Linux Advisory Watch – June 18, 2004

49

Author: Benjamin D. Thomas

LinuxSecurity.com:This week,
advisories were released for cvs, krb5, kernel, subversion, ethereal,
squirrelmail, gallery, Webmin, squid, aspell and tripwire The
distributors include Debian, Fedora, Gentoo, Red Hat, Slackware, Suse,
and Trustix.

Open Source Vulnerability Database

The open source community has long been fueled by the drive and
inspiration of those wishing to produce software for the good of
everyone. Open source allows its users to achieve things that would
have otherwise not been possible. Often, proprietary software is too
expensive, not flexible, and full of bugs. Users of proprietary
software work at the mercy of their vendors with little to no influence
on features or functionality. Those organizations who demand security
often have trouble getting proprietary software vendors to comply. Open
source is a great solution for those wishing to have complete control
including over security, flexibility, and functionality.

Open source thrives on those wishing to share their work for the
benefit of the community. To have a successful open source project, it
must be backed by individuals who are ultimately committed to the
project. Contributors must be willing donate time and money for the
advancement of the cause. Often, open source projects are not properly
funded until they are already well established.

Recently, I
have had the great pleasure of talking with Tyler Owen, a contributor
to the Open Source Vulnerability Database project. He, and others
associated with the project have shown a lot of initiative. Although it
has been slow getting off the ground, there has been a renewed
commitment to provide the open source community with a database that
indexes security vulnerabilities. Rather than individual open source
users being burdened with keep track of them, OSVDB is striving for it
to be a more collaborative process so that work is not duplicated and
everyone can benefit.

Full
Interview Text Available:

http://www.linuxsecurity.com/feature_stories/feature_story-156.html

Until next
time, cheers!
Benjamin D. Thomas

LinuxSecurity
Feature Extras:

Interview with Brian
Wotring, Lead Developer for the Osiris Project
– Brian Wotring is
currently the lead developer for the Osiris project and president of
Host Integrity, Inc. He is also the founder of knowngoods.org, an
online database of known good file signatures. Brian is the co-author
of Mac OS X Security and a long-standing member of the Shmoo Group, an
organization of security and cryptography professionals.

Guardian
Digital Launches Next Generation Secure Mail Suite

Guardian Digital, the premier open source security company, announced
the availability of the next generation Secure Mail Suite, the
industry’s most secure open source corporate email system. This latest
edition has been optimized to support the changing needs of enterprise
and small business customers while continually providing protection
from the latest in email security threats.

Linux
and National Security
– As the open source industry grows
and becomes more widely accepted, the use of Linux as a secure
operating system is becoming a prominent choice among corporations,
educational institutions and government sectors. With national security
concerns at an all time high, the question remains: Is Linux secure
enough to successfully operate the government and military’s most
critical IT applications?

[ Linux
Advisory Watch
] – [ Linux Security Week
] – [ PacketStorm
Archive
] – [ Linux
Security Documentation
]

 


Linux Advisory
Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.
[ Subscribe
]


 
Distribution: Debian
  6/17/2004 cvs
    Multiple vulnerabilities

Sebastian Krahmer and Stefan Esser discovered several vulnerabilities
in the CVS server during a code audit.

Debian advisory 4483

 
  6/17/2004 krb5
    Buffer overflow
vulnerability

This overflow only applies if aname_to_localname is enabled in the
configuration (not default).

Debian advisory 4484

 
 
Distribution: Fedora
  6/17/2004 kernel
    2.6.6 Security
enchancement

This upgrade is not specifically secuity; it fixes many kernel bugs and
adds support for stack non-execution on some systems, which is
important in guarding against buffer overflows.

Fedora advisory 4478

 
  6/17/2004 cvs
    Multiple vulnerabilities

Many vulnerabilities, discovered in a recent audit of cvs, are fixed.

Fedora advisory 4479

 
  6/17/2004 subversion
    Heap overflow
vulnerability

If using the svnserve daemon, an unauthenticated client may be able
execute arbitrary code as the daemon’s user.

Fedora advisory 4480

 
  6/17/2004 kernel
    2.6.6 Denial of service
vulnerability

This update includes a fix for the local denial of service as described
in linuxreviews.org.

Fedora advisory 4481

 
  6/17/2004 ethereal
    Security patch correction

These new packages fix a bug in the last errata where the actual
security patch didn’t get applied.

Fedora advisory 4482

 
 
Distribution: Gentoo
  6/17/2004 subversion
    Heap overflow
vulnerability

Subversion is vulnerable to a remote Denial of Service that may be
exploitable to execute arbitrary code

Gentoo advisory 4470

 
  6/17/2004 squirrelmail
    Cross site scripting
vulnerability

Squirrelmail fails to properly sanitize user input, which could lead to
a compromise of webmail accounts.

Gentoo advisory 4471

 
  6/17/2004 Horde-Chora
Code injection
vulnerability
    Cross site scripting
vulnerability

A vulnerability in Chora allows remote code execution and file upload.

Gentoo advisory 4472

 
  6/17/2004 gallery
    Privilege escalation
vulnerability

Vulnerability may allow an attacker to gain administrator privileges
within Gallery.

Gentoo advisory 4473

 
  6/17/2004 Horde-IMP
Input validation
vulnerability
    Privilege escalation
vulnerability

Horde-IMP fails to properly sanitize email messages that contain
malicious HTML or script code.

Gentoo advisory 4474

 
  6/17/2004 Webmin
    Multiple vulnerabilities

Webmin contains two security vulnerabilities which could lead to a
denial of service attack and information disclosure.

Gentoo advisory 4475

 
  6/17/2004 squid
    Buffer overflow
vulnerability

Squid contains a bug where it fails to properly check bounds of the
‘pass’ variable.

Gentoo advisory 4476

 
  6/17/2004 aspell
    Buffer overflow
vulnerability

A bug in the aspell utility word-list-compress can allow an attacker to
execute arbitrary code.

Gentoo advisory 4477

 
 
Distribution: Red
Hat
  6/17/2004 squirrelmail
    Multiple vulnerabilities

This patch resolves cross-site scripting and SQL injection
vulnerabilities.

Red Hat advisory 4467

 
  6/17/2004 tripwire
    Format string
vulnerability

If Tripwire is configured to send reports via email, a local user could
gain privileges by creating a carefully crafted file.

Red Hat advisory 4468

 
  6/17/2004 httpd,mod_ssl
Buffer
overflow vulnerability
    Format string
vulnerability

Updated httpd and mod_ssl packages that fix minor security issues in
the Apache Web server are now available for Red Hat Enterprise Linux
2.1.

Red Hat advisory 4469

 
 
Distribution: Slackware
  6/15/2004 kernel
    2.4.26 Denial of service
vulnerability

Patch resolves ability of local user to crash the kernel.

Slackware advisory 4463

 
 
Distribution: Suse
  6/17/2004 kernel
    Denial of service
vulnerability

The Linux kernel is vulnerable to a local denial-of-service attack by
non-privileged users.

SUSE advisory 4465

 
  6/17/2004 subversion
    Heap overflow
vulnerability

This heap overflow is exploitable even before authentication of users.

SUSE advisory 4466

 
 
Distribution: Trustix
  6/17/2004 kernel
    Denial of service
vulnerability

Stian Skjelstad discovered a bug whereby a non-privileged user can
crash the kernel.

Trustix advisory 4464