Thomas –
This week, advisories were released for pam, gnupg, mpg123,
ucd-snmp, phpgroupware, traceroute-nanog, nfs-utils, falconseye, php4, unzip,
radius, gtksee, kernel, mozilla, xpdf, apache, and ypserv. The distributors
include Conectiva, Debian, Gentoo, Immunix, Mandrake, Red Hat, Slackware, SuSE,
Trustix, and Turbo Linux.
One of the most frequently recurring annoyances that I have had about
vendor vulnerability announcements is the lack of standardization. Why am I concerned about
standards? As a seasoned Linux user, I have become accustom to the various formatting
techniques of each vendor. Other less experienced users may have trouble determining
exactly what to update from poorly organized advisories. One of the most consistently
good distributions is Red Hat. Each week, it releases advisories with an informative
but concise history of each vulnerability, links to all updated packages, information
on how to update, and MD5 checksums for each updated file.
Another consistent distribution is Debian. The presentation is similar to
Red Hat, but Debian chooses to include the MD5 checksum below each URL. This
simple difference can save an administrator time when verifying each file. Rather
than having to look the hash up in a table, it is easier to find and identify.
Other distributions such as Immunix and Gentoo provide very little information
in each advisory — only a very short description and links to updated packages,
or instructions how to update the software is given. I prefer the
Red Hat/Debian style because I am concerned about having an informed idea of
what I am applying. Others may prefer shorter advisories so they don’t have to waste time sifting through mounds of information.
Is there a solution? The closest to a standardization that I have found is
the VulnXML project, an open XML DTD to regulate the creation
of XML-type security advisories. Rather than plain text, vendors are encouraged
to release advisories as an XML document resulting in more consistency. With
this, users will ultimately have an easier understanding of the advisories released.
Web sites will then have the ability to format advisories for better readability
and indexing. I commend the VulnXML development team for establishing this project.
I am anxious to see how it progresses. Probably the most difficult aspect will
be getting vendors to participate. Initially, I see this getting started by
recruiting volunteers to “translate” new advisories. As community support and
demand grows for VulnXML advisories, vendors will conform.
Until next time,
Benjamin D. Thomas
LinuxSecurity Feature Extras:
REVIEW:
Linux Security Cookbook – There are rarely straightforward solutions
to real world issues, especially in the field of security. The Linux Security
Cookbook is an essential tool to help solve those real world problems. By
covering situations that apply to everyone from the seasoned Systems Administrator
to the security curious home user, the Linux Security Cookbook distinguishes
itself as an indispensible reference for security oriented individuals.Real-Time
Alerting with Snort – Real-time alerting is a feature of an IDS or
any other monitoring application that notifies a person of an event in an
acceptably short amount of time. The amount of time that is acceptable is
different for every person.[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
that outlines the security vulnerabilities that have been announced throughout
the week. It includes pointers to updated packages and descriptions of each
vulnerability.
[ Subscribe
]
Distribution: | Conectiva | ||
7/11/2003 | pam | ||
Local vulnerability Andreas Beck discovered[1] a vulnerability in the use of pam_xauth by |
|||
7/11/2003 | gnupg | ||
Key validity vulnerability During the development of GnuPG 1.2.2, a bug has been found in the key validation code
|
|||
7/15/2003 | mpg123 | ||
buffer overflow vulnerability
A vulnerability[1] in the way mpg123 handles mp3 files with a bitrate of zero may allow attackers to execute arbitrary code using a specially crafted mp3 file. |
|||
7/15/2003 | ucd-snmp heap overflow vulnerability | ||
buffer overflow vulnerability
There is a remote heap overflow vulnerability in snmpnetstat (a tool used to retrieve information about a remote host). |
|||
7/16/2003 | ucd-snmp remote heap overflow vulnerability | ||
buffer overflow vulnerability
There is a remote heap overflow vulnerability in snmpnetstat . |
|||
7/16/2003 | phpgroupware | ||
mulitple XSS vulnerabilities
There are several “cross-site-scripting” vulnerabilities in versions of phpgroupware |
|||
Distribution: | Debian | ||
7/14/2003 | traceroute-nanog buffer overflow vulnerability | ||
mulitple XSS vulnerabilities
traceroute-nanog, an enhanced version of the common traceroute program, |
|||
7/14/2003 | nfs-utils buffer overflow vulnerability | ||
mulitple XSS vulnerabilities
The logging code in nfs-utils contains an off-by-one buffer overrun when |
|||
7/15/2003 | falconseye | ||
buffer overflow vulnerability
The falconseye package is vulnerable to a buffer overflow exploited via |
|||
7/17/2003 | php4 | ||
XSS vulnerability
|
|||
Distribution: | Gentoo | ||
7/11/2003 | unzip | ||
Directory traversal vulnerability By inserting invalid characters between “..” attackers can overwrite |
|||
7/11/2003 | cistronradius | ||
Buffer overflow vulnerability Allows remote attackers to cause a denial of service and possibly execute |
|||
7/11/2003 | ypserv | ||
Remote denial of service Allows remote attackers to cause a denial of service via a TCP client |
|||
7/11/2003 | gtksee | ||
Buffer overflow vulnerability Attackers can use carefully crafted png pictures to execute arbitrary |
|||
Distribution: | Immunix | ||
7/16/2003 | nfs-utils off-by-one overflow vulnerability | ||
Buffer overflow vulnerability
|
|||
Distribution: | Mandrake | ||
7/17/2003 | kernel | ||
mulitple vulnerabilities
Multiple vulnerabilities were discovered and fixed in the Linux kernel. |
|||
Distribution: | RedHat | ||
7/14/2003 | nfs-utils denial of service vulnerability | ||
mulitple vulnerabilities
Updated nfs-utils packages are available that fix a remotely exploitable |
|||
7/15/2003 | mozilla | ||
heap overflow vulnerability
A heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL referencing a malformed .jar file, which overflows a buffer during decompression. |
|||
7/17/2003 | xpdf | ||
arbitrary code execution vulnerability
Updated Xpdf packages are available that fix a vulnerability where a malicious |
|||
Distribution: | Slackware | ||
7/15/2003 | nfs-utils denial of service vulnerability | ||
arbitrary code execution vulnerability
This fixes an off-by-one buffer overflow in xlog.c which could be used by an attacker to produce a denial of NFS service, or to execute arbitrary code. |
|||
7/16/2003 | nfs-utils off-by-one overflow vulnerability | ||
arbitrary code execution vulnerability
There is an off-by-one overflow in xlog() in the nfs-utils package. |
|||
Distribution: | SuSe | ||
7/15/2003 | nfs-utils denial of service vulnerability | ||
arbitrary code execution vulnerability
There is an off-by-one bug in the xlog() function used by the rpc.mountd. It is possible for remote attackers to use this off-by-one overflow to execute arbitrary code as root. |
|||
Distribution: | Trustix | ||
7/11/2003 | apache | ||
Multiple vulnerabilities
Multiple vulnerabilities including a possible buffer overflow have been fixed. |
|||
Distribution: | Turbo Linux | ||
7/17/2003 | ypserv | ||
denial of service vulnerability
The vulnerability allow an attacker can cause to denial of service of the ypserv. |
|||
Category:
- Linux