[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linux Advisory Watch - March 21st 2003



+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  March 21st, 2002                         Volume 4, Number 12a |
+----------------------------------------------------------------+

  Editors:     Dave Wreski                Benjamin Thomas
               dave@xxxxxxxxxxxxxxxxx     ben@xxxxxxxxxxxxxxxxx

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilitiaes that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for kde, openssl, tcpdump, samba,
netpbm-free, lxr, kernel, libc, qpopper, man, mysql, rxvt, zlib,
gnome-lokkit, and libc.  The distributors include, Caldera, Debian,
Guardian Digital's EnGarde Secure Linux, Gentoo, Mandrake, Red Hat,
Slackware, SuSE, and Trustix.

* Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
unparalleled in security, ease of management, and features. Open source
technology constantly adapts to new threats. Email firewall, simplified
administration, automatically updated.

 --> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=mail2

-----------------------
LINUX SECURITY ARTICLES:
------------------------

Get out of a BIND - install DJBDNS - DJBDNS eases DNS management and
improves security over BIND alternatives by taking a different approach to
serving and caching DNS answers.

http://www.linuxsecurity.com/articles/documentation_article-6857.html


Remote Syslog with MySQL and PHP
Msyslog has the ability to log syslog messages to a database. This
allows for easier monitoring of multiple servers and the ability to
be display and search for syslog messages using PHP or any other
programming language that can communicate with the database.by
that, too.

http://www.linuxsecurity.com/feature_stories/feature_story-138.html


+---------------------------------+
|  Package:  kde                  | ----------------------------//
|  Date: 03-17-2003               |
+---------------------------------+

Description:
The implementation of the rlogin protocol in all of the affected
systems, and the implementation of the telnet protocol in affected
KDE 2 systems.

Vendor Alerts:

 Caldera:
 kdelibs2-2.2.1-6.3.i386.rpm
 8129d823e229783c726199a844318eee
 ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/
 Server/CSSA-2003-012.0/RPMS

 Caldera Vendor Advisory:
 http://www.linuxsecurity.com/advisories/caldera_advisory-2964.html



+---------------------------------+
|  Package:  openssl              | ----------------------------//
|  Date: 03-19-2003               |
+---------------------------------+

Description:
The xdrmem_getbytes() function in the XDR library provided by Sun
Microsystems contains an integer overflow that can lead to improperly
sized dynamic memory allocation.

Vendor Alerts:

 Caldera:
  glibc-2.2.4-26.i386.rpm
  22c6bf3a5dc5423c57eea99f7fef610d
  ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/
  Server/CSSA-2003-012.0/RPMS

  Caldera Vendor Advisory:
  http://www.linuxsecurity.com/advisories/caldera_advisory-3012.html



 EnGarde:
  EnGarde Vendor Advisory:
  http://www.linuxsecurity.com/advisories/engarde_advisory-3009.html


 Gentoo:
  Gentoo Vendor Advisory:
  http://www.linuxsecurity.com/advisories/gentoo_advisory-3013.html

 Trustix:
  Trustix Vendor Advisory:
  http://www.linuxsecurity.com/advisories/trustix_advisory-2991.html




+---------------------------------+
|  Package:  tcpdump              | ----------------------------//
|  Date: 03-19-2003               |
+---------------------------------+

Description:
An attacker is able to send a specially crafted RADIUS network packet
which causes tcpdump to enter an infinite loop.

Vendor Alerts:

 Debian:
  http://security.debian.org/pool/updates/main/t/
  tcpdump/tcpdump_3.6.2-2.4_i386.deb
  Size/MD5 checksum:   169580 ff9e64004901cb5b00bf0cb213451e76

  Debian Vendor Advisory:
  http://www.linuxsecurity.com/advisories/debian_advisory-2960.html

 Trustix:
  Trustix Vendor Advisory:
  http://www.linuxsecurity.com/advisories/trustix_advisory-2972.html



+---------------------------------+
|  Package:  samba                | ----------------------------//
|  Date: 03-19-2003               |
+---------------------------------+

Description:
A buffer overflow and race condition vulnerabilities have been fixed.
These vulnerabilities may lead to remote root compromise.

Vendor Alerts:

 Debian:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  Debian Vendor Advisory:
  http://www.linuxsecurity.com/advisories/debian_advisory-2961.html


 Gentoo:
  Gentoo Vendor Advisory:
  http://www.linuxsecurity.com/advisories/gentoo_advisory-2965.html

 Mandrake:
  Mandrake Vendor Advisory:
  http://www.linuxsecurity.com/advisories/mandrake_advisory-2963.html


 Slackware:
  Slackware Vendor Advisory:

http://www.linuxsecurity.com/advisories/slackware_advisory-2962.html


 SuSE:
  SuSE Vendor Advisory:
  http://www.linuxsecurity.com/advisories/suse_advisory-3000.html

 Red Hat:
  Red Hat Vendor Advisory:
  http://www.linuxsecurity.com/advisories/redhat_advisory-3001.html

 Trustix:
  Trustix Vendor Advisory:
  http://www.linuxsecurity.com/advisories/trustix_advisory-2992.html



+---------------------------------+
|  Package:  netpbm-free          | ----------------------------//
|  Date: 03-17-2003               |
+---------------------------------+

Description:
These vulnerabilities may allow remote attackers to cause a denial of
service or execute arbitrary code.

Vendor Alerts:

 Debian:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  Debian Vendor Advisory:
  http://www.linuxsecurity.com/advisories/debian_advisory-2968.html



+---------------------------------+
|  Package:  lxr                  | ----------------------------//
|  Date: 03-19-2003               |
+---------------------------------+

Description:
There is a vulnerability that allows a remote attacker to read
arbitrary files on the host system as user www-data.

Vendor Alerts:

 Debian:

http://security.debian.org/pool/updates/main/l/lxr/lxr_0.3-3_i386.deb

  Size/MD5 checksum:	25922 b0e19c5aaf6930b9e88d1a2dd0e4828e

  Debian Vendor Advisory:
  http://www.linuxsecurity.com/advisories/debian_advisory-3003.html




+---------------------------------+
|  Package:  kernel               | ----------------------------//
|  Date: 03-19-2003               |
+---------------------------------+

Description:
This update fixes several vulnerabilities in the Linux kernel

Vendor Alerts:

 EnGarde:
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
  i386/kernel-2.2.19-1.0.30.i386.rpm
  MD5 Sum: 9a16886321cc19365ea1a7d27d927b83

  i386/kernel-lids-mods-2.2.19-1.0.30.i386.rpm
  MD5 Sum: 784e3abd25e27db6036bd7638ac22ef6

  i386/kernel-smp-lids-mods-2.2.19-1.0.30.i386.rpm
  MD5 Sum: 42a9c7d7b5879e061d59d1008011dab7

  i386/kernel-smp-mods-2.2.19-1.0.30.i386.rpm
  MD5 Sum: 64b89dcd411abdd455bbb55539a29df6

  i686/kernel-2.2.19-1.0.30.i686.rpm
  MD5 Sum: af21a043fcde3004ad645ca4bb26117e

  i686/kernel-lids-mods-2.2.19-1.0.30.i686.rpm
  MD5 Sum: 8f90859a9313f731c710247e27915a42

  i686/kernel-smp-lids-mods-2.2.19-1.0.30.i686.rpm
  MD5 Sum: 74ff5e04d89e9a5b60d79f3fc0491034

  i686/kernel-smp-mods-2.2.19-1.0.30.i686.rpm
  MD5 Sum: 1fa7cffecc2fd417713f67c4bb19da90


  EnGarde Vendor Advisory:
  http://www.linuxsecurity.com/advisories/engarde_advisory-2976.html



 Red Hat:
  Red Hat Vendor Advisory:
  http://www.linuxsecurity.com/advisories/redhat_advisory-3016.html

 Trustix:
  Trustix Vendor Advisory:
  http://www.linuxsecurity.com/advisories/trustix_advisory-2973.html




+---------------------------------+
|  Package:  libc                 | ----------------------------//
|  Date: 03-20-2003               |
+---------------------------------+

Description:
The xdrmem XDR stream object does incorrect bounds-checking.

Vendor Alerts:

 FreeBSD:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  FreeBSD Vendor Advisory:
  http://www.linuxsecurity.com/advisories/freebsd_advisory-3022.html



+---------------------------------+
|  Package:  qpopper              | ----------------------------//
|  Date: 03-20-2003               |
+---------------------------------+

Description:
Under certain conditions it is possible to execute arbitrary code
using a buffer overflow in the recent qpopper.

 Vendor Alerts: Gentoo:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  Gentoo Vendor Advisory:
  http://www.linuxsecurity.com/advisories/gentoo_advisory-2966.html




+---------------------------------+
|  Package:  man                  | ----------------------------//
|  Date: 03-20-2003               |
+---------------------------------+

Description:
man 1.5l fixes a bug which results in arbitrary code execution upon
reading a specially formatted man file.

Vendor Alerts:

 Gentoo:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  Gentoo Vendor Advisory:
  http://www.linuxsecurity.com/advisories/gentoo_advisory-2995.html


 Trustix:
  Trustix Vendor Advisory:
  http://www.linuxsecurity.com/advisories/trustix_advisory-2989.html




+---------------------------------+
|  Package:  mysql                | ----------------------------//
|  Date: 03-20-2003               |
+---------------------------------+

Description:
MySQL will no longer read config files that are world-writeable.

Vendor Alerts:

 Gentoo:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  Gentoo Vendor Advisory:
  http://www.linuxsecurity.com/advisories/gentoo_advisory-2996.html


 Trustix:
  Trustix Vendor Advisory:
  http://www.linuxsecurity.com/advisories/trustix_advisory-2990.html




+---------------------------------+
|  Package:  rxvt                 | ----------------------------//
|  Date: 03-20-2003               |
+---------------------------------+

Description:
Many of the features supported by popular terminal emulator software
can be abused when un-trusted data is displayed on the screen. The
impact of this abuse can range from annoying screen garbage to a
complete system compromise. All of the issues below are actually
documented features, anyone who takes the time to read over the man
pages or source code could use them to carry out an attack.

Vendor Alerts:

 Gentoo:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  Gentoo Vendor Advisory:
  http://www.linuxsecurity.com/advisories/gentoo_advisory-3014.html


 Red Hat:
  Red Hat Vendor Advisory:
  http://www.linuxsecurity.com/advisories/redhat_advisory-2969.html



+---------------------------------+
|  Package:  zlib                 | ----------------------------//
|  Date: 03-18-2003               |
+---------------------------------+

Description:
Richard Kettlewell discovered a buffer overflow vulnerability in the
zlib library's gzprintf() function.

Vendor Alerts:

 Mandrake:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  Mandrake Vendor Advisory:
  http://www.linuxsecurity.com/advisories/mandrake_advisory-3002.html



+---------------------------------+
|  Package:  gnome-lokkit         | ----------------------------//
|  Date: 03-18-2003               |
+---------------------------------+

Description:
Updated Gnome-lokkit packages fix missing FORWARD ruleset in Red Hat
Linux 8.0.

Vendor Alerts:

 Red Hat:
  ftp://updates.redhat.com/8.0/en/os/i386/
  gnome-lokkit-0.50-21.8.0.i386.rpm
  01f42937db89e8afb3f30a704e52ca7f

  ftp://updates.redhat.com/8.0/en/os/i386/
  lokkit-0.50-21.8.0.i386.rpm
  0f80d90d4766f04eef08928b33b6a25e

  Red Hat Vendor Advisory:
  http://www.linuxsecurity.com/advisories/redhat_advisory-2967.html



+---------------------------------+
|  Package:  glibc                | ----------------------------//
|  Date: 03-17-2003               |
+---------------------------------+

Description:
Updated glibc packages are available to fix an integer overflow in
the XDR decoder.

Vendor Alerts:

 Red Hat:
  PLEASE SEE VENDOR ADVISORY FOR UPDATE

  Red Hat Vendor Advisory:
  http://www.linuxsecurity.com/advisories/redhat_advisory-3015.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Video for Linux]     [Bugtraq]     [USB]     [Fedora Security]

Add to Google Powered by Linux