Linux Advisory Watch - March 19, 2004

This week, advisories were
released for xitalk, calife, samba, OpenSSL, the Linux kernel, httpd, isakmpd,
and Mozilla. The distributors include Debian, EnGarde, FreeBSD, Gentoo, Mandrake,
OpenBSD, Red Hat, Slackware, and SuSE.

Programming Faults

Vulnerabilities in CGI
scripts and Web applications have been a long time problem of the Internet.
In my opinion, much of this stems from the fact that most Web programmers are
self-taught, or the University classes taken did not sufficiently focus on security.
Years ago when I was a kid first trying to teach myself programming, I was more
concerned with making the programs work rather than coding properly. Years later
when I was a student in computer science courses, I learned many formal aspects
of coding, but not security. The attitude was, and in many cases still is ‘security
is something than can be added later once the application is fully up and running.’
The reality of fact is that in many cases it is never added later. Or the security
improvements that are made are not sufficient. Budgets run out and new projects
take priority. Software will never be secure unless it is a development priority
from the beginning.

In the last few years,
the landscape has changed. Developers are realizing that input should never
be trusted and assumed to be malicious. Books and online guides are now available
to help those wanting to learn more secure techniques to code. If you are a
developer wanting to learn more, or have developers in your IT department that
should be concerned about security, a great place to start is David Wheeler’s
Security Programming for Linux and Unix HOWTO. It is available at the following
URL:

http://www.linuxsecurity.com/docs/LDP/Secure-Programs-HOWTO/

Simply understanding secure
programming techniques if often not enough. To have a full understanding of
the risks involved, exploiting poorly written code is sometimes necessary. Rather
than specifically writing code to exploit, the WebGoat project can be helpful.
It is a project designed to teach secure programming techniques and demonstrate
how the vulnerabilities can be exploited in the real world. The WebGoat project
is available at the following URL:

http://www.owasp.org/development/webgoat/

Until next time, cheers!
Benjamin D. Thomas

LinuxSecurity
Feature Extras:

Security:
MySQL and PHP
– This is the second installation of a 3 part article on LAMP (Linux Apache
MySQL PHP). In order to safeguard a MySQL server to the basic level, one has
to abide by the following guidelines.

Configure
Web/DNS/Mail Securely in 5 Minutes with EnGarde – Web, DNS, and
Mail are the building block services of the Internet. In this article, I show
how to setup a Web, DNS, and Mail server with a few clicks of the mouse using
EnGarde Secure Linux.

Innovative
Open Source Approach to Combating Email Threats
– Guardian Digital, the world’s premier open source security company, has
introduced Content and Policy Enforcement (CAPE) technology, an innovative
open source software system for securing enterprise email operations.

[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]

Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.
[ Subscribe
]


Distribution:			Debian
	3/12/2004	xitalk
		Missing privilege release A local user can exploit this problem and execute arbitrary commands under the GID utmp. Debian advisory 4131

	3/12/2004	calife
		Buffer overflow vulnernability Overflow allows users with any specific superuser privileges in /etc/calife.auth to gain general superuser privileges. Debian advisory 4132

	3/15/2004	samba
		Privilege escalation vulnerability Remote user-owned setuid programs can be accessed via “smbmnt” and used to gain local root privileges. Debian advisory 4133

	3/17/2004	gdk-pixbuf Denial of service vulnerability
		Privilege escalation vulnerability A malformed BMP file can remotely crash programs using this library, such as Evolution. Debian advisory 4137

	3/17/2004	OpenSSL
		Denial of service vulnerabilities Resolves two vulnerabilities explained in http://www.uniras.gov.uk/vuls/2004/224012/index.htm Debian advisory 4143

	3/18/2004	kernel
		2.2.x Privilege escalation vulnerability This patch corrects a root exploit specifically for the 2.2.x kernel on the PowerPC platform. Debian advisory 4147


Distribution:			EnGarde: openssl
	3/17/2004	‘openssl’ DoS
		2.2.x Privilege escalation vulnerability Using a commercial TLS protocol testing suite the OpenSSL Project discovered three vulnerabilities in the OpenSSL toolkit. Engarde advisory 4135

		Denial of service vulnerabilities Engarde Secure Linux is vulnerable to two of three recently discovered Denial of Service attacks against OpenSSL. Engarde advisory 4136


Distribution:			FreeBSD
	3/17/2004	OpenSSL
		Denial of service vulnerabilities Remote attacker can crash OpenSSL by triggering a null pointer dereference. FreeBSD advisory 4144


Distribution:			Gentoo
	3/18/2004	OpenSSL
		Denial of service vulnerabilities Three vulnerabilities have been found in OpenSSL via a commercial test suite for the TLS protocol developed by Codenomicon Ltd. Gentoo advisory 4149


Distribution:			Mandrake
	3/17/2004	OpenSSL
		Denial of service vulnerabilities This update resolves two vulnerabilities in OpenSSL that can remotely trigger a crash. Mandrake advisory 4146


Distribution:			OpenBSD
	3/15/2004	httpd
		Improper rule non-match Using IP addresses without a netmask on big endian 64-bit platforms causes the rules to fail to match. OpenBSD advisory 4134

	3/17/2004	isakmpd
		Denial of service vulnerability An attacker can craft malformed payloads that can cause the isakmpd(8) process to stop processing requests. OpenBSD advisory 4141

	3/17/2004	OpenSSL
		Denial of service vulnerability Remote attacker can trigger a null-pointer dereference, crashing OpenSSL. OpenBSD advisory 4145


Distribution:			Red Hat
	3/17/2004	OpenSSL
		Denial of service vulnerabilities Updated OpenSSL packages that fix a remote denial of service vulnerability are now available for Red Hat Enterprise Linux 2.1. Redhat advisory 4138

	3/17/2004	OpenSSL
		Denial of service vulnerabilities Updated OpenSSL packages that fix several remote denial of service vulnerabilities are available for Red Hat Enterprise Linux 3. Redhat advisory 4139

	3/17/2004	OpenSSL
		Denial of service vulnerabilities Updated OpenSSL packages that fix several remote denial of service vulnerabilities are now available. Redhat advisory 4142

	3/18/2004	Mozilla
		Multiple vulnerabilities This patch resolves a DoS attack, a cross-site scripting vulnerability, and a cookie path escape vulnerability. Redhat advisory 4148


Distribution:			Slackware
	3/18/2004	OpenSSL
		Denial of service vulnerability Fixes available for two potential denial-of-service issues in earlier versions of OpenSSL. Slackware advisory 4150


Distribution:			Suse
	3/17/2004	OpenSSL
		Denial of Service vulnerabilities Resolved null pointer assignment due to handshake and crash with Kerberos cipher-suite support. Suse advisory 4140

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR