kdebase, snort, tcpdump, monkeyd, mgetty, ethereal, squirrelmail, lprng, micq,
zlib, man, and xinetd. The distributors include Caldera, Conectiva, Debian,
EnGarde, Gentoo, Mandrake, Red Hat, and Turbo Linux.
LinuxSecurity Feature Extras:
At
the RealWorld Linux Expo in Toronto, Guardian Digital launched the next generation
of the Community edition of our EnGarde Secure Linux. – Guardian Digital
is an Internet security company, focusing on the Linux operating system. We
have developed a suite of open source Internet security products aimed at companies
that recognize the requirement to be secure on the Internet today.Days
of the Honeynet: Attacks, Tools, Incidents – Among other benefits,
running a honeynet makes one acutely aware about “what is going on” out there.
While placing a network IDS outside one’s firewall might also provide a similar
flood of alerts, a honeypot provides a unique prospective on what will be
going on when a related server is compromised used by the intruders.
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
The Linux Advisory Watch newsletter is developed by the community
of volunteers at
and sponsored by Guardian Digital, Inc., the open
source security company.
| Package: | apcupsd |
| Description: | Multiple buffer overflows in apcupsd may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. |
| Vendor Alerts: | Caldera:
|
| Package: | sendmail |
| Description: | From CERT CA-2003-12: There is a vulnerability in sendmail that can be exploited to cause a denial-of-service condition and could allow a remote attacker to execute arbitrary code with the privileges of the sendmail daemon, typically root. |
| Vendor Alerts: | Caldera:
Conectiva:
|
| Package: | apache |
| Description: | There is a memory leak in these apache versions which can be remotely triggered by sending large chunks of consecutive linefeed characters. Each linefeed will cause the server to allocate 80 bytes of memory. |
| Vendor Alerts: | Conectiva:
|
| Package: | balsa |
| Description: | An attacker who is able to control an IMAP server accessed by balsa can exploit this vulnerability to remotely crash the client or execute arbitrary code with the privileges of the user running it. This update fixes this vulnerability. |
| Vendor Alerts: | Conectiva:
Gentoo:
|
| Package: | pptp |
| Description: | Timo Sirainen discovered a vulnerability in pptpd, a Point to Point Tunneling Server, which implements PPTP-over-IPSEC and is commonly used to create Virtual Private Networks (VPN). By specifying a small packet length an attacker is able to overflow a buffer and execute code under the user id that runs pptpd, probably root. An exploit for this problem is already circulating. |
| Vendor Alerts: | Debian:
Gentoo:
|
| Package: | kdebase |
| Description: | The KDE team discoverd a vulnerability in the way KDE uses Ghostscript software for processing of PostScript (PS) and PDF files. An attacker could provide a malicious PostScript or PDF file via mail or websites that could lead to executing arbitrary commands under the privileges of the user viewing the file or when the browser generates a directory listing with thumbnails. |
| Vendor Alerts: | Debian:
SuSE:
|
| Package: | snort |
| Description: | Two vulnerabilities have been discoverd in Snort, a popular network intrusion detection system. Snort comes with modules and plugins that perform a variety of functions such as protocol analysis. |
| Vendor Alerts: | Debian:
EnGarde:
Gentoo:
Mandrake:
|
| Package: | tcpdump |
| Description: | There are several vulnerabilities in the tcpdump package shipped with EnGarde Secure Linux. |
| Vendor Alerts: | EnGarde:
|
| Package: | monkeyd |
| Description: | A buffer overflow vulnerability exists in Monkey’s handling of forms submitted with the POST request method. The unchecked buffer lies in the PostMethod() procedure. |
| Vendor Alerts: | Gentoo:
|
| Package: | mgetty |
| Description: | Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument. |
| Vendor Alerts: | Gentoo:
|
| Package: | ethereal |
| Description: | A vulnerability was discovered in Ethereal 0.9.9 and earlier that allows a remote attacker to use specially crafted SOCKS packets to cause a denial of service (DoS) and possibly execute arbitrary code. |
| Vendor Alerts: | Mandrake:
|
| Package: | squirrelmail |
| Description: | Cross-site scripting vulnerabilities in SquirrelMail version 1.2.10 and earlier allow remote attackers to execute script as other Web users via mailbox displays, message displays, or search results displays. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0160 to these issues. |
| Vendor Alerts: | Mandrake:
|
| Package: | lprng |
| Description: | A vulnerability has been found in psbanner, which creates a temporary file with a known filename in an insecure manner. An attacker could create a symbolic link and cause arbitrary files to be written as the ‘lp’ user. |
| Vendor Alerts: | Mandrake:
|
| Package: | micq |
| Description: | mICQ versions 0.4.9 and earlier allow remote attackers to cause a denial of service (crash) using malformed ICQ message types without a 0xFE separator character. |
| Vendor Alerts: | Red Hat:
|
| Package: | zlib |
| Description: | Updated zlib packages are now available which fix a buffer overflow vulnerability. |
| Vendor Alerts: | Red Hat:
|
| Package: | mysql |
| Description: | A double-free vulnerability in mysqld, for MySQL before version 3.23.55, allows attackers with MySQL access to cause a denial of service (crash) by creating a carefully crafted client application. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0073 to this issue. |
| Vendor Alerts: | Red Hat:
|
| Package: | man |
| Description: | Updated man packages fix a minor security vulnerability. |
| Vendor Alerts: | Red Hat:
|
| Package: | xinetd |
| Description: | The remote attackers can create DoS condition on the xined server. |
| Vendor Alerts: | Turbo Linux:
|
Category:
- Security
