March 28, 2003

Linux Advisory Watch - March 28th, 2003

- By Benjamin D.
Thomas
-
This week, advisories were released for openssl, apcupsd, bonsai, krb5, lpr,
mutt, heimdal, kernel, ecartis, glibc, mysql, bitchx, mod_ssl, netpbm, rxvt,
zlib, evolution, samba, kerberos, ethereal, and file.  The distributors
include, Caldera, Debian, Guardian Digital's EnGarde Secure Linux, Gentoo, Mandrake,
NetBSD, Red Hat, SuSE, Trustix, and Turbolinux.

LinuxSecurity Feature Extras:

Making
It Big: Large Scale Network Forensics (Part 1 of 2)
- Computer
forensics have hit the big time. A previously superniche technology, forensics
have moved into the collective consciousness of IT sys. admins. and Corporate
CSOs.

Remote
Syslog with MySQL and PHP
- Msyslog has the ability to log syslog
messages to a database. This allows for easier monitoring of multiple servers
and the ability to be display and search for syslog messages using PHP
or any other programming language that can communicate with the database.by
that, too.

[ Linux
Advisory Watch
] - [ Linux
Security Week
] - [ PacketStorm
Archive
] - [ Linux Security
Documentation
]
 

 The Linux Advisory Watch newsletter is developed by the community
of volunteers at LinuxSecurity.com
and sponsored by Guardian Digital, Inc., the open
source security company.    


 
 
Package: openssl
Date: 03-22-2003
Description: Researchers
have discovered a timing attack on RSA keys, to which OpenSSL is generally
vulnerable, unless RSA blinding has been turned on.
Vendor Alerts: Caldera:
openssl-0.9.6-21.i386.rpm
cae226f7eb06d23837e4f253c024cc77 
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/
Server/CSSA-2003-014.0/RPMS

Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-3039.html
 

FreeBSD:

FreeBSD Vendor
Advisory:

http://www.linuxsecurity.com/advisories/freebsd_advisory-3035.html

Gentoo:

Gentoo Vendor
Advisory:

http://www.linuxsecurity.com/advisories/gentoo_advisory-3042.html

Mandrake:

Mandrake Vendor
Advisory:

http://www.linuxsecurity.com/advisories/mandrake_advisory-3063.html

NetBSD:

NetBSD Vendor
Advisory:

http://www.linuxsecurity.com/advisories/netbsd_advisory-3069.html
http://www.linuxsecurity.com/advisories/netbsd_advisory-3069.html 

Trustix:

Trustix Vendor
Advisory:

http://www.linuxsecurity.com/advisories/trustix_advisory-3074.html
http://www.linuxsecurity.com/advisories/trustix_advisory-3074.html 

TurboLinux:

TurboLInux Vendor
Advisory:

http://www.linuxsecurity.com/advisories/turbolinux_advisory-3075.html

 

Package: apcupsd
Date: 03-22-2003
Description: Multiple
vulnerabilities in apcupsd including a buffer overflow and format string
vulnerability have been fixed.
Vendor Alerts: Caldera:
apcupsd-3.8.6-1.i386.rpm
a2c0d41800f62383c65f77858f0c3898 
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/
Server/CSSA-2003-014.0/RPMS

Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-3057.html
http://www.linuxsecurity.com/advisories/caldera_advisory-3057.html 

SuSE:

SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-3060.html

 

Package: bonsai
Date: 03-21-2003
Description: Several
security related bugs have been fix in bonsai.
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/main/b/bonsai/
bonsai_1.3+cvs20020224-1woody1_i386.deb
Size/MD5 checksum:  
154122 c2b39dfcfc33c3752afcb744323a91a2

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3025.html

 

Package: krb5
Date: 03-21-2003
Description: Several
vulnerabilities have been discovered in krb5, an implementation of MIT
Kerberos.
Vendor Alerts: Debian:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3040.html

 

Package: lpr
Date: 03-24-2003
Description: A
buffer overflow has been discovered in lpr, a BSD lpr/lpd line printer
spooling system.  This problem can be exploited by a local user to
gain root privileges, even if the printer system is set up properly.
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/main/l/lpr/lpr_0.48-1.1_i386.deb
Size/MD5 checksum:   
85960 1758a9683ae487c20f46a73ba32d9c15
 

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3050.html
http://www.linuxsecurity.com/advisories/debian_advisory-3050.html 

TurboLinux:

TurboLinux Vendor
Advisory:

http://www.linuxsecurity.com/advisories/turbolinux_advisory-3047.html

 

Package: mutt
Date: 03-25-2003
Description: Core
Security Technologies discovered a buffer overflow in the IMAP code of
Mutt, a text-oriented mail reader supporting IMAP, MIME, GPG, PGP and threading. 
This problem allows a remote malicious IMAP server to cause a denial of
service (crash) and possibly execute arbitrary code via a specially crafted
mail folder.
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/main/m/
mutt/mutt_1.3.28-2.1_i386.deb
Size/MD5 checksum: 
1301398 f20f7221425af30530cc4c32fa93c5d9

http://security.debian.org/pool/updates/main/m/
mutt/mutt-utf8_1.3.28-2.1_i386.deb
Size/MD5 checksum:  
360742 c37eb100e007a5afa6fbcc6174f01266

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3064.html
 

Gentoo:

Gentoo Vendor
Advisory:

http://www.linuxsecurity.com/advisories/gentoo_advisory-3041.html

SuSE:

SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-3045.html

 

Package: heimdal
Date: 03-25-2003
Description: A
cryptographic weakness in version 4 of the Kerberos protocol allows an
attacker to use a chosen-plaintext attack to impersonate any principal
in a realm.  Additional cryptographic weaknesses in the krb4 implementation
permit the use of cut-and-paste attacks to fabricate
krb4 tickets
for unauthorized client principals if triple-DES keys are used to key krb4
services.  These attacks can subvert a site's entire Kerberos authentication
infrastructure.
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/main/h/heimdal/
heimdal-docs_0.4e-7.woody.6_all.deb
Size/MD5 checksum: 
1055480 e22766e034934ac5b6664468d1bd39c4

http://security.debian.org/pool/updates/main/h/heimdal/
heimdal-lib_0.4e-7.woody.6_all.deb
Size/MD5 checksum:   
19456 3be2de9ba824fd90ec6f0df606e9d716
 

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3065.html

 

Package: kernel
Date: 03-27-2003
Description: The
kernel module loader in Linux 2.2 and Linux 2.4 kernels has a flaw in ptrace. 
This hole allows local users to obtain root privileges by using ptrace
to attach to a child process that is spawned by the kernel.  Remote
exploitation of this hole is not possible.
Vendor Alerts: Debian:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3071.html
 

SuSE:

SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-3060.html

 

Package: ecartis
Date: 03-27-2003
Description: A
problem has been discovered in ecartis, a mailing list manager, formerly
known as listar.  This vulnerability enables an attacker to reset
the password of any user defined on the list server, including the list
admins.
Vendor Alerts: Debian:
http://security.debian.org/pool/updates/main/l/listar/
listar_0.129a-2.potato3_i386.deb
Size/MD5 checksum:  
301830 aa8d67d1f07cb0a769d2030708e3725c

http://security.debian.org/pool/updates/main/l/listar/
listar-cgi_0.129a-2.potato3_i386.deb
Size/MD5 checksum:   
25342 efd78841548a3e97b0d0557e8b360a3d

Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-3076.html

 

Package: glibc
Date: 03-21-2003
Description: This
update fixes an integer overflow in the xdrmem_getbytes() function of glibc.
Vendor Alerts: EnGarde:
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/

i386/glibc-2.1.3-1.0.7.i386.rpm
MD5 Sum: 555c7d9d0f43887fe1c2ddf16eb1555b

EnGarde Vendor Advisory:
http://www.linuxsecurity.com/advisories/engarde_advisory-3024.html
 

Gentoo:

Gentoo Vendor
Advisory:

http://www.linuxsecurity.com/advisories/gentoo_advisory-3051.html

Mandrake:

Mandrake Vendor
Advisory:

http://www.linuxsecurity.com/advisories/mandrake_advisory-3059.html

NetBSD:

NetBSD Vendor
Advisory:

http://www.linuxsecurity.com/advisories/netbsd_advisory-3067.html
http://www.linuxsecurity.com/advisories/netbsd_advisory-3067.html 

Trustix:

Trustix Vendor
Advisory:

http://www.linuxsecurity.com/advisories/trustix_advisory-3073.html

 

Package: mysql
Date: 03-21-2003
Description: Versions
of MySQL prior to 3.23.56 contained a vulnerability which could allow MySQL
users to gain root privileges by using "SELECT * INFO OUTFILE" to overwrite
a configuration file, causing MySQL to run as root upon its next restart.
Vendor Alerts: EnGarde:
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/

i386/MySQL-3.23.56-1.0.23.i386.rpm
MD5 Sum: 2e1d87123f531aa9f9db629b9791224b

i386/MySQL-client-3.23.56-1.0.23.i386.rpm
MD5 Sum: 732e50874839f55c0d45b8090eba28bb

i386/MySQL-shared-3.23.56-1.0.23.i386.rpm
MD5 Sum: cde31e38d9b2e421de6cf4a25ce8f041

i686/MySQL-3.23.56-1.0.23.i686.rpm
MD5 Sum: acbba1bb7409fe800d2fc733446cb1d7

i686/MySQL-client-3.23.56-1.0.23.i686.rpm
MD5 Sum: f3c98f5a75f4e5875aa5b248bb121999

i686/MySQL-shared-3.23.56-1.0.23.i686.rpm
MD5 Sum: d0a2799942ad77b2cbdd1b0ccc5e7fc3

EnGarde Vendor Advisory:
http://www.linuxsecurity.com/advisories/engarde_advisory-3046.html

 

Package: bitchx
Date: 03-24-2003
Description: Bitchx
is full of sprintf() calls and relying on BIG_BUFFER_SIZE being large enough.
Vendor Alerts: Gentoo:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/engarde_advisory-3046.html

 

Package: mod_ssl
Date: 03-24-2003
Description: "Researchers
have discovered a timing attack on RSA keys, to which OpenSSL is generally
vulnerable, unless RSA blinding has been turned on."
Vendor Alerts: Gentoo:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Gentoo Vendor Advisory:
http://www.linuxsecurity.com/advisories/gentoo_advisory-3052.html

 

Package: netpbm
Date: 03-25-2003
Description: Several
math overflow errors were found in NetPBM by Al Viro and Alan Cox. 
While these programs are not installed suid root, they are often used to
prepare data for processing.  These errors may permit remote attackers
to cause a denial of service or execute arbitrary code in any programs
or scripts that use these graphics conversion tools.
Vendor Alerts: Mandrake:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-3058.html

 

Package: rxvt
Date: 03-25-2003
Description: Digital
Defense Inc. released a paper detailing insecurities in various  terminal
emulators, including rxvt.  Many of the features supported by these
programs can be abused when untrusted data is displayed on the screen. 
This abuse can be anything from garbage data being displayed  to the
screen or a system compromise.
Vendor Alerts: Mandrake:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-3062.html
http://www.linuxsecurity.com/advisories/mandrake_advisory-3062.html 

TurboLinux:

TurboLinux Vendor
Advisory:

http://www.linuxsecurity.com/advisories/turbolinux_advisory-3047.html

 

Package: zlib
Date: 03-25-2003
Description: The
gzprintf function in zlib did not do bounds checking on user supplied data. 
Depending on how the function is used in an application,  malign source
data can be designed to overflow a buffer and execute arbitrary code as
the user of the application.
Vendor Alerts: NetBSD:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

NetBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/netbsd_advisory-3070.html

 

Package: evolution
Date: 03-21-2003
Description: Updated
Evolution packages are available which fix several vulnerabilities.
Vendor Alerts: Red Hat:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-3028.html
http://www.linuxsecurity.com/advisories/redhat_advisory-3053.html

 

Package: samba
Date: 03-21-2003
Description: Updated
samba packages are now available to fix security vulnerabilities found
during a code audit.
Vendor Alerts: Red Hat:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-3054.html

 

Package: kerberos
Date: 03-26-2003
Description: Updated
Kerberos packages fix a number of vulnerabilities found in MIT Kerberos.
Vendor Alerts: Red Hat:
PLEASE SEE VENDOR
ADVISORY FOR UPDATE

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-3072.html

 

Package: ethereal
Date: 03-26-2003
Description: Ethereal
is a GUI for analyzing and displaying network traffic. Ethereal is vulnerable
to a format string bug in it's SOCKS code and to a heap buffer overflow
in it's NTLMSSP code. These bugs can be abused to crash ethereal or maybe
to execute arbitrary code on the machine running ethereal.
Vendor Alerts: SuSE:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/
rpm/i586/ethereal-0.9.6-152.i586.rpm
1ea03e4f888f30bc37669ea4dd0cfe30 

SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-3031.html

 

Package: file
Date: 03-21-2003
Description: The
file command can be used to determine the type of files.  iDEFENSE
published a security report about a buffer overflow in the handling-routines
for the ELF file-format. 
Vendor Alerts: SuSE:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/
rpm/i586/file-3.37-206.i586.rpm
06e1fa8c7e00fd848b9ccff104a096f0

SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-3029.html

Category:

  • Security
Click Here!