Linux Advisory Watch - January 30th 2004

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  January 30th, 2004                        Volume 5, Number 5a |
+----------------------------------------------------------------+

  Editors:     Dave Wreski                Benjamin Thomas
               dave@xxxxxxxxxxxxxxxxx     ben@xxxxxxxxxxxxxxxxx

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for gnupg, trr19, slocate, screen,
mod_python, gaim, jabber, mc, and tcpdump. The distributors include
Debian, Fedora, Gentoo, Mandrake, Red Hat, Slackware, and SuSE.

----

>> Enterprise Security for the Small Business <<
Never before has a small business productivity solution been designed with
such robust security features.  Engineered with security as a main focus,
the Guardian Digital Internet Productivity Suite is the cost-effective
solution small businesses have been waiting for.

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn07

----

Today, information is power.  Those who have the most information, have
the most power.  Companies are constantly plagued with former employees
giving sensitive information to competition.  Call centers are attacked
with social engineering techniques, and servers connected to the Internet
are being scanned at an increasing rate.  Information security is no
longer a 'nice thing to have,' it is a necessity.  Millions of dollars are
now being spent worldwide on corporate information security programs.

In many cases, it is difficult for those less technically inclined to see
the need in having a large budget for information security. It is usually
seen as an IT issue, and something that can be addressed by one device or
a piece of software.  Information security is a much broader issue that is
infinitely complex.

Rather than thinking about security from a 'patch and pray' standpoint, it
is better think about it from a wider perspective. A great book to read is
"Information Warfare and Security," by Dorothy Denning.  The book is
written for the technical layman, so it is appropriate for those at all
levels.  It is a book that should be read by anyone is responsible for any
amount of sensitive information.

Being over 400 pages, it is quite long.  However, it is very easy to read
because of its structure.  The book is broken up into three parts:  An
Introduction, Offensive, and Defensive Information Warfare. Each part is
composed of several chapters and each chapter includes a story or several
stories and then a further analysis.  The chapters can be read in sequence
or independently.  The great part about this book is that one does not
have to read it in its entirety to get something out of it.  No matter
what current information security situation you face, you'll find
inspiration in this book.

Some of my favorite chapters include "Psyops and Perception Management,"
"Secret Codes and Hideaways," and "In a Risky World." Rather than the
typical dry technical book that most of us are used to, you'll find this
book addictive and informative.  I found that this book provided a good
social sciences perspective to information security, one that I normally
overlook.

"Information Warfare and Security" was published in 1999 and is
available in most bookstores.

Until next time, cheers!
Benjamin D. Thomas
ben@xxxxxxxxxxxxxxxxx

---

Introduction to Netwox and Interview with Creator Laurent Constantin

In this article Duane Dunston gives a brief introduction to Netwox, a
combination of over 130 network auditing tools.  Also, Duane interviews
Laurent Constantin, the creator of Netwox.

http://www.linuxsecurity.com/feature_stories/feature_story-158.html

--------------------------------------------------------------------

CONCERNED ABOUT THE NEXT THREAT? EnGarde is the undisputed winner!
Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing
Editor's Choice Award, EnGarde "walked away with our Editor's Choice award
thanks to the depth of its security strategy..." Find out what the other
Linux vendors are not telling you.

http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2

--------------------------------------------------------------------

Managing Linux Security Effectively in 2004

This article examines the process of proper Linux security management in
2004.  First, a system should be hardened and patched.  Next, a security
routine should be established to ensure that all new vulnerabilities are
addressed.  Linux security should be treated as an evolving process.

http://www.linuxsecurity.com/feature_stories/feature_story-157.html


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

 1/26/2004 - gnupg
   Signing key vulnerability

   This vulnerability can be used to trivially recover the private
   key.
   http://www.linuxsecurity.com/advisories/debian_advisory-3976.html

 1/28/2004 - trr19
   Missing privilege release

   The binaries don't drop privileges before executing a command,
   allowing an attacker to gain access to the local group games.
   http://www.linuxsecurity.com/advisories/debian_advisory-3983.html


+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

 1/26/2004 - slocate
   Heap overflow vulnerability

   A local user could exploit this vulnerability to gain "slocate"
   group privileges and then read the entire slocate database.
   http://www.linuxsecurity.com/advisories/fedora_advisory-3974.html

 1/27/2004 - screen
   Privilege escalation vulnerability

   Updated screen packages are now available that fix a security
   vulnerability which may allow privilege escalation for local
   users.
   http://www.linuxsecurity.com/advisories/fedora_advisory-3982.html


+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

 1/27/2004 - mod_python
   Denial of service vulnerability

   The Apache Foundation has reported that mod_python may be prone to
   Denial of Service attacks when handling a malformed query.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3980.html

 1/27/2004 - gaim
   Multiple vulnerabilities

   Multiple buffer overflows exist in gaim 0.75 and earlier.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3981.html


+---------------------------------+
|  Distribution: Mandrake         | ----------------------------//
+---------------------------------+

 1/23/2004 - slocate
   Heap overflow

   This could be exploited by a local user to gain  privileges of the
   'slocate' group.  The updated packages contain a  patch from Kevin
   Lindsay that causes slocate to drop privileges before  reading a
   user-supplied database.
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3971.html

 1/23/2004 - jabber
   Denial of service vulnerability

   A vulnerability was found in the jabber program where a bug in the
   handling of SSL connections could cause the server process to
   crash,  resulting in a DoS (Denial of Service).
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3972.html

 1/27/2004 - gaim
   Multiple vulnerabilities

   Multiple buffer overflows exist in gaim 0.75 and earlier.
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3977.html

 1/27/2004 - mc
   Buffer overflow vulnerability

   This vulnerability could allow remote attackers to execute
   arbitrary code during symlink conversion.
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3978.html

 1/27/2004 - tcpdump
   Non-sanitized input vulernability

   If fed a maliciously crafted packet, could be exploited to crash
   tcpdump or potentially execute arbitrary code.
   http://www.linuxsecurity.com/advisories/mandrake_advisory-3979.html


+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

 1/26/2004 - gaim
   Multiple vulnerabilities

   Multiple buffer overflows that affect versions of Gaim 0.75 and
   earlier.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3973.html


+---------------------------------+
|  Distribution: Slackware        | ----------------------------//
+---------------------------------+

 1/26/2004 - gaim
   Multiple vulnerabilities

   12 vulnerabilities were found in the instant messenger GAIM that
   allow remote compromise.
   http://www.linuxsecurity.com/advisories/slackware_advisory-3975.html


+---------------------------------+
|  Distribution: SuSE             | ----------------------------//
+---------------------------------+

 1/29/2004 - gaim
   Multiple vulnerabilities

   12 vulnerabilities in gaim can lead to a remote system compromise
   with the privileges of the user running GAIM.
   http://www.linuxsecurity.com/advisories/suse_advisory-3984.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux