Linux Advisory Watch - September 5th 2003

– by Benjamin D.
Thomas –

This week, advisories were released for sendmail, gdm, node, pam_smb, vmware, horde, phpwebsite, eroaster, mindi, gallery, atari800, sendmail, and up2date. The distributors include Conectiva, Debian, Gentoo, Red Hat, and Turbo Linux.

Recently, I discovered an interesting information security project titled “Towards a Taxonomy of Information Assurance.” The founder , Abe Usher, originally posted on a security mailing list asking for comments from the open source community. The project Web site states the following as the purpose: “My intent is that this taxonomy could be used by the academic community, industry, and government in improving the precision of communication used in discussing information assurance/security topics.” The author indicates that his research on information assurance has not yet uncovered a taxonomy that “is sufficiently detailed for application with real world problems.”

The entire taxonomy has been divided into three categories: security services, information states, and security countermeasures. Security services includes availability, authentication, confidentiality, integrity, and non-repudiation. Security countermeasures includes technology, policies, people, and information states includes transmission, storage, and processing. Each of these sections have been further sub- divided into more detailed categories. The best way to understand how the taxonomy is organized is to visit the project Web site:

http://www.sharp-ideas.net/ia/information_assurance.htm

Ok, a taxonomy?! So what! What potential uses could this have? The first thing that I thought of was document classification. Like many of you, over the last few years I have collected many security and open source documents that I use for reference. Generally, I prefer to keep a local copy of all useful documents to ensure that they will always be available. As my digital library has grown, indexing has become much more complex. At the moment, it is difficult to fully organize efficiently. Using a completed information security taxonomy as reference, I will now be able to create a comprehensive directory structure to store all of my documents. In addition to better organization, a completed taxonomy will assist persons interested in learning more about information security. It will give students a better overview of everything included in information security. I applaud Abe Usher for his efforts. I would also like to encourage readers to submit any suggestions or ideas to him.

Until next time,
Benjamin D. Thomas

LinuxSecurity Feature Extras:

A Practical Approach of Stealthy Remote Administration – This paper is written for those paranoid administrators who are looking for a stealthy technique of managing sensitive servers (like your enterprise firewall console or IDS).

Expert vs. Expertise: Computer Forensics and the Alternative OS – No longer a dark and mysterious process, computer forensics have been significantly on the scene for more than five years now. Despite this, they have only recently gained the notoriety they deserve.

[ Linux Advisory Watch ] – [ Linux Security Week ] – [ PacketStorm Archive ] – [ Linux Security Documentation ]

FREE Apache SSL Guide from Thawte – Are you worried about your web server security? Click here to get a FREE Thawte Apache SSL Guide and find the answers to all your Apache SSL security needs.

Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability.
[ Subscribe ]


Distribution:			Conectiva
	8/29/2003	‘sendmail’ remote vulnerability
		Sendmail versions 8.12.8 and before (but only of the 8.12.x branch) have a remote vulnerability related to DNS maps. http://www.linuxsecurity.com/advisories/connectiva_advisory-3587.html

	9/1/2003	gdm
		Multiple vulnerabilities This update fixes multiple vulnerabilities including an arbitrary file content disclosure, crash as a result of using free(), and segfault while checking authorization data. http://www.linuxsecurity.com/advisories/connectiva_advisory-3591.html


Distribution:			Debian
	8/29/2003	‘node’ buffer overflow, format string
		Multiple vulnerabilities Morgan alias SM6TKY discovered and fixed several security relatedproblems in LinuxNode, an Amateur Packet Radio Node program. Thebuffer overflow he discovered can be used to gain unauthorised rootaccess and can be remotely triggered. http://www.linuxsecurity.com/advisories/debian_advisory-3583.html


Distribution:			Gentoo
	9/1/2003	pam_smb
		Remote buffer overflow vulnerability If a long password is supplied, this can cause a buffer overflow whichcould be exploited to execute arbitrary code with the privileges of theprocess which invokes PAM services. http://www.linuxsecurity.com/advisories/gentoo_advisory-3588.html

	9/1/2003	vmware
		Insecure symlink vulnerability The previous GLSA 200308-03 was wrong when it stated thatvmware-workstation-4.0.1-5289 would fix the problems described in theadvisory. http://www.linuxsecurity.com/advisories/gentoo_advisory-3589.html

	9/1/2003	horde
		Remote session hijacking An attacker could send an email to the victim who ago use of HORDE MTAin order to push it to visit a website. The website in issue log all theaccesses and describe in the particular the origin of every victim. http://www.linuxsecurity.com/advisories/gentoo_advisory-3590.html

	9/2/2003	‘phpwebsite’ SQL injection vulnerability
		Remote session hijacking phpwebsite contains an sql injection vulnerability in the calendarmodule which allows the attacker to execute sql queries. http://www.linuxsecurity.com/advisories/gentoo_advisory-3592.html

	9/2/2003	‘eroaster’ temporary file vulnerability
		Remote session hijacking Previous eroaster versions allowwed local users to overwrite arbitraryfiles via a symlink attack on a temporary file that is used as a lockfile. http://www.linuxsecurity.com/advisories/gentoo_advisory-3593.html

	9/2/2003	‘mindi’ temporary file vulnerability
		Remote session hijacking Mindi creates files in /tmp which could allow local user to overwrite arbitrary files. http://www.linuxsecurity.com/advisories/gentoo_advisory-3594.html

	9/2/2003	‘gallery’ cross-site scripting vulnerability
		Remote session hijacking Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1through 1.3.4 allows remote attackers to insert arbitrary web script viathe searchstring parameter. http://www.linuxsecurity.com/advisories/gentoo_advisory-3595.html

	9/2/2003	‘atari800’ buffer overflow
		Remote session hijacking atari800 contains a buffer overflow which could be used by an attackerto gain root privileges. http://www.linuxsecurity.com/advisories/gentoo_advisory-3596.html


Distribution:			Red Hat
	8/29/2003	‘sendmail’ DNS maps DoS
		Remote session hijacking Updated Sendmail packages are available to fix a vulnerability in thehandling of DNS maps http://www.linuxsecurity.com/advisories/redhat_advisory-3584.html

	8/29/2003	‘up2date’ required update
		Remote session hijacking New versions of the up2date and rhn_register clients are available andare required for continued access to Red Hat Network. http://www.linuxsecurity.com/advisories/redhat_advisory-3585.html


Distribution:			TurboLinux
	8/29/2003	pam_smb
		vulnerability The remote buffer overflow in the pam_smb module that an attacker can exploit the pam_smb configured to authenticate a remotely accessible service. http://www.linuxsecurity.com/advisories/turbolinux_advisory-3586.html

LinuxSecurity Feature Extras:

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR