Thomas –
This week, advisories were released for the Linux kernel, eterm,
xaos, ethereal, atftp, gnocatan, nethack, slashem, cupsys, mod_php, zlib, kon2,
gzip, KDE, hanterm, pptpd, cups, and lv. The distributors include Debian, Gentoo,
Immunix, Mandrake, OpenPKG, RedHat, SuSE, Turbolinux, and Yellow Dog.
Last week, I discussed how HIPAA should be viewed as a step in
the right direction, rather than a burden for U.S. healthcare companies. I received
a lot of positive feedback from readers who are happy that they now have an
adequate budget to address security problems. This week, I wanted to take a
look at BS7799 and ISO17799. BS7799 was first developed by the UK Department
of Trade and Industry’s (DTI) Commercial Computer Security Centre (CCSC) and
prepared by the British Standards Institution with the goal of developing a
set of security management standards that can be used across many industries.
Soon after establishing the BS7799, it was submitted to the International Organization
for Standardization (ISO). After several revisions, BS7799 was accepted and
used as a basis for ISO17799.
the specific purpose of providing an established starting point for organizations
to develop an information security program. Similar to HIPAA, the ‘7799’ standards
intend to help an organization maintain strict data confidentiality, integrity,
and availability. The standards and recommendations are written with upper information
security management as an intended audience. What makes up the standards? Each
standard outlines organizations security issues, asset classification, personnel
security, security policy, physical and operational security, access control,
systems development, business continuity management, and standards compliance.
standards. Although one could argue the case that ‘7799’ is incomplete, it does
accomplish its goals. These standards provide the basic building blocks for
constructing an information security program in your organization.
LinuxSecurity Feature Extras:
Real-Time
Alerting with Snort – Real-time alerting is a feature of an IDS or any
other monitoring application that notifies a person of an event in an acceptably
short amount of time. The amount of time that is acceptable is different for
every person.Intrusion
Detection Systems: An Introduction
Intrusion Detection is the process and methodology of inspecting data for
malicious, inaccurate or anomalous activity. At the most basic levels there
are two forms of Intrusion Detection Systems that you will encounter: Host
and Network based.[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It includes pointers
to updated packages and descriptions of each vulnerability.
[ Subscribe
]
| Distribution: | Debian | ||
| 6/9/2003 | kernel | ||
| Multiple vulnerabilities
A number of vulnerabilities have been discovered in the Linux kernel. |
|||
| 6/6/2003 | eterm | ||
| Buffer overflow vulnerability
A number of vulnerabilities have been discovered in the Linux kernel. |
|||
| 6/8/2003 | xaos | ||
| Improper setuid-root execution
A number of vulnerabilities have been discovered in the Linux kernel. |
|||
| 6/11/2003 | ‘ethereal’ buffer/integer overflows | ||
| Improper setuid-root execution
Timo Sirainen discovered several vulnerabilities in ethereal, a network |
|||
| 6/11/2003 | ‘atftp’ buffer overflow | ||
| Improper setuid-root execution
Rick Patel discovered that atftpd is vulnerable to a buffer overflow when |
|||
| 6/11/2003 | ‘gnocatan’ buffer overflows, DoS | ||
| Improper setuid-root execution
Bas Wijnen discovered that the gnocatan server is vulnerable to several |
|||
| 6/11/2003 | ‘nethack’ buffer overflow | ||
| Improper setuid-root execution
The nethack package is vulnerable to a buffer overflow exploited via a long |
|||
| 6/12/2003 | buffer overflow in ‘slashem | ||
| The slashem package is vulnerable to a buffer overflow exploited via a long ‘-s’ command line option. This vulnerability could be used by an attacker to gain gid ‘games’ on a system where slashem is installed. http://www.linuxsecurity.com/advisories/debian_advisory-3353.html |
|||
| 6/12/2003 | ‘cupsys’ DoS | ||
| overflow in ‘slashem’
The CUPS print server in Debian is vulnerable to a denial of service when |
|||
| Distribution: | Gentoo | ||
| 6/8/2003 | mod_php | ||
| Integer overflow vulnerability
Integer overflows have been fixed in several php functions. |
|||
| 6/8/2003 | atftp | ||
| Buffer overflow vulnerability
A buffer overflow has been fixed in atftp. |
|||
| Distribution: | Immunix | ||
| 6/6/2003 | zlib | ||
| buffer overflow vulnerability
Richard Kettlewell has discovered a buffer overflow in zlib’s gzprintf() |
|||
| 6/9/2003 | tetex, psutils, w3c-libwww | ||
| buffer overflow vulnerability
Richard Kettlewell has discovered a buffer overflow in zlib’s gzprintf() |
|||
| Distribution: | Mandrake | ||
| 6/6/2003 | kon2 | ||
| buffer overflow vulnerability
A buffer overflow in the command line parsing can be exploited, leading |
|||
| 6/11/2003 | several | ||
| ‘kernel’ vulnerabilities
Multiple vulnerabilities were discovered and fixed in the Linux kernel. |
|||
| Distribution: | OpenPKG | ||
| 6/11/2003 | ‘gzip’ symlink attack | ||
| info leak
The GNU Bash based znew(1) shell script tried to prevent itself from overwriting |
|||
| Distribution: | RedHat | ||
| 6/6/2003 | KDE | ||
| ssl man-in-the-middle attack
Updated KDE packages that resolve a vulnerability in KDE’s SSL implementation |
|||
| 6/6/2003 | hanterm | ||
| multiple vulnerabilities
Updated hanterm packages fix two security issues. |
|||
| 6/6/2003 | kernel | ||
| advisory updates
We have retracted two bug fix advisories that affected only the S/390 architecture |
|||
| Distribution: | SuSE | ||
| 6/6/2003 | pptpd | ||
| Remote buffer overflow vulnerability
We have retracted two bug fix advisories that affected only the S/390 architecture |
|||
| 6/6/2003 | cups | ||
| Remote DoS vulnerability
We have retracted two bug fix advisories that affected only the S/390 architecture |
|||
| Distribution: | Turbolinux | ||
| 6/6/2003 | lv | ||
| Privilege escalation vulnerability
An attackers may be able to gain the privileges of the user invoking lv. |
|||
| 6/6/2003 | kdelibs | ||
| Privilege escalation vulnerability
An attackers may be able to gain the privileges of the user invoking lv. |
|||
| Distribution: | Yellow Dog | ||
| 6/10/2003 | ‘ghostscript’ vulnerability | ||
| Privilege escalation vulnerability
A flaw in unpatched versions of Ghostscript before 7.07 allows malicious |
|||
| 6/10/2003 | ‘hanterm-xf’ vulnerabilities | ||
| Privilege escalation vulnerability
An attacker can craft an escape sequence that sets the window title of a |
|||
Category:
- Security
