February 14, 2003

Linux Advisory Watch - February 14th 2003

- By:  Benjamin D.
Thomas
-
Linux Advisory Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It includes pointers
to updated packages and descriptions of each vulnerability.
This week, advisories were released for w3m, wml-net, hypermail, postgresql,
lynx, python, pam_xauth, fileutils, and mozilla. The distributors include Conectiva,
Debian, Mandrake, and Red Hat.

LinuxSecurity Feature Extras:

Remote
Syslog with MySQL and PHP
- Msyslog has the ability to log syslog
messages to a database. This allows for easier monitoring of multiple servers
and the ability to be display and search for syslog messages using PHP
or any other programming language that can communicate with the database.by
that, too.

Review:
Mastering Network Security, Second Edition
- The introduction states
that this book is aimed at systems administrators who are not security
experts, but have some responsibility for ensuring the integrity of their
systems. That would seem to cover most sysadmins.

 

[ Linux
Advisory Watch
] - [ Linux
Security Week
] - [ PacketStorm
Archive
] - [ Linux Security
Documentation
]

The Linux Advisory Watch newsletter is developed by the community
of volunteers at LinuxSecurity.com
and sponsored by Guardian Digital, Inc., the open
source security company.


 

Package: w3m
Date: 02-07-2003
Description: An
XSS vulnerability in w3m 0.3.2 allows remote attackers to insert arbitrary
HTML and web script into frames.  Frames are disabled by default in
the version of w3m shipped with Red Hat Linux.  Therefore, this problem
will not appear as long as users do not use w3m with the -F option, or
enable frame support in either the /etc/w3m/w3mconfig or ~/.w3m/config
configuration
files.  The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2002-1335 to this issue.
Vendor Alerts: Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/w3m-0.3.1-6.i386.rpm
3c79d5d3d0c74262c5b911b78aa7342e
 

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-2826.html
 

Debian:

http://security.debian.org/pool/updates/main/w/w3mmee/w3mmee_0.3.p23.3-1.5_i386.deb
Size/MD5 checksum:  
521574 3f177cd8f1861af383a4bad617b833d3
     
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2846.html

 

Package: uml-net
Date: 02-07-2003
Description: The
kernel-utils package contains several utilities that can be used to control
the kernel or machine hardware.  In Red Hat Linux 8.0 this package
contains user mode linux (UML) utilities.
Vendor Alerts: Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/kernel-utils-2.4-8.28.i386.rpm
40a718a6037b55941a289fa6adc5f0f5

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2844.html
 

 

Package: hypermail
Date: 02-07-2003
Description: An
attacker could craft a long filename for an attachment that would overflow
two buffers when a certain option for interactive use was given, opening
the possibility to inject arbitrary code.  This code would then be
executed under the user id hypermail runs as, mostly as a local user. 
Automatic and silent use of hypermail does not seem to be affected.
 
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/main/h/hypermail/hypermail_2.0b25-1.1_i386.deb
Size/MD5 checksum:  
145048 987bb3659b98eb4dc7e020afd58c24ac

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2845.html
 

 

 

Package: postgresql
Date: 02-11-2003
Description: Vulnerabilities
were discovered in the Postgresql relational database by Mordred Labs. 
These vulnerabilities are buffer overflows in the rpad(), lpad(), repeat(),
and cash_words() functions.  The Postgresql developers also fixed
a buffer overflow in functions that deal with time/date and timezone.
Vendor Alerts: Mandrake:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-2847.html
 

 

Package: lynx
Date: 02-11-2003
Description: Updated
lynx packages are available that fix an error in the way lynx parses its
command line arguments, which can lead to faked headers being sent to a
web server.
Vendor Alerts: Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/lynx-2.8.5-7.1.i386.rpm
96fd9d05a357e6a0d11d5a2916b90485 

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2848.html
 

 

Package: python
Date: 02-11-2003
Description: An
insecure use of a temporary file has been found in Python.  This erratum
provides updated Python packages.
Vendor Alerts: Red Hat:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2849.html
 

 

Package: pam_xauth
Date: 02-11-2003
Description: Updated
PAM packages are now available for Red Hat Linux 7.1, 7.2, 7.3, and 8.0. 
These packages correct a bug in pam_xauth's handling of authorization data
for the root user.
Vendor Alerts: Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/pam-0.75-46.8.0.i386.rpm 
25ebcb39f56c98cc064c34b2d048ed35 

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2850.html
 

 

Package: fileutils
Date: 02-12-2003
Description: A
race condition in the recursive use of 'rm' and 'mv' in fileutils 4.1 and
earlier could allow local users to delete files and directories (as the
user running fileutils) if the user has write access to part of the tree
being moved or deleted.
 
Vendor Alerts: Red Hat:
ftp://updates.redhat.com/7.3/en/os/i386/fileutils-4.1-10.1.i386.rpm
d8a014f87a6aa623c36620ba96178698

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2851.html
 

 

Package: mozilla
Date: 02-13-2003
Description: A
remote attacker could exploit these vulnerabilities by creating malicious
web pages that, when acessed, would crash the browser, potentially allow
remote arbitrary code execution or cause some sort of unexpected behavior.
Vendor Alerts: Conectiva:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Conectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/connectiva_advisory-2853.html
 

 

Category:

  • Security
Click Here!