Thomas –
Linux Advisory Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It includes pointers
to updated packages and descriptions of each vulnerability.
This week, advisories were released for w3m, wml-net, hypermail, postgresql,
lynx, python, pam_xauth, fileutils, and mozilla. The distributors include Conectiva,
Debian, Mandrake, and Red Hat.
LinuxSecurity Feature Extras:
Remote
Syslog with MySQL and PHP – Msyslog has the ability to log syslog
messages to a database. This allows for easier monitoring of multiple servers
and the ability to be display and search for syslog messages using PHP
or any other programming language that can communicate with the database.by
that, too.Review:
Mastering Network Security, Second Edition – The introduction states
that this book is aimed at systems administrators who are not security
experts, but have some responsibility for ensuring the integrity of their
systems. That would seem to cover most sysadmins.
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
The Linux Advisory Watch newsletter is developed by the community
of volunteers at LinuxSecurity.com
and sponsored by Guardian Digital, Inc., the open
source security company.
Package: | w3m |
Date: | 02-07-2003 |
Description: | An XSS vulnerability in w3m 0.3.2 allows remote attackers to insert arbitrary HTML and web script into frames. Frames are disabled by default in the version of w3m shipped with Red Hat Linux. Therefore, this problem will not appear as long as users do not use w3m with the -F option, or enable frame support in either the /etc/w3m/w3mconfig or ~/.w3m/config configuration files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-1335 to this issue. |
Vendor Alerts: | Red Hat:
Debian:
|
Package: | uml-net |
Date: | 02-07-2003 |
Description: | The kernel-utils package contains several utilities that can be used to control the kernel or machine hardware. In Red Hat Linux 8.0 this package contains user mode linux (UML) utilities. |
Vendor Alerts: | Red Hat:
|
Package: | hypermail |
Date: | 02-07-2003 |
Description: | An attacker could craft a long filename for an attachment that would overflow two buffers when a certain option for interactive use was given, opening the possibility to inject arbitrary code. This code would then be executed under the user id hypermail runs as, mostly as a local user. Automatic and silent use of hypermail does not seem to be affected. |
Vendor Alerts: | Debian:
|
Package: | postgresql |
Date: | 02-11-2003 |
Description: | Vulnerabilities were discovered in the Postgresql relational database by Mordred Labs. These vulnerabilities are buffer overflows in the rpad(), lpad(), repeat(), and cash_words() functions. The Postgresql developers also fixed a buffer overflow in functions that deal with time/date and timezone. |
Vendor Alerts: | Mandrake:
|
Package: | lynx |
Date: | 02-11-2003 |
Description: | Updated lynx packages are available that fix an error in the way lynx parses its command line arguments, which can lead to faked headers being sent to a web server. |
Vendor Alerts: | Red Hat:
|
Package: | python |
Date: | 02-11-2003 |
Description: | An insecure use of a temporary file has been found in Python. This erratum provides updated Python packages. |
Vendor Alerts: | Red Hat:
|
Package: | pam_xauth |
Date: | 02-11-2003 |
Description: | Updated PAM packages are now available for Red Hat Linux 7.1, 7.2, 7.3, and 8.0. These packages correct a bug in pam_xauth’s handling of authorization data for the root user. |
Vendor Alerts: | Red Hat:
|
Package: | fileutils |
Date: | 02-12-2003 |
Description: | A race condition in the recursive use of ‘rm’ and ‘mv’ in fileutils 4.1 and earlier could allow local users to delete files and directories (as the user running fileutils) if the user has write access to part of the tree being moved or deleted. |
Vendor Alerts: | Red Hat:
|
Package: | mozilla |
Date: | 02-13-2003 |
Description: | A remote attacker could exploit these vulnerabilities by creating malicious web pages that, when acessed, would crash the browser, potentially allow remote arbitrary code execution or cause some sort of unexpected behavior. |
Vendor Alerts: | Conectiva:
|
Category:
- Security