October 3, 2003

Linux Advisory Watch - October 3rd 2003

- by Benjamin D.
Thomas
-

This week, advisories were
released for proftpd, openssl, marbles, freesweep, webfs, OpenSSL, mpg123, teapop,
and proftpd. The distributors include Conectiva, Debian, Guardian Digital's EnGarde
Linux, Gentoo, Immunix, Red Hat, Trustix, and Turbolinux.

Last week, I wrote about
some of the problems that are associated with using passwords as a method of
authentication. There are several techniques that can be utilized to improve
password security, however, users often have such a large number of different
passwords they can become difficult to manage. Users are forced to remember
multiple passwords to different systems on different networks. This causes users
to write down or continuously need their passwords reset.

Single sign-on is a technology
that can be implemented to relieve some of the strain that passwords put on
users and administrators. With SSO, multiple passwords become invisible to the
user because they are only required to login initially then the credentials
are sent to each application by the way of the single sign-on system.

Initially, migrating from
a traditional password structure can be a daunting task. The problem is particularly
apparent when trying to connect legacy applications. However, the headaches
will quickly go away if the system includes the ability for users to reset their
own password using other credentials that were given at their initial connection
to the system. This functionality could be extremely beneficial to enterprise
size organizations that must reset hundreds of passwords a day.

A single sign-on system
is not the holy grail. Like any feature on a network, it provides its own set
of risks. Having a SSO system provides a single point of failure. If the system
is down, every application on the network is potentially down. There are always
tradeoffs between security and convenience, but many large organizations have
felt that this is a risk worth taking. Although SSO provides the possibility
of having a single point of failure, it is also possible to configure the system
so that it is redundant, providing service if one system goes down. Implementing
a system correctly requires a great deal of planning, time, and money.

Until next time, cheers!
Benjamin D. Thomas

 

LinuxSecurity Feature
Extras:

R00ting
The Hacker

- Dan Verton, the author of The Hacker Diaries: Confessions of
Teenage Hackers is a former intelligence officer in the U.S. Marine Corps
who currently writes for Computerworld and CNN.com, covering national cyber-security
issues and critical infrastructure
protection.

A
Practical Approach of Stealthy Remote Administration

- This paper is written for those paranoid administrators who are looking
for a stealthy technique of managing sensitive servers (like your enterprise
firewall console or IDS).

[ Linux
Advisory Watch
] - [ Linux
Security Week
] - [ PacketStorm
Archive
] - [ Linux Security
Documentation
]

 

Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.

[ Subscribe
]

 

 
Distribution: Conectiva

  9/29/2003proftpd     Arbitrary
code execution vulnerability

An attacker who is able to upload and download the same file can exploit
this vulnerability to execute arbitrary code with root privileges.

http://www.linuxsecurity.com/advisories/connectiva_advisory-3689.html
    9/30/2003openssl     ASN.1
parsing vulnerabilities

An SSL/TLS testing suite developed by the NISCC (UK National Infrastructure
Security Co-Ordination Centre) uncovered ASN.1 parsing vulnerabilities in
OpenSSL. Exploitation of these vulnerabilities may result in a denial of
service.

http://www.linuxsecurity.com/advisories/connectiva_advisory-3694.html
   Distribution:Debian   9/26/2003marbles     Buffer
overflow vulnerability

Steve Kemp discovered a buffer overflow in marbles, when processing the
HOME environment variable. This vulnerability could be exploited by a local
user to gain gid 'games'.

http://www.linuxsecurity.com/advisories/debian_advisory-3686.html
    9/28/2003freesweep     Buffer
overflow vulnerability

Steve Kemp discovered a buffer overflow in freesweep, when processing several
environment variables. This vulnerability could be exploited by a local
user to gain gid 'games'.

http://www.linuxsecurity.com/advisories/debian_advisory-3687.html
    9/29/2003webfs     Multiple
vulnerabilities

Multiple vulnerabilities including unauthorized access and buffer overflow
have been fixed.

http://www.linuxsecurity.com/advisories/debian_advisory-3690.html
   Distribution:EnGarde   9/30/2003OpenSSL     ASN.1
parsing vulnerabilities

An SSL/TLS testing suite developed by the NISCC (UK National Infrastructure
Security Co-Ordination Centre) uncovered ASN.1 parsing vulnerabilities in
OpenSSL. Exploitation of these vulnerabilities may result in a denial of
service.

http://www.linuxsecurity.com/advisories/engarde_advisory-3693.html
   Distribution:Gentoo   9/29/2003media-video/mplayer
Buffer overflow vulnerability
    ASN.1
parsing vulnerabilities

A remotely exploitable buffer overflow vulnerability was found in MPlayer.
A malicious host can craft a harmful ASX header, and trick MPlayer into
executing arbitrary code upon parsing that header.

http://www.linuxsecurity.com/advisories/gentoo_advisory-3691.html
    9/29/2003net-ftp/proftpd
Remote file compromise vulnerability
    ASN.1
parsing vulnerabilities

ISS X-Force discovered a vulnerability that could be triggered when a specially
crafted file is uploaded to a proftpd server.

http://www.linuxsecurity.com/advisories/gentoo_advisory-3692.html
    9/30/2003mpg123     Buffer
overflow vulnerability

mpg123 contains a heap based buffer overflow that would allow an remote
attacker to execute arbitrary code on the victims machine.

http://www.linuxsecurity.com/advisories/gentoo_advisory-3695.html
    9/30/2003teapop     SQL Injection
vulnerability

teapop suffers from a sql injection in the postgresql and mysql authentication
module.

http://www.linuxsecurity.com/advisories/gentoo_advisory-3696.html
   Distribution:Immunix   9/30/2003ASN.1
Parsing vulnerabilities
    SQL Injection
vulnerability

An SSL/TLS testing suite developed by the NISCC (UK National Infrastructure
Security Co-Ordination Centre) uncovered ASN.1 parsing vulnerabilities in
OpenSSL. Exploitation of these vulnerabilities may result in a denial of
service.

http://www.linuxsecurity.com/advisories/immunix_advisory-3697.html
   Distribution:Red
Hat
  9/30/2003OpenSSL     ASN.1
Parsing vulnerabilities

An SSL/TLS testing suite developed by the NISCC (UK National Infrastructure
Security Co-Ordination Centre) uncovered ASN.1 parsing vulnerabilities in
OpenSSL. Exploitation of these vulnerabilities may result in a denial of
service.

http://www.linuxsecurity.com/advisories/redhat_advisory-3698.html
   Distribution:Trustix   9/29/2003'proftpd'
remote exploit
    ASN.1
Parsing vulnerabilities

An error exists in the ASCII upload handling of Proftpd version 1.2.7 and
later that can be used to trigger an buffer overflow and thus execute arbitrary
code. This has now been fixed.

http://www.linuxsecurity.com/advisories/trustix_advisory-3688.html
   Distribution:Turbolinux   9/30/2003proftpd     ASCII
File Remote Compromise Vulnerability

A vulnerability exists in the ProFTPD server that can be triggered by remote
attackers when transferring files from the FTP server in ASCII mode.

http://www.linuxsecurity.com/advisories/turbolinux_advisory-3699.html
 

Category:

  • Security
Click Here!