D. Thomas –
This week, advisories were released for RPC XDR, ypserv,
pine, freeswan, im, smb2www, xinetd, webalizer, kde, kdelibs, and windowmaker.
The distributors include Caldera, Conectiva, Debian, Gentoo, Mandrake, and
Red Hat.
LinuxSecurity Feature Extras:
Network
Security Audit – “Information for the right people at right time and
from anywhere” has been the driving force for providing access to the most
of the vital information on the network of an organization over the Internet.
This is a simple guide on conducting a network security audit.Security:
MySQL and PHP (3 of 3) – This is the third installation of a 3 part
article on LAMP (Linux Apache MySQL PHP). In order to safeguard a MySQL server
to the basic level, one has to abide by the following guidelines.
] – [ Linux Security
Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
| Vendors | Packages |
| RPC XDR | Caldera |
| ypserv | Caldera |
| pine | Conectiva, Gentoo, Mandrake |
| freeswan | Debian |
| im | Debian |
| smb2www | Debian |
| xinetd | Red Hat |
| webalizer | Red Hat |
| kde | Red Hat |
| windowmaker | Mandrake |
| kdelibs | Debian |
Linux Advisory Watch is a comprehensive newsletter that outlines
the security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each vulnerability.
[ Subscribe
]
| Package: | RPC XDR |
| Date: | 12-04-2002 |
| Description: | The implementation of xdr_array can be tricked into writing beyond the buffers it allocated when deserializing the XDR stream. |
| Vendor Alerts: | Caldera:
|
| Package: | ypserv |
| Date: | 12-04-2002 |
| Description: | Requesting a map that doesn’t exist will cause a memory leak in the server. |
| Vendor Alerts: | Caldera:
|
| Package: | pine |
| Date: | 12-04-2002 |
| Description: | By exploiting this, an attacker can prevent the pine user of starting the program to manage his/her mailbox. It was not confirmed if it is possible to execute arbitrary code by exploiting this vulnerability, but such a possibility exists. |
| Vendor Alerts: | Conectiva:
Gentoo:
Mandrake:
|
| Package: | freeswan |
| Date: | 12-02-2002 |
| Description: | Bindview discovered a problem in several IPSEC implementations that do not properly handle certain very short packets. IPSEC is a set of security extensions to IP which provide authentication and encryption. Free/SWan in Debain is affected by this and is said to cause a kernel panic. |
| Vendor Alerts: | Debian:
|
| Package: | im |
| Date: | 12-03-2002 |
| Description: | The impwagent program creates a temporary directory in an insecure manner in /tmp using predictable directory names without checking the return code of mkdir, so it’s possible to seize a permission of the temporary directory by local access as another user. |
| Vendor Alerts: | Debian:
|
| Package: | smb2www |
| Date: | 12-04-2002 |
| Description: | Robert Luberda found a security problem in smb2www, a Windows Network client that is accessible through a web browser. This could lead a remote attacker to execute arbitrary programs under the user id www-data on the host where smb2www is running. |
| Vendor Alerts: | Debian:
|
| Package: | kdelibs |
| Date: | 12-05-2002 |
| Description: | The KDE team has discovered a vulnerability in the support for various network protocols via the KIO The implementation of the rlogin and protocol allows a carefully crafted URL in an HTML page, HTML email or other KIO-enabled application to execute arbitrary commands on the system using the victim’s account on the vulnerable machine. |
| Vendor Alerts: | Debian:
|
| Package: | WindowMaker |
| Date: | 12-02-2002 |
| Description: | Al Viro discovered a vulnerability in the WindowMaker window manager. A function used to load images, for example when configuring a new background image or previewing themes, contains a buffer overflow. The function calculates the amount of memory necessary to load the image by doing some multiplication but does not check the results of this multiplication, which may not fit into the destination variable, resulting in a buffer overflow when the image is loaded. |
| Vendor Alerts: | Mandrake:
|
| Package: | xinetd |
| Date: | 12-02-2002 |
| Description: | Versions of Xinetd prior to 2.3.7 leak file descriptors for the signal pipe to services that are launched by xinetd. This could allow an attacker to execute a DoS attack via the pipe. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0871 to this issue. |
| Vendor Alerts: | Red Hat:
|
| Package: | webalizer |
| Date: | 12-02-2002 |
| Description: | A buffer overflow in Webalizer versions prior to 2.01-10, when configured to use reverse DNS lookups, may allow remote attackers to execute arbitrary code by connecting to the monitored Web server from an IP address that resolves to a long hostname. |
| Vendor Alerts: | Red Hat:
|
| Package: | kde |
| Date: | 12-02-2002 |
| Description: | A number of vulnerabilities have been found that affect various versions of KDE. This errata provides updates which resolve these issues. |
| Vendor Alerts: | Red Hat:
|
