May 2, 2003

Linux Advisory Watch - May 2nd, 2003

This week, advisories were released for apcupsd, sendmail, apache, balsa, pptp,
kdebase, snort, tcpdump, monkeyd, mgetty, ethereal, squirrelmail, lprng, micq,
zlib, man, and xinetd.  The distributors include Caldera, Conectiva, Debian,
EnGarde, Gentoo, Mandrake, Red Hat, and Turbo Linux.

LinuxSecurity Feature Extras:

At
the RealWorld Linux Expo in Toronto, Guardian Digital launched the next generation
of the Community edition of our EnGarde Secure Linux
. -
Guardian Digital
is an Internet security company, focusing on the Linux operating system. We
have developed a suite of open source Internet security products aimed at companies
that recognize the requirement to be secure on the Internet today.

Days
of the Honeynet: Attacks, Tools, Incidents
- Among other benefits,
running a honeynet makes one acutely aware about "what is going on" out there.
While placing a network IDS outside one's firewall might also provide a similar
flood of alerts, a honeypot provides a unique prospective on what will be
going on when a related server is compromised used by the intruders.

[ Linux
Advisory Watch
] - [ Linux
Security Week
] - [ PacketStorm
Archive
] - [ Linux Security
Documentation
]

  The Linux Advisory Watch newsletter is developed by the community
of volunteers at LinuxSecurity.com
and sponsored by Guardian Digital, Inc., the open
source security company.    


 

 
Package: apcupsd
Description: Multiple
buffer overflows in apcupsd may allow attackers to cause a denial of service
or execute arbitrary code, related
to usage of
the vsprintf function.
Vendor Alerts: Caldera:
Caldera Vendor
Advisory:

http://www.linuxsecurity.com/advisories/caldera_advisory-3057.html

 

Package: sendmail
Description: From
CERT CA-2003-12: There is a vulnerability in sendmail that can be exploited
to cause a denial-of-service condition and could allow a remote attacker
to execute arbitrary code with the privileges of the sendmail daemon, typically
root.
Vendor Alerts: Caldera:
Caldera Vendor
Advisory:

http://www.linuxsecurity.com/advisories/caldera_advisory-3057.html

Conectiva:

Conectiva Vendor
Advisory:

http://www.linuxsecurity.com/advisories/connectiva_advisory-3220.html

 

Package: apache
Description: There
is a memory leak in these apache versions which can be remotely triggered
by sending large chunks of consecutive linefeed characters. Each linefeed
will cause the server to allocate 80 bytes of memory.
Vendor Alerts: Conectiva:
Conectiva Vendor
Advisory:

http://www.linuxsecurity.com/advisories/connectiva_advisory-3219.html

 

Package: balsa
Description: An
attacker who is able to control an IMAP server accessed by balsa can exploit
this vulnerability to remotely crash the client or execute arbitrary code
with the privileges of the user running it.  This update fixes this
vulnerability.
Vendor Alerts: Conectiva:
Conectiva Vendor
Advisory:

http://www.linuxsecurity.com/advisories/connectiva_advisory-3221.html

Gentoo:

Gentoo Vendor
Advisory:

http://www.linuxsecurity.com/advisories/gentoo_advisory-3216.html

 

Package: pptp
Description: Timo
Sirainen discovered a vulnerability in pptpd, a Point to Point Tunneling
Server, which implements PPTP-over-IPSEC and is commonly used to create
Virtual Private Networks (VPN).  By specifying a small packet length
an attacker is able to overflow a buffer and execute code under the user
id that runs pptpd, probably root.  An exploit for this problem is
already circulating.
Vendor Alerts: Debian:
Debian Vendor
Advisory:

http://www.linuxsecurity.com/advisories/debian_advisory-3214.html

Gentoo:

Gentoo Vendor
Advisory:

http://www.linuxsecurity.com/advisories/gentoo_advisory-3209.html

 

Package: kdebase
Description: The
KDE team discoverd a vulnerability in the way KDE uses Ghostscript software
for processing of PostScript (PS) and PDF files.  An attacker could
provide a malicious PostScript or PDF file via mail or websites that could
lead to executing arbitrary commands under the privileges of the user viewing
the file or when the browser generates a directory listing with thumbnails.
Vendor Alerts: Debian:
Debian Vendor
Advisory:

http://www.linuxsecurity.com/advisories/debian_advisory-3215.html
 

SuSE:

SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-3201.html

 

Package: snort
Description: Two
vulnerabilities have been discoverd in Snort, a popular network intrusion
detection system.  Snort comes with modules and plugins that perform
a variety of functions such as protocol analysis. 
Vendor Alerts: Debian:
Debian Vendor
Advisory:

http://www.linuxsecurity.com/advisories/debian_advisory-3223.html

EnGarde:

EnGarde Vendor
Advisory:

http://www.linuxsecurity.com/advisories/engarde_advisory-3217.html

Gentoo:

Gentoo Vendor
Advisory:

http://www.linuxsecurity.com/advisories/gentoo_advisory-3207.html
 

Mandrake:

Mandrake Vendor
Advisory:

http://www.linuxsecurity.com/advisories/mandrake_advisory-3212.html

 

Package: tcpdump
Description: There
are several vulnerabilities in the tcpdump package shipped with EnGarde
Secure Linux.
Vendor Alerts: EnGarde:
EnGarde Vendor
Advisory:

http://www.linuxsecurity.com/advisories/engarde_advisory-3218.html

 

Package: monkeyd
Description: A
buffer overflow vulnerability exists in Monkey's handling of forms submitted
with the POST request method.  The unchecked buffer lies in the PostMethod()
procedure.
Vendor Alerts: Gentoo:
Gentoo Vendor
Advisory:

http://www.linuxsecurity.com/advisories/gentoo_advisory-3208.html

 

Package: mgetty
Description: Buffer
overflow in cnd-program for mgetty before 1.1.29 allows remote attackers
to cause a denial of service and possibly execute arbitrary code via a
Caller ID string with a long CallerName argument.
Vendor Alerts: Gentoo:
Gentoo Vendor
Advisory:

http://www.linuxsecurity.com/advisories/gentoo_advisory-3210.html

 

Package: ethereal
Description: A
vulnerability was discovered in Ethereal 0.9.9 and earlier that allows
a remote attacker to use specially crafted SOCKS packets to cause a denial
of service (DoS) and possibly execute arbitrary code.
 
Vendor Alerts: Mandrake:
Mandrake Vendor
Advisory:

http://www.linuxsecurity.com/advisories/mandrake_advisory-3203.html

 

Package: squirrelmail
Description: Cross-site
scripting vulnerabilities in SquirrelMail version 1.2.10 and earlier allow
remote attackers to execute script as other Web users via mailbox displays,
message displays, or search results displays.  The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0160
to these issues.
Vendor Alerts: Mandrake:
Mandrake Vendor
Advisory:

http://www.linuxsecurity.com/advisories/redhat_advisory-3204.html

 

Package: lprng
Description: A
vulnerability has been found in psbanner, which creates a temporary file
with a known filename in an insecure manner.  An attacker could create
a symbolic link and cause arbitrary files to be written as the 'lp' user.
Vendor Alerts: Mandrake:
Mandrake Vendor
Advisory:

http://www.linuxsecurity.com/advisories/redhat_advisory-3205.html

 

Package: micq
Description: mICQ
versions 0.4.9 and earlier allow remote attackers to cause a denial of
service (crash) using malformed ICQ message types without a 0xFE separator
character.
Vendor Alerts: Red Hat:
Red Hat Vendor
Advisory:

http://www.linuxsecurity.com/advisories/redhat_advisory-3206.html

 

Package: zlib
Description: Updated
zlib packages are now available which fix a buffer overflow vulnerability.
Vendor Alerts: Red Hat:
Red Hat Vendor
Advisory:

http://www.linuxsecurity.com/advisories/redhat_advisory-3211.html

 

Package: mysql
Description: A
double-free vulnerability in mysqld, for MySQL before version 3.23.55,
allows attackers with MySQL access to cause a denial of service (crash)
by creating a carefully crafted client application. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0073
to this issue.
Vendor Alerts: Red Hat:
Red Hat Vendor
Advisory:

http://www.linuxsecurity.com/advisories/redhat_advisory-3211.html

 

Package: man
Description: Updated
man packages fix a minor security vulnerability.
 
Vendor Alerts: Red Hat:
Red Hat Vendor
Advisory:

http://www.linuxsecurity.com/advisories/redhat_advisory-3224.html

 

Package: xinetd
Description: The
remote attackers can create DoS condition on the xined server.
 
Vendor Alerts: Turbo Linux:
Turbo Linux Vendor
Advisory:

http://www.linuxsecurity.com/advisories/turbolinux_advisory-3202.html

 

Category:

  • Security
Click Here!