May, 2006
Niko Tyni discovered a buffer overflow in the processing of network
data in typespeed, a game for testing and improving typing speed,
which could lead to the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/122948
* Debian: New lynx-cur packages fix several vulnerabilities
1st, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122956
* Debian: New xmcd packages fix denial of service
2nd, June, 2006
The xmcdconfig creates directories world-writeable allowing local
users to fill the /usr and /var partition and hence cause a denial of
service. This problem has been half-fixed since version 2.3-1.
http://www.linuxsecurity.com/content/view/122971
* Debian: New PostgreSQL packages fix encoding vulnerabilities
3rd, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122984
* Debian: New centericq packages fix arbitrary code execution
3rd, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122985
* Debian: New freeradius packages fix arbitrary code execution
3rd, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122986
* Debian: New spamassassin packages fix remote command execution
6th, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123002
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
* Fedora Extras 5 update: dia-0.95-3
6th, June, 2006
This update fixes CVE-2006-1550, CVE-2006-2453, CVE-2006-2480.
http://www.linuxsecurity.com/content/view/123007
* Fedora Core 4 Update: spamassassin-3.0.6-1.fc4
6th, June, 2006
Resolves CVE-2006-2447. Note that you are affected by this bug only
if you launched spamd with both --vpopmail and --paranoid, which is
not a common configuration.
http://www.linuxsecurity.com/content/view/123011
* Fedora Core 5 Update: spamassassin-3.1.3-1.fc5
6th, June, 2006
3.1.3 Resolves CVE-2006-2447. Note that you are affected by this bug
only if you launched spamd with both --vpopmail and --paranoid, which
is not a common configuration. Also included are bug fixes from
3.1.2.
http://www.linuxsecurity.com/content/view/123015
* Fedora Core 4 Update: tetex-3.0-10.FC4
7th, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123033
* Fedora Core 4 Update: squirrelmail-1.4.6-7.fc4
7th, June, 2006
CVE-2006-2842 Squirrelmail File Inclusion
http://www.linuxsecurity.com/content/view/123034
* Fedora Core 5 Update: mc-4.6.1a-13.FC5
7th, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123035
* Fedora Core 5 Update: gdm-2.14.4-1.fc5.3
7th, June, 2006
This update resolves an issue in gdm-2.14.4-1.fc5.2 where GDM would
choose the wrong X server path.
http://www.linuxsecurity.com/content/view/123036
* Fedora Core 5 Update: gnome-panel-2.14.2-1.fc5.1
7th, June, 2006
The gnome-panel package has been rebuilt against the latest
evolution-data-server package.
http://www.linuxsecurity.com/content/view/123037
* Fedora Core 5 Update: squirrelmail-1.4.6-7.fc5
7th, June, 2006
CVE-2006-2842 Squirrelmail File Inclusion Vulnerability
http://www.linuxsecurity.com/content/view/123038
* Fedora Core 5 Update: dovecot-1.0-0.beta8.1.fc5
7th, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123039
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated evolution packages fix DoS (crash) vulnerability
on certain messages.
1st, June, 2006
Evolution, as shipped in Mandriva Linux 2006.0, can crash displaying
certain carefully crafted images.
http://www.linuxsecurity.com/content/view/122966
* Mandriva: Updated xorg-x11 packages to address bug with keyboard
layouts.
5th, June, 2006
A misapplied patch in a recent X.org updated caused keyboard layout
problems which resulted in some users being unable to use the
CTRL-ALT-function key combination to switch to a console, as well as
other keyboard mapping issues.
Updated packages have been re-patched to correct these issues.
http://www.linuxsecurity.com/content/view/123000
* Mandriva: Updated libtiff packages fixes tiffsplit vulnerability
5th, June, 2006
A stack-based buffer overflow in the tiffsplit command in libtiff
3.8.2
and earlier might might allow attackers to execute arbitrary code via
a long filename.
http://www.linuxsecurity.com/content/view/123001
* Mandriva: Updated openldap packages fixes buffer overflow
vulnerability.
7th, June, 2006
A stack-based buffer overflow in st.c in slurpd for OpenLDAP might
allow attackers to execute arbitrary code via a long hostname.
Packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/123029
* Mandriva: Updated MySQL packages fixes SQL injection vulnerability.
7th, June, 2006
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x
before 5.0.22 allows context-dependent attackers to execute arbitrary
SQL commands via crafted multibyte encodings in character sets such
as SJIS, BIG5, and GBK, which are not properly handled when the
mysql_real_escape function is used to escape the input. MySQL 4.0.18
in Corporate 3.0 and MNF 2.0 is not affected by this issue. Packages
have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/123030
* Mandriva: Updated postgresql packages fixes SQL injection
vulnerabilities.
7th, June, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123032
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Moderate: quagga security update
1st, June, 2006
Updated quagga packages that fix several security vulnerabilities are
now available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/122967
* RedHat: Moderate: zebra security update
1st, June, 2006
Updated zebra packages that fix several security vulnerabilities are
now available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/122968
* RedHat: Moderate: dia security update
1st, June, 2006
Updated Dia packages that fix several buffer overflow bugs are now
available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/122969
* RedHat: Moderate: spamassassin security update
6th, June, 2006
Updated spamassassin packages that fix an arbitrary code execution
flaw are now available. This update has been rated as having moderate
security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123010
+---------------------------------+
| Distribution: SuSE | ----------------------------//
+---------------------------------+
* SuSE: cron local privilege escalation
31st, May, 2006
The code in do_command.c in Vixie cron does not check the return code
of a setuid call, which might allow local users to gain root
privileges if setuid fails in cases such as PAM failures or resource
limits. This problem is known to affect only distributions with
Linux 2.6 kernels, but the package was updated for all distributions
for completeness. This problem is tracked by the Mitre CVE ID
CVE-2006-2607.
http://www.linuxsecurity.com/content/view/122947
* SuSE: kernel (SUSE-SA:2006:028)
31st, May, 2006
Multiple vulnerabilities have been fixed in the linux kernel.
http://www.linuxsecurity.com/content/view/122949
* SuSE: rug (SUSE-SA:2006:029)
31st, May, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122950
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri Jun 09 2006 - 10:14:36 PDT