Linux Advisory Watch - December 3, 2004

This week advisories were released for java, abiworld, cyrus, squirrelmail,
libgd1, openssl, hpsockd, policycoreutils, prelink, libselinux, udev, tcpdump,
samba, gaim, FreeBSD kernel, phpMyAdmin, libxpm4, kde, amavisd, open motif,
linux kernel, and cyrus-imapd. The distributors include Conectiva, Debian, Fedora,
Gentoo, Mandrake, Trustix, Red Hat, and SuSE.LinuxSecurity.com
Feature Extras:

Mass
deploying Osiris – Osiris is a centralized file-integrity program
that uses a client/server architecture to check for changes on a system. A central
server maintains the file-integrity database and configuration for a client
and at a specified time, sends the configuration file over to the client, runs
a scan and sends the results back to the server to compare any changes. Those
changes are then sent via email, if configured, to a system admin or group of
people. The communication is all done over an encrypted communication channel.

AIDE
and CHKROOTKIT -Network security is continuing to be a big problem
for companies and home users. The problem can be resolved with an accurate security
analysis. In this article I show how to approach security using aide and chkrootkit.

An Interview
with Gary McGraw, Co-author of Exploiting Software: How to Break Code
– Gary McGraw is perhaps best known for his groundbreaking work on securing
software, having co-authored the classic Building Secure Software (Addison-Wesley,
2002). More recently, he has co-written with Greg Hoglund a companion volume,
Exploiting Software, which details software security from the vantage point
of the other side, the attacker. He has graciously agreed to share some of his
insights with all of us at LinuxSecurity.com.

Linux Advisory Watch is
a comprehensive newsletter that outlines the security vulnerabilities that have
been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.[
Subscribe
]

Conectiva
	Conectiva: java plugin vulnerability
	26th, November, 2004 Jouko Pynnonen reported[2], through iDEFENSE, a vulnerability[3] in the plugin mechanism which allows remote attackers to bypass the Java sandbox through the use of javascript. Alert 106930

	Conectiva: abiword buffer overflow vulnerability fix
	1st, December, 2004 iDefense[3] discovered[4] a buffer overflow vulnerability[5] in the wv library which could allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application. Alert 117319

	Conectiva: cyrus-imapd Multiple vulnerabilities
	1st, December, 2004 Stefan Esser from e-matters security recently published[2] several vulnerabilities in cyrus-imapd. Alert 117320

	Conectiva: squirrelmail cross site scripting vulnerability fix
	2nd, December, 2004 Joost Pol noticed[2] that SquirrelMail is prone to a cross site scripting issue in the decoding of encoded text in certain headers. SquirrelMail correctly decodes the specially crafted header, but doesn’t sanitize the result. Alert 117321

Debian
	Debian: libgd1 arbitrary code execution fix
	29th, November, 2004 More potential integer overflows have been found in the GD graphics library which weren’t covered by our security advisory DSA 589. They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim’s machine. Alert 106931

	Debian: libgd2 arbitrary code execution fix
	29th, November, 2004 More potential integer overflows have been found in the GD graphics library which weren’t covered by our security advisory DSA 589. They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim’s machine. Alert 106932

	Debian: openssl insecure temporary file creation fix
	1st, December, 2004 Trustix developers discovered insecure temporary file creation in a supplemental script (der_chop) of the openssl package which may allow local users to overwrite files via a symlink attack. Alert 117312

	Debian: hpsockd denial of service fix
	3rd, December, 2004 “infamous41md” discovered a buffer overflow condition in hpsockd, the socks server written at Hewlett-Packard. An exploit could cause the program to crash or may have worse effect. Alert 117313

Fedora
	Fedora: policycoreutils-1.18.1-2 update Resend with correct id
	30th, November, 2004 FixFiles.cron is not needed for targeted policy and needs to be reworked for strict policy. Removing prevents possible relabeling problems. Alert 106953

	Fedora: policycoreutils-1.18.1-2 update
	30th, November, 2004 FixFiles.cron is not needed for targeted policy and needs to be reworked for strict policy. Removing prevents possible relabeling problems. Alert 106952

	Fedora: prelink-0.3.3-0.fc3 update
	30th, November, 2004 if layout code needs to re-prelink some library, make sure all libraries that depend on it are re-prelinked too (#140081) Alert 106950

	Fedora: libselinux-1.19.1-8 update
	30th, November, 2004 Change location of helper applications and remove some debug applications that should not have been part of the distribution. Alert 106951

	Fedora: udev-039-10.FC3.2 update
	30th, November, 2004 Forgot to turn of debugging logging. This release speeds up udev. Alert 106948

	Fedora: tcpdump-3.8.2-6.FC2.1 update
	30th, November, 2004 fixed nfs protocol parsing for 64 bit architectures (bug 132781) Alert 106949

	Fedora: abiword-2.0.12-7.fc3 update
	30th, November, 2004 Fixes for tempnam usages and startup geometry crashes Alert 106947

	Fedora: system-config-securitylevel-1.4.18-2 update
	29th, November, 2004 This fixes tracebacks introduced by the libselinux update (#139155) Alert 106944

	Fedora: samba-3.0.9-1.fc2 update
	29th, November, 2004 This update closes two security holes: CAN-2004-0882 and CAN-2004-0930 Alert 106941

	Fedora: samba-3.0.9-1.fc3 update
	29th, November, 2004 This update closes two security holes: CAN-2004-0882 and CAN-2004-0930. Alert 106942

	Fedora: gaim-1.0.2-0.FC2 update
	29th, November, 2004 FC2 Update Alert 106943

	Fedora: squirrelmail-1.4.3a-6.FC2 update
	28th, November, 2004 CAN-2004-1036 Cross Site Scripting in encoded text Alert 106934

	Fedora: squirrelmail-1.4.3a-6.FC3 update
	28th, November, 2004 CAN-2004-1036 Cross Site Scripting in encoded text Alert 106935

	Fedora: spamassassin-3.0.1-0.FC3 update
	28th, November, 2004 Several important bug fixes in upstream release. Alert 106936

	Fedora: system-config-date-1.7.13-0.fc3.1 update
	29th, November, 2004 enable Gujarati and Tamil translations (#140881) Alert 106937

	FreeBSD: Kernel memory disclosure in procfs and linprocfs
	2nd, December, 2004 The implementation of the /proc/curproc/cmdline pseudofile in the procfs(5) file system on FreeBSD 4.x and 5.x, and of the /proc/self/cmdline pseudofile in the linprocfs(5) file system on FreeBSD 5.x reads a process’ argument vector from the process address space. During this operation, a pointer was dereferenced directly without the necessary validation steps being performed. Alert 117318

Gentoo
	Gentoo: Sun and Blackdown Java Applet privilege escalation
	29th, November, 2004 The Java plug-in security in Sun and Blackdown Java environments can be bypassed to access arbitrary packages, allowing untrusted Java applets to perform unrestricted actions on the host system. Alert 106945

	Gentoo: Open DC Hub Remote code execution
	28th, November, 2004 Open DC Hub contains a buffer overflow that can be exploited to allow remote code execution. Alert 106940

	Gentoo: phpWebSite HTTP response splitting vulnerability
	26th, November, 2004 phpWebSite is vulnerable to possible HTTP response splitting attacks. Alert 106929

	Gentoo: phpMyAdmin Multiple XSS vulnerabilities
	27th, November, 2004 phpMyAdmin is vulnerable to cross-site scripting attacks. Alert 106939

Mandrake
	Mandrake: libxpm4 correct issues with previous update
	30th, November, 2004 The previous libxpm4 update had a linking error that resulted in a missing s_popen symbol error running applications dependant on the library. In addition, the file path checking in the security updates prevented some applications, like gimp-2.0 from being able to save xpm format images. Alert 106946

	Mandrake: kdepim various bugs fix
	27th, November, 2004 A number of bugs in kdepim are fixed with this update. Alert 106938

	Mandrake: kdelibs various bugs fix
	26th, November, 2004 A number of bugs in kdelibs are fixed with this update. Alert 106925

	Mandrake: kdebase various bugs fixes
	26th, November, 2004 A number of bugs in kdebase are fixed with this update. Alert 106924

Trustix
	Trustix: amavisd-new, anaconda, courier-imap, cyrus-imapd, cyrus-sasl, file, kernel, mkbootdisk, mys
	29th, November, 2004 Fix amavis user creation on install. Support kickstart files on FTP. Hyperthreading detection. Alert 106933

Red Hat
	Red Hat: openmotif image vulnerability fix
	2nd, December, 2004 Updated openmotif packages that fix flaws in the Xpm image library are now available. Alert 117314

	Red Hat: kernel security vulnerabilities fix
	2nd, December, 2004 Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available. Alert 117315

SuSE
	SuSE: various kernel problems
	1st, December, 2004 Several security problems have been found and addressed by the SUSE Security Team. The following issues are present in all SUSE Linux based products. Alert 117316

	SuSE: cyrus-imapd remote command execution
	3rd, December, 2004 Stefan Esser reported various bugs within the Cyrus IMAP Server. These include buffer overflows and out-of-bounds memory access which could allow remote attackers to execute arbitrary commands as root. The bugs occur in the pre-authentication phase, therefore an update is strongly recommended. Alert 117317

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR