September 10, 2004

Linux Advisory Watch - September 10, 2004

Author: Preston St. Pierre

This week, advisories were
released for imlib, krb5, and kernel. The distributors include Fedora, Mandrake,
and Suse.

BIOS Security

The BIOS is the lowest level of
software that configures or manipulates your x86-based hardware.

LILO and other Linux boot methods
access the BIOS to determine how to boot up your Linux machine. Other hardware
that Linux runs on has similar software (OpenFirmware on Macs and new Suns,
Sun boot PROM, etc...). You can use your BIOS to prevent attackers from rebooting
your machine and manipulating your Linux system.

Most PC BIOSs let you set a boot
password. This doesn't provide all that much security (the BIOS can be reset,
or removed if someone can get into the case), but might be a good deterrent
(i.e. it will take time and leave traces of tampering). Similarly, on SPARC/Linux
(Linux for SPARC(tm) processor machines), your EEPROM can be set to require
a boot-up password. This might slow attackers down.

Many PC BIOSs also allow you to
specify various other good security settings. Check your BIOS manual or look
at it the next time you boot up. For example, most BIOSs disallow booting from
floppy drives and some require passwords to access some BIOS features.

Note: If you have a server machine,
and you set up a boot password, your machine will not boot up unattended. Keep
in mind that you will need to come in and supply the password in the event of
a power failure.

Security Tip Written by
Dave Wreski (
Additional tips are available at the following URL:

Feature Extras:

-Network security is continuing to be a big problem
for companies and home users. The problem can be resolved with an accurate security
analysis. In this article I show how to approach security using aide and chkrootkit.

Interview with Gary McGraw, Co-author of Exploiting Software: How to Break Code

- Gary McGraw is perhaps best known for his groundbreaking work on securing
software, having co-authored the classic Building Secure Software (Addison-Wesley,
2002). More recently, he has co-written with Greg Hoglund a companion volume,
Exploiting Software, which details software security from the vantage point
of the other side, the attacker. He has graciously agreed to share some of his
insights with all of us at

Expert Dave Wreski Discusses Open Source Security
- Dave Wreski,
CEO of Guardian Digital, Inc. and respected author of various hardened security
and Linux publications, talks about how Guardian Digital is changing the face
of IT security today. Guardian Digital is perhaps best known for their hardened
Linux solution EnGarde Secure Linux, touted as the premier secure, open-source
platform for its comprehensive array of general purpose services, such as web,
FTP, email, DNS, IDS, routing, VPN, firewalling, and much more.

[ Linux
Advisory Watch
] - [ Linux
Security Week
] - [ PacketStorm
] - [ Linux Security

Linux Advisory Watch is
a comprehensive newsletter that outlines the security vulnerabilities that have
been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.[

Distribution: Fedora

Security update (core1)

Several heap overflow vulnerabilities have been found in the imlib BMP image
handler. An attacker could create a carefully crafted BMP file in such a
way that it would cause an application linked with imlib to execute arbitrary
code when the file was opened by a victim.
  Distribution:Mandrake 9/1/2004krb5   multiple

A double-free vulnerability exists in the MIT Kerberos 5's KDC program that
could potentially allow a remote attacker to execute arbitrary code on the
KDC host.
  Distribution:Suse 9/1/2004kernel   vulnerabilities

Various signedness issues and integer overflows have been fixed within kNFSd
and the XDR decode functions of kernel 2.6.

Click Here!