January 10, 2003

Linux Advisory Watch - January 10th 2003

- by:  Benjamin D.
Thomas
-
Linux Advisory Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It includes pointers
to updated packages and descriptions of each vulnerability.

This week, advisories were released for fetchmail, mhonarc, geneweb, xpdf,
canna, tomecat4, FreeBSD kernel, dhcpd, libmcrypt, monopd, http-fetcher, lcdproc,
libpng, pine, cyrus-sasl, ethereal, and mozilla.  The distributors include
Caldera, Debian, Gentoo, FreeBSD, Red Hat, and YellowDog Linux.

LinuxSecurity Feature Extras:

Newest
Members of the Team
- Just to give everyone an idea about who writes
these articles and feature stories that we spend so much of our time reading
each day, I have decided to ask Brian Hatch and Duane Dunston, the newest
members of the LinuxSecurity.com team, a few questions.

Secure
Passwordless Logins with SSH Part 3
- Setting up your accounts
to allow identity-based authentication gives you several new options to
allow passwordless access to those accounts. This week we'll see how well
we can restrict the access granted to these identities.

 

[ Linux
Advisory Watch
] - [ Linux
Security Week
] - [ PacketStorm
Archive
] - [ Linux Security
Documentation
]


 
 
Package: fetchmail
Date: 01-09-2002
Description: Heap-based
buffer overflow in fetchmail does not account for the "@" character when
determining buffer lengths for local addresses, which allows remote attackers
to execute arbitrary code via a header with a large number of local addresses.
Vendor Alerts: Caldera:
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/
Server/CSSA-2003-001.0/RPMS
fetchmail-6.1.0-4.src.rpm
8324bf38216402b13657e3a137c04f52 

Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-2742.html

 

Package: mhonarc
Date: 01-03-2002
Description: Earl
Hood, author of mhonarc, a mail to HTML converter, discovered a cross site
scripting vulnerability in this package.  A specially crafted HTML
mail message can introduce foreign scripting content in archives, by-passing
MHonArc's HTML script filtering.
Vendor Alerts: Debian:
 

http://security.debian.org/pool/updates/main/m/
mhonarc/mhonarc_2.4.4-1.3_all.deb
Size/MD5 checksum:  
453522 4d0b4ed0497569652dfce1544826d959
 

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2714.html

 

Package: geneweb
Date: 01-07-2002
Description: A
security issue has been discovered by Daniel de Rauglaudre, upstream author
of geneweb, a genealogical software with web interface.  It runs as
a daemon on port 2317 by default.  Paths are not properly sanitized,
so a carefully crafted URL lead geneweb to read and display arbitrary files
of the system it runs on. 
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/main/g/
geneweb/geneweb_4.06-2_i386.deb
Size/MD5 checksum: 
1684746 5057e9e6b03bb4d0d6878952b501e219

http://security.debian.org/pool/updates/main/g/
geneweb/gwtp_4.06-2_i386.deb
Size/MD5 checksum:  
144480 9c0734678de3b35399d98b421bf6943e
 

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2734.html

 

Package: xpdf
Date: 01-06-2002
Description: iDEFENSE
discovered an integer overflow in the pdftops filter from the xpdf package
that can be exploited to gain the privileges of the target user. 
This can lead to gaining privileged access to the 'lp' user if thee pdftops
program is part of the print filter.
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/main/x/xpdf/
xpdf_0.90-8.1_i386.deb
Size/MD5 checksum:  
970292 903b558758cecb9010d49bc011feba9c

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2735.html

 

Package: canna
Date: 01-08-2002
Description: Several
vulnerabilities have been discovered in canna, a Japanese input system. 
Vendor Alerts: Debian:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2738.html

 

Package: tomcat4
Date: 01-08-2002
Description: A
security vulnerability has been confirmed to exist in Apache Tomcat 4.0.x
releases, which allows to use a specially crafted URL to return the unprocessed
source of a JSP page, or, under special circumstances,
a static resource
which would otherwise have been protected by a security constraint, without
the need for being properly authenticated.
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/contrib/t/tomcat4/
libtomcat4-java_4.0.3-3woody2_all.deb
Size/MD5 checksum: 
1134258 680c67daebdd36eb879ce593e6362f3b

http://security.debian.org/pool/updates/contrib/t/tomcat4/
tomcat4-webapps_4.0.3-3woody2_all.deb
Size/MD5 checksum: 
1167502 34f71826d8441f967e3da0ee4ab9a1be

http://security.debian.org/pool/updates/contrib/t/tomcat4/
tomcat4_4.0.3-3woody2_all.deb
Size/MD5 checksum:  
126444 e7dbc07086a7e349474bff877342cb6d

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2740.html

 

Package: FreeBSD
kernel
Date: 01-08-2002
Description: A
local attacker may cause the operating system to crash by repeatedly calling
fpathconf on a file descriptor until the reference count wraps to a negative
value, and then calling close on that file descriptor.
Vendor Alerts: FreeBSD:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/freebsd_advisory-2736.html

 

 

Package: dhcpd
Date: 01-08-2002
Description: When
assigning an IP address to a network interface, dhcpcd may execute an external
script, '/sbin/dhcpd-.exe'. This is an optional configuration that must
be setup manually on Gentoo Linux systems by copying the script into /sbin/.
Vendor Alerts: Gentoo:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/gentoo_advisory-2729.html

 

Package: libmcrypt
Date: 01-05-2002
Description: limbcrypt
versions prior to 2.5.5 contain a number of buffer overflow vulnerabilities
that stem from imporper or lacking input validation. By  passing a
longer then expected input to a number of functions (multiple functions
are affected) the user can successful make libmcrypt crash.
 
Vendor Alerts: Gentoo:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/gentoo_advisory-2730.html

 

 

Package: monopd
Date: 01-06-2002
Description: A
buffer overflow exist in the messaging framework which would allow a remote
user to execute commands as the user running the game server.
Vendor Alerts: Gentoo:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/gentoo_advisory-2731.html

 

Package: http-fetcher
Date: 01-06-2002
Description: "HTTP
Fetcher library is exposed to very fatal buffer overflow. And, It influences
in other several programs."
Vendor Alerts: Gentoo:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/gentoo_advisory-2732.html

 

Package: lcdproc
Date: 01-06-2002
Description: "The
vulnerabilities in LCDproc allow an attacker to remotely execute arbitrary
code or cause the LCDproc server to crash."
Vendor Alerts: Gentoo:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/gentoo_advisory-2737.html

 

Package: libpng
Date: 01-08-2002
Description: "Glenn
Randers-Pehrson discovered a problem in connection with 16-bit samples
from libpng, an interface for reading and writing PNG (Portable Network
Graphics) format files.  The starting offsets for the loops are calculated
incorrectly which causes a buffer overrun beyond the beginning of the row
buffer."
Vendor Alerts: Gentoo:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/gentoo_advisory-2739.html

 

Package: pine
Date: 01-03-2002
Description: A
vulnerability in Pine version 4.44 and earlier releases can causePine to
crash when sent a carefully crafted email.
Vendor Alerts: Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/pine-4.44-14.80.0.i386.rpm
318ce94f802f8a03fb6c9e66991d52f0 

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2715.html
 

YellowDog

YellowDog Vendor
Advisory:

http://www.linuxsecurity.com/advisories/yellowdog_advisory-2716.html

 

Package: cyrus-sasl
Date: 01-03-2002
Description: Updated
cyrus-sasl packages are now available for Red Hat Linux 8.0.  These
packages close buffer overflows present in Cyrus SASL 2.1 and later.
Vendor Alerts: Red Hat:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2733.html

 

Package: ethereal
Date: 01-09-2002
Description: Updated
Ethereal packages are available which fix various security issues.
Vendor Alerts: Red Hat:
ftp://updates.redhat.com/8.0/en/os/i386/ethereal-0.9.8-0.80.0.i386.rpm
cc5e2bd268c457add3c0514619873c25

ftp://updates.redhat.com/8.0/en/os/i386/ethereal-gnome-0.9.8-0.80.0.i386.rpm
b7ab974fa760948f98698252aef212d7 

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-2741.html

 

Package: mozilla
Date: 01-05-2002
Description: "Mozilla
is an open source web browser. Versions of Mozilla previous to version
1.0.1 contain various security vulnerabilities. These vulnerabilities could
be used by an attacker to read data off of the local hard drive, to gain
information that should normally be kept private, and in some cases to
execute arbitrary code. For more information on the specific vulnerabilities
fixed please see the references below.
Vendor Alerts: YellowDog:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

YellowDog Vendor Advisory:
http://www.linuxsecurity.com/advisories/yellowdog_advisory-2717.html

 

Category:

  • Security
Click Here!