Linux Advisory Watch – April 30, 2004


Author: Benjamin D. Thomas

This week, advisories were
released for eterm, mc, the Linux kernel, ssmtp, LCDproc, xine, samba, and sysklogd.
The distributors include Debian, Guardian Digital’s EnGarde Linux, Fedora, Gentoo,
Mandrake, Red Hat, and Slackware.

Wireless Security

Over the years security
and network administrators have been reluctant to adopt wireless networking
technologies in corporate environments. Will it provide an easy path of entry
into the LAN? Will internal servers be accessible from the outside? Sometimes
is necessary to implement wireless networks in an office building because of
special circumstances, or pressures from management to adopt the latest technology.
Installing a wireless network may be inevitable, if so how should it be approached?

As with all security projects,
a wireless security policy should be created. This should define the purpose
and scope of the wireless network, who is going to be using it, how it should
be used, etc. Also, an analysis of newly introduced threats should be formalized.
This will enable the network to be designed in a matter that minimizes risk.

The wireless network should
be treated as an untrusted network. Precautions such as placing a firewall between
the wireless network and internal LAN, requiring strong authentication, and
conducting regular vulnerability assessments. When connecting to the trusted
LAN over a wireless network, a VPN should be used. If not, it is advisable to
only stick to secure protocols such as SSH & SSL.

Wireless access points
should be regularly audited and configured in the most secure manner. Passwords
and WEP keys should be as defined in the Wireless Security Policy. Also, it
is important to periodically check for rogue wireless access points by warwalking.
Access points are ideally placed in the center of buildings. This reduces the
available signal strength to outsiders.

Because the wireless workstations
are on an untrusted network, it is imperative that they are kept secure. This
can be done by using host-based firewalls, IDS, keeping patches up-to-date,
and configuration scanning. Hosts should be regularly scanned and monitored.
By taking these precautions it is possible to implement wireless networking
without significantly increasing risks to an organization’s information security.

Until next time, cheers!
Benjamin D. Thomas


Feature Extras:

Generation Internet Defense & Detection System

– Guardian Digital has announced the first fully open source system designed
to provide both intrusion detection and prevention functions. Guardian Digital
Internet Defense & Detection System (IDDS) leverages best-in-class open
source applications to protect networks and hosts using a unique multi-layered
approach coupled with the security expertise and ongoing security vigilance
provided by Guardian Digital.

with Siem Korteweg: System Configuration Collector

– In this interview we learn how the System Configuration Collector (SCC)
project began, how the software works, why Siem chose to make it open source,
and information on future developments.


– This is the second installation of a 3 part article on LAMP (Linux Apache
MySQL PHP). In order to safeguard a MySQL server to the basic level, one has
to abide by the following guidelines.

[ Linux
Advisory Watch
] – [ Linux
Security Week
] – [ PacketStorm
] – [ Linux Security

Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.

[ Subscribe

Distribution: Debian
  4/28/2004 kernel
Multiple vulnerabilities

Several serious problems have been discovered in the Linux kernel. This
update takes care of Linux 2.4.16 for the ARM (and a few other) architectures.

Debian advisory 4280

  4/29/2004 eterm
Input Sanitising

H.D. Moore discovered several terminal emulator security issues

Debian advisory 4287

  4/29/2004 mc

Jacub Jelinek discovered several vulnerabilities in the Midnight Commander,
a powerful file manager for GNU/Linux systems.

Debian advisory 4288

Distribution: EnGarde
  4/28/2004 ‘kernel’
Several security and bug fixes

This update fixes numerous vulnerabilities in the Linux Kernel.

Engarde advisory 4285

  4/28/2004 kernel

This patch resolves a number of kernel vulnerabilities, uncluding ones involving
the various journaling filesystems.

Engarde advisory 4286

Distribution: Fedora
  4/23/2004 kernel

This patch fixes a large variety of vulnerabilities in the 2.4.22 kernel,
including some related to journaling filesystems.

Fedora advisory 4278

Distribution: Gentoo
  4/28/2004 ipsec-tools
and iputils Denial of service vulnerability

Attackers may be able to craft an ISAKMP header of sufficient length to
consume all available system resources, causing a Denial of Service. Further
discussion of advisory at bottom.

Gentoo advisory 4279

  4/28/2004 ssmtp

Multiple format string vulnerabilities may allow an attacker to run arbitrary
code with ssmtp’s privileges.

Gentoo advisory 4282

  4/28/2004 LCDproc

Multiple remote vulnerabilities have been found in the LCDd server, allowing
execution of arbitrary code with the rights of the LCDd user.

Gentoo advisory 4283

  4/28/2004 xine

Several vulnerabilities have been found in xine-ui and xine-lib, potentially
allowing an attacker to overwrite files with the rights of the user.

Gentoo advisory 4284

  4/29/2004 samba

There is a bug in smbfs which may allow local users to gain root via a setuid
file on a mounted Samba share. Also, there is a tmpfile symlink vulnerability
in the smbprint script distributed with Samba.

Gentoo advisory 4289

Distribution: Mandrake
  4/28/2004 kernel

This patch resolves a large number of kernel vulnerabilities at various
levels of seriousness.

Mandrake advisory 4281

  4/29/2004 sysklogd

Steve Grubb discovered a bug in sysklogd where it allocates an insufficient
amount of memory which causes sysklogd to write to unallocated memory.

Mandrake advisory 4290

Distribution: Openwall
  4/23/2004 kernel
escalation vulnerability

Upgrade to 2.4.26 to fix a local root vulnerability.

Openwall advisory 4277

Distribution: Red
  4/23/2004 kernel
escalation vulnerabilities

Updated kernel packages that fix two privilege escalation vulnerabilities
are now available.

Red Hat advisory 4276

Distribution: Slackware
  4/28/2004 kernel

New kernel packages are available for Slackware 9.1 and -current to fix
security issues

Slackware advisory 4291