July 2, 2004

Linux Advisory Watch - July 2, 2004

Author: Benjamin D. Thomas

This week,
advisories were released for apache, dhcp, kernel, mailman, gzip,
Pavuk, Esearch and libpng. The distributors include Debian, Fedora,
FreeBSD, Gentoo, Mandrake, Suse and Trustix.

Easy Administration

time management mandates a new project, it must immediately be followed
up with hours of research to determine the best course of action.
Important projects can often be pushed aside or delayed because those
tasked with implementation find themselves in a position of not fully
understanding the technology. A fundamental lack of understanding leads
to configuration errors and security vulnerabilities.  When
EnGarde Secure Linux is used, management can have assurance that
systems are setup in the most efficient and secure manner. Staff can
then concentrate on core competencies that accelerate business, rather
than specialized skills  such as server configuration.

free community version of EnGarde Secure Linux is available at
http://www.engardelinux.org.   After downloading the ISO, it
must be burned to a CD then installed on a dedicated machine. The
installation process is remarkably simple and can be accomplished in
about 15 minutes. For corporate users, I recommend using EnGarde Secure
Professional. Users receive source and binary CD-Roms, an annual
subscription to the Guardian Digital Secure Network, installation and
configuration support, 60 days of phone/email support, a printed
configuration manual, and a quick start reference guide.

EnGarde is installed, simple administration tasks such as setting up
users, system access controls, and a backup schedule should be set.
EnGarde servers are managed remotely using a browser through a SSL
connection. Access to the Web interface can be restricted to specific
IP addresses if necessary. In addition to Web, DNS, and Mail
configuration, the Guardian Digital WebTool provides screens to assist
with FTP, SSH, User management, IP access controls, Tripwire, Auditing
reports, and many other typical server features.

For a
detailed example on configuring a server, please see

following URL:


next time, cheers!
Benjamin D. Thomas

Feature Extras:

Source Leaving Microsoft Sitting on the Fence?
- The open source
model, with special regard to Linux, has no doubt become a formidable
competitor to the once sole giant of the software industry,
Microsoft. It is expected when the market share of an industry leader
becomes threatened, retaliation with new product or service offerings
and marketing campaigns refuting the claims of the new found
competition are inevitable. However, in the case of
Microsoft, it seems they have not taken a solid or plausible position
on the use of open source applications as an alternative to Windows.

Interview with Brian
Wotring, Lead Developer for the Osiris Project
- Brian Wotring is
currently the lead developer for the Osiris project and president of
Host Integrity, Inc. He is also the founder of knowngoods.org, an
online database of known good file signatures. Brian is the co-author
of Mac OS X Security and a long-standing member of the Shmoo Group, an
organization of security and cryptography professionals.

Digital Launches Next Generation Secure Mail Suite
Guardian Digital, the premier open source security company, announced
the availability of the next generation Secure Mail Suite, the
industry's most secure open source corporate email system. This latest
edition has been optimized to support the changing needs of enterprise
and small business customers while continually providing protection
from the latest in email security threats.

[ Linux
Advisory Watch
] - [ Linux Security Week
] - [ PacketStorm
] - [ Linux
Security Documentation


Linux Advisory
Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
[ Subscribe
Distribution: Debian
  6/25/2004 apache
    Buffer overflow vulnerability

A remote user could potentially cause arbitrary code to be executed
with the privileges of an Apache httpd child process (by default, user

Debian 4522

Distribution: Fedora
  6/25/2004 dhcp
    Buffer overflow vulnerability

This release fixes a buffer overflow vulnerability in the Fedora Core 2

Fedora 4520

  6/25/2004 kernel
    Multiple vulnerabilities

This patch fixes a large number of bugs, including the famous evil.c
kernel crash.

Fedora 4521

  6/30/2004 ipsec-tools
Non-authentication vulnerability
    Multiple vulnerabilities

When configured to use X.509 certificates to authenticate remote hosts,
ipsec-tools versions 0.3.3 and earlier will not abort the key exchange
if the verification fails.

Fedora 4529

  7/2/2004 kernel
    Privilege change vulnerability

During an audit of the Linux kernel, SUSE discovered a flaw in the
Linux kernel that inappropriately allows an unprivileged user to change
the group ID of a file to his/her own group ID.

Fedora 4532

  7/2/2004 mailman
    Password leak vulnerability

Mailman subscriber passwords could be retrieved by a remote attacker.

Fedora 4533

  7/2/2004 rsync
    Path escape vulnerability

A writing, non-chrooted rsync daemon could write outside of a module's

Fedora 4534

Distribution: FreeBSD
  7/2/2004 kernel
    Improper memory access vulnerability

It may be possible for a local attacker to read and/or overwrite
portions of kernel memory, resulting in disclosure of sensitive
information or potential privilege escalation.

Freebsd 4531

Distribution: Gentoo
  6/25/2004 Apache
    1.3 Buffer overflow vulnerability

A bug in mod_proxy may allow a remote attacker to execute arbitrary
code when Apache is configured a certain way.

Gentoo 4515

  6/25/2004 IPsec-Tools
Non-authentication vulnerability
    1.3 Buffer overflow vulnerability

racoon provided as part of IPsec-Tools fails do proper authentication.

Gentoo 4516

  6/25/2004 gzip
    Insecure temporary file vulnerability

gzip contain a bug potentially allowing an attacker to execute
arbitrary commands.

Gentoo 4517

  6/25/2004 giFT-FastTrack Denial of
service vulnerability
    Insecure temporary file vulnerability

There is a vulnerability where a carefully crafted signal sent to the
giFT-FastTrack plugin will cause the giFT daemon to crash.

Gentoo 4518

  6/25/2004 FreeS/WAN,Openswan,strongSwan
Non-authentication vulnerabilities
    Insecure temporary file vulnerability

FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN contain two bugs
when authenticating PKCS#7 certificates. This could allow an attacker
to authenticate with a fake certificate.

Gentoo 4519

  6/30/2004 mit-krb5 Buffer overflow
    Insecure temporary file vulnerability

These flaws could potentially lead to a complete remote system

Gentoo 4527

  6/30/2004 Pavuk
    Buffer overflow vulnerability

Pavuk contains a bug potentially allowing an attacker to run arbitrary

Gentoo 4528

  7/2/2004 Esearch
    Insecure temp file vulnerability

Non-check for symlinks makes it possible for any user to create
arbitrary files.

Gentoo 4530

Distribution: Mandrake
  6/25/2004 dhcp
    Buffer overflow vulnerabilities

Exploiting these bugs can lead to denial of service or execution of
arbitrary code.

Mandrake 4513

  6/25/2004 kernel
    Multiple vulnerabilities

This patch fixes the famous kernel-crash bug and includes some
driver-related security fixes as well.

Mandrake 4514

  6/30/2004 libpng
    Buffer overflow vulnerability

This buffer overflow can lead to Denial of Service or even remote

Mandrake 4524

  6/30/2004 apache2
    Denial of service vulnerability

Exploiting this can lead to httpd consuming an arbitrary amount of

Mandrake 4525

  6/30/2004 apache
    Buffer overflow vulnerability

If mod_proxy is in use, this can be exploited by a remote user to
execute arbitrary code with user apache's privileges.

Mandrake 4526

Distribution: Suse
  6/25/2004 dhcp/dhcp-server Buffer
overflow vulnerability
    Buffer overflow vulnerability

The CERT informed us about a buffer overflow in the logging code of the
server that can be triggered by a malicious client by supplying
multiple hostnames.

SUSE 4512

Distribution: Trustix
  6/25/2004 libpng,mod_php4,openssl,rsync,slocate,swup
Multiple vulnerabilities
    Buffer overflow vulnerability

Lots of bugs, lots of packages. Enjoy!

Trustix 4511

  6/30/2004 apache,libpng,python Denial
of service vulnerability
    Buffer overflow vulnerability

The apache fix is for a bug that leaves Apache open to a DoS attack,
the others are regular bugfixes.

Trustix 4523



  • Linux
Click Here!