November 7, 2003

Linux Advisory Watch - November 7th 2003

Author: Benjamin D. Thomas

This week, advisories were
released for bugzilla, apache, fileutils, postgresql, CUPS, and thttpd. The
distributors include Conectiva, Guardian Digital's EnGarde Linux, Gentoo, Immunix,
Mandrake, RedHat, Slackware, and SuSE.

Although the update has
been out for several weeks, the SANS Top20 list still remains important. For
administrators and management, it is a good way to get an idea of some of the
most vulnerable services. Although best practice should dictate that these services
have already been eliminated or secured, this is often not the case. The SANS
Top20 can should be an eye-opener to those who do not regularly patch and update
systems.

Both the problem and beauty of the
Top20 list is its length. For those of us with only Unix and/or Linux based
servers, the list is cut down to 10. Some of the vulnerabilities listed are
related to BIND, RPC, Apache, passwords, and clear text services. The list is
very useful because of its length giving people a quick idea of some of the
biggest problems. My concern is that diligence will stop after number 10. After
each of the 10 Unix system vulnerabilities are addressed, administrators may
have a false sense of security. It is important to equally ensure that all other
services have been patched. One of the most common-sense ways to reduce this
workload is simply to not start services, or have software installed that may
be a potential problem in the future. Living with only the minimum necessary
requirements is often difficult. For example, when installing a particular flavor
of Linux, it takes much more time to individually choose the packages you require,
rather than simply installing a pre-configured server configuration.

The Top20 list should only be a
starting point for those wishing to maintain a secure network. After each item
on the list has been addressed, security staff should then strive to achieve
compliance with standards such as BS-7799/ISO-17799, NIST security standards,
the ISF's Standard of Good Practice, and others. Once again, the common re-occurring
theme in information security process and standardization. The absolute best
way to achieve a secure operating environment is the continual re-evaluation
of policies, procedures, and practices.

Until next time, cheers!
Benjamin D. Thomas

LinuxSecurity Feature
Extras:

EnGarde
GDSN Subscription Price Reduction

- Guardian Digital, the world's premier open source security company, announced
today that they will be reducing the annual subscription cost of the Guardian
Digital Secure Network for EnGarde Community users from $229 to $60 for a
limited time.

R00ting
The Hacker

- Dan Verton, the author of The Hacker Diaries: Confessions of
Teenage Hackers is a former intelligence officer in the U.S. Marine Corps
who currently writes for Computerworld and CNN.com, covering national cyber-security
issues and critical infrastructure
protection.

[ Linux
Advisory Watch
] - [ Linux
Security Week
] - [ PacketStorm
Archive
] - [ Linux Security
Documentation
]

 

Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.

[ Subscribe
]

 

 
Distribution: Conectiva
11/6/2003 bugzilla
    multiple
vulnerabilities

Several vulnerabilities have been announced and are being fixed in this
update.

http://www.linuxsecurity.com/advisories/connectiva_advisory-3760.html

 
  11/6/2003 apache
    multiple
vulnerabilities

New versions of the Apache web server have been made available with the
following security fixes.

http://www.linuxsecurity.com/advisories/connectiva_advisory-3761.html

 
 
Distribution: EnGarde
  11/4/2003 'openssl'
ASN.1 parsing DoS
    multiple
vulnerabilities

This vulnerability (triggered by certain ASN.1 sequences which cause a large
recursion) is only believed to be exploitable as a denial of service on
the Windows platform at this time.

http://www.linuxsecurity.com/advisories/engarde_advisory-3757.html

 
  11/5/2003 'apache'
mod_alias and mod_rewrite buffer overflow
    multiple
vulnerabilities

A buffer overflow in mod_alias and mod_rewrite was discovered in the Apache
web server. This vulnerability may be exploited when a regular expression
with more then nine captures is defined in either the httpd.conf or an .htaccess
file.

http://www.linuxsecurity.com/advisories/engarde_advisory-3759.html

 
 
Distribution: Gentoo
  10/31/2003 net-www/apache
Buffer overflow vulnerability
    multiple
vulnerabilities

A buffer overflow could occur in mod_alias and mod_rewrite when a regular
expression with more than 9 captures is configured.

http://www.linuxsecurity.com/advisories/gentoo_advisory-3753.html

 
 
Distribution: Immunix
  10/31/2003 fileutils
    Memory
exhaustion vulnerability

An off-by-one attack that may lead to a memory exhaustion vulnerability
has been fixed.

http://www.linuxsecurity.com/advisories/immunix_advisory-3749.html

 
 
Distribution: Mandrake
  11/3/2003 postgresql
    Buffer
overflow vulnerability

Two bugs were discovered that lead to a buffer overflow in PostgreSQL versions
7.2.x and 7.3.x prior to 7.3.4, in the abstract data type (ADT) to ASCII
conversion functions.

http://www.linuxsecurity.com/advisories/mandrake_advisory-3755.html

 
  11/3/2003 apache
    Buffer
overflow vulnerability

A buffer overflow in mod_alias and mod_rewrite was discovered in Apache
versions 1.3.19 and earlier as well as Apache 2.0.47 and earlier.

http://www.linuxsecurity.com/advisories/mandrake_advisory-3756.html

 
  11/6/2003 CUPS
    denial
of service vulnerability

A bug in versions of CUPS prior to 1.1.19 was reported in the Internet Printing
Protocol (IPP) implementation would result in CUPS going into a busy loop,
which could result in a Denial of Service (DoS) condition.

http://www.linuxsecurity.com/advisories/mandrake_advisory-3762.html

 
 
Distribution: Red
Hat
  11/3/2003 CUPS
    Denial
of Service vulnerability

Updated CUPS packages that fix a problem where CUPS can hang are now available.


http://www.linuxsecurity.com/advisories/redhat_advisory-3754.html

 
  11/6/2003 fileutils
    denial
of service vulnerability

Georgi Guninski discovered a memory starvation denial of service vulnerability
in the ls program.

http://www.linuxsecurity.com/advisories/redhat_advisory-3763.html

 
  11/6/2003 CUPS
    denial
of service vulnerability

Paul Mitcheson reported a situation where the CUPS Internet Printing Protocol
(IPP) implementation in CUPS versions prior to 1.1.19 would get into a busy
loop.

http://www.linuxsecurity.com/advisories/redhat_advisory-3764.html

 
 
Distribution: Slackware
  11/4/2003 apache
    multiple
vulnerabilities

These updates fix local vulnerabilities that could allow users who can create
or edit Apache config files to gain additional privileges.

http://www.linuxsecurity.com/advisories/slackware_advisory-3758.html

 
 
Distribution: SuSE
  11/1/2003 thttpd
    Remote
privilege escalation vulnerability

A Buffer overflow and privilege escalation vulnerabilty have been fixed.


http://www.linuxsecurity.com/advisories/suse_advisory-3752.html

 

Category:

  • Security
Click Here!