September 5, 2003

Linux Advisory Watch - September 5th 2003

- by Benjamin D.

This week, advisories were released for sendmail, gdm, node, pam_smb, vmware, horde, phpwebsite, eroaster, mindi, gallery, atari800, sendmail, and up2date. The distributors include Conectiva, Debian, Gentoo, Red Hat, and Turbo Linux.

Recently, I discovered an interesting information security project titled "Towards a Taxonomy of Information Assurance." The founder , Abe Usher, originally posted on a security mailing list asking for comments from the open source community. The project Web site states the following as the purpose: "My intent is that this taxonomy could be used by the academic community, industry, and government in improving the precision of communication used in discussing information assurance/security topics." The author indicates that his research on information assurance has not yet uncovered a taxonomy that "is sufficiently detailed for application with real world problems."

The entire taxonomy has been divided into three categories: security services, information states, and security countermeasures. Security services includes availability, authentication, confidentiality, integrity, and non-repudiation. Security countermeasures includes technology, policies, people, and information states includes transmission, storage, and processing. Each of these sections have been further sub- divided into more detailed categories. The best way to understand how the taxonomy is organized is to visit the project Web site:

Ok, a taxonomy?! So what! What potential uses could this have? The first thing that I thought of was document classification. Like many of you, over the last few years I have collected many security and open source documents that I use for reference. Generally, I prefer to keep a local copy of all useful documents to ensure that they will always be available. As my digital library has grown, indexing has become much more complex. At the moment, it is difficult to fully organize efficiently. Using a completed information security taxonomy as reference, I will now be able to create a comprehensive directory structure to store all of my documents. In addition to better organization, a completed taxonomy will assist persons interested in learning more about information security. It will give students a better overview of everything included in information security. I applaud Abe Usher for his efforts. I would also like to encourage readers to submit any suggestions or ideas to him.

Until next time,
Benjamin D. Thomas

LinuxSecurity Feature Extras:

A Practical Approach of Stealthy Remote Administration - This paper is written for those paranoid administrators who are looking for a stealthy technique of managing sensitive servers (like your enterprise firewall console or IDS).

Expert vs. Expertise: Computer Forensics and the Alternative OS - No longer a dark and mysterious process, computer forensics have been significantly on the scene for more than five years now. Despite this, they have only recently gained the notoriety they deserve.

[ Linux Advisory Watch ] - [ Linux Security Week ] - [ PacketStorm Archive ] - [ Linux Security Documentation ]

FREE Apache SSL Guide from Thawte - Are you worried about your web server security? Click here to get a FREE Thawte Apache SSL Guide and find the answers to all your Apache SSL security needs.

Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability.
[ Subscribe ]

Distribution: Conectiva

8/29/2003'sendmail' remote vulnerability

Sendmail versions 8.12.8 and before (but only of the 8.12.x branch) have a remote vulnerability related to DNS maps. Multiple vulnerabilities

This update fixes multiple vulnerabilities including an arbitrary file content disclosure, crash as a result of using free(), and segfault while checking authorization data. 'node' buffer overflow, format string Multiple vulnerabilities

Morgan alias SM6TKY discovered and fixed several security relatedproblems in LinuxNode, an Amateur Packet Radio Node program. Thebuffer overflow he discovered can be used to gain unauthorised rootaccess and can be remotely triggered. Remote buffer overflow vulnerability

If a long password is supplied, this can cause a buffer overflow whichcould be exploited to execute arbitrary code with the privileges of theprocess which invokes PAM services. Insecure symlink vulnerability

The previous GLSA 200308-03 was wrong when it stated thatvmware-workstation-4.0.1-5289 would fix the problems described in theadvisory. Remote session hijacking

An attacker could send an email to the victim who ago use of HORDE MTAin order to push it to visit a website. The website in issue log all theaccesses and describe in the particular the origin of every victim.'phpwebsite' SQL injection vulnerability Remote session hijacking

phpwebsite contains an sql injection vulnerability in the calendarmodule which allows the attacker to execute sql queries.'eroaster' temporary file vulnerability Remote session hijacking

Previous eroaster versions allowwed local users to overwrite arbitraryfiles via a symlink attack on a temporary file that is used as a lockfile.'mindi' temporary file vulnerability Remote session hijacking

Mindi creates files in /tmp which could allow local user to overwrite arbitrary files.'gallery' cross-site scripting vulnerability Remote session hijacking

Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1through 1.3.4 allows remote attackers to insert arbitrary web script viathe searchstring parameter.'atari800' buffer overflow Remote session hijacking

atari800 contains a buffer overflow which could be used by an attackerto gain root privileges. Hat8/29/2003'sendmail' DNS maps DoS Remote session hijacking

Updated Sendmail packages are available to fix a vulnerability in thehandling of DNS maps'up2date' required update Remote session hijacking

New versions of the up2date and rhn_register clients are available andare required for continued access to Red Hat Network. vulnerability

The remote buffer overflow in the pam_smb module that an attacker can exploit the pam_smb configured to authenticate a remotely accessible service. 




  • Security
Click Here!