Thomas –
Linux Advisory Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It includes pointers
to updated packages and descriptions of each vulnerability.
This week, advisories were released for fetchmail, mhonarc, geneweb, xpdf,
canna, tomecat4, FreeBSD kernel, dhcpd, libmcrypt, monopd, http-fetcher, lcdproc,
libpng, pine, cyrus-sasl, ethereal, and mozilla. The distributors include
Caldera, Debian, Gentoo, FreeBSD, Red Hat, and YellowDog Linux.
LinuxSecurity Feature Extras:
Newest
Members of the Team – Just to give everyone an idea about who writes
these articles and feature stories that we spend so much of our time reading
each day, I have decided to ask Brian Hatch and Duane Dunston, the newest
members of the LinuxSecurity.com team, a few questions.Secure
Passwordless Logins with SSH Part 3 – Setting up your accounts
to allow identity-based authentication gives you several new options to
allow passwordless access to those accounts. This week we’ll see how well
we can restrict the access granted to these identities.
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
| Package: | fetchmail |
| Date: | 01-09-2002 |
| Description: | Heap-based buffer overflow in fetchmail does not account for the “@” character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. |
| Vendor Alerts: | Caldera:
|
| Package: | mhonarc |
| Date: | 01-03-2002 |
| Description: | Earl Hood, author of mhonarc, a mail to HTML converter, discovered a cross site scripting vulnerability in this package. A specially crafted HTML mail message can introduce foreign scripting content in archives, by-passing MHonArc’s HTML script filtering. |
| Vendor Alerts: | Debian:
|
| Package: | geneweb |
| Date: | 01-07-2002 |
| Description: | A security issue has been discovered by Daniel de Rauglaudre, upstream author of geneweb, a genealogical software with web interface. It runs as a daemon on port 2317 by default. Paths are not properly sanitized, so a carefully crafted URL lead geneweb to read and display arbitrary files of the system it runs on. |
| Vendor Alerts: | Debian:
|
| Package: | xpdf |
| Date: | 01-06-2002 |
| Description: | iDEFENSE discovered an integer overflow in the pdftops filter from the xpdf package that can be exploited to gain the privileges of the target user. This can lead to gaining privileged access to the ‘lp’ user if thee pdftops program is part of the print filter. |
| Vendor Alerts: | Debian:
|
| Package: | canna |
| Date: | 01-08-2002 |
| Description: | Several vulnerabilities have been discovered in canna, a Japanese input system. |
| Vendor Alerts: | Debian:
|
| Package: | tomcat4 |
| Date: | 01-08-2002 |
| Description: | A security vulnerability has been confirmed to exist in Apache Tomcat 4.0.x releases, which allows to use a specially crafted URL to return the unprocessed source of a JSP page, or, under special circumstances, a static resource which would otherwise have been protected by a security constraint, without the need for being properly authenticated. |
| Vendor Alerts: | Debian:
|
| Package: | FreeBSD kernel |
| Date: | 01-08-2002 |
| Description: | A local attacker may cause the operating system to crash by repeatedly calling fpathconf on a file descriptor until the reference count wraps to a negative value, and then calling close on that file descriptor. |
| Vendor Alerts: | FreeBSD:
|
| Package: | dhcpd |
| Date: | 01-08-2002 |
| Description: | When assigning an IP address to a network interface, dhcpcd may execute an external script, ‘/sbin/dhcpd-.exe’. This is an optional configuration that must be setup manually on Gentoo Linux systems by copying the script into /sbin/. |
| Vendor Alerts: | Gentoo:
|
| Package: | libmcrypt |
| Date: | 01-05-2002 |
| Description: | limbcrypt versions prior to 2.5.5 contain a number of buffer overflow vulnerabilities that stem from imporper or lacking input validation. By passing a longer then expected input to a number of functions (multiple functions are affected) the user can successful make libmcrypt crash. |
| Vendor Alerts: | Gentoo:
|
| Package: | monopd |
| Date: | 01-06-2002 |
| Description: | A buffer overflow exist in the messaging framework which would allow a remote user to execute commands as the user running the game server. |
| Vendor Alerts: | Gentoo:
|
| Package: | http-fetcher |
| Date: | 01-06-2002 |
| Description: | “HTTP Fetcher library is exposed to very fatal buffer overflow. And, It influences in other several programs.” |
| Vendor Alerts: | Gentoo:
|
| Package: | lcdproc |
| Date: | 01-06-2002 |
| Description: | “The vulnerabilities in LCDproc allow an attacker to remotely execute arbitrary code or cause the LCDproc server to crash.” |
| Vendor Alerts: | Gentoo:
|
| Package: | libpng |
| Date: | 01-08-2002 |
| Description: | “Glenn Randers-Pehrson discovered a problem in connection with 16-bit samples from libpng, an interface for reading and writing PNG (Portable Network Graphics) format files. The starting offsets for the loops are calculated incorrectly which causes a buffer overrun beyond the beginning of the row buffer.” |
| Vendor Alerts: | Gentoo:
|
| Package: | pine |
| Date: | 01-03-2002 |
| Description: | A vulnerability in Pine version 4.44 and earlier releases can causePine to crash when sent a carefully crafted email. |
| Vendor Alerts: | Red Hat:
YellowDog
|
| Package: | cyrus-sasl |
| Date: | 01-03-2002 |
| Description: | Updated cyrus-sasl packages are now available for Red Hat Linux 8.0. These packages close buffer overflows present in Cyrus SASL 2.1 and later. |
| Vendor Alerts: | Red Hat:
|
| Package: | ethereal |
| Date: | 01-09-2002 |
| Description: | Updated Ethereal packages are available which fix various security issues. |
| Vendor Alerts: | Red Hat:
|
| Package: | mozilla |
| Date: | 01-05-2002 |
| Description: | “Mozilla is an open source web browser. Versions of Mozilla previous to version 1.0.1 contain various security vulnerabilities. These vulnerabilities could be used by an attacker to read data off of the local hard drive, to gain information that should normally be kept private, and in some cases to execute arbitrary code. For more information on the specific vulnerabilities fixed please see the references below. |
| Vendor Alerts: | YellowDog:
|
Category:
- Security
