Linux Advisory Watch - June 25, 2004

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+---------------------------------------------------------------------+
|  LinuxSecurity.com                         Weekly Newsletter        |
|  June 25, 2004                           Volume 5, Number 26a       |
+---------------------------------------------------------------------+

  Editors:	Dave Wreski			Benjamin Thomas
		dave@xxxxxxxxxxxxxxxxx		ben@xxxxxxxxxxxxxxxxx

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.

This week, advisories were released for sup, super, rlpr, Multiple,
kernel, libpng and Usermin. The distributors include Debian, EnGarde,
Fedora, Gentoo, Openwall, Red Hat, Trustix, and Turbolinux.

-----

>> Internet Productivity Suite:  Open Source Security <<

Trust Internet Productivity Suite's open source architecture to give you
the best security and productivity applications available.  Collaborating
with thousands of developers, Guardian Digital security engineers
implement the most technologically advanced ideas and methods into their
design.

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn10

-----

Tripwire Monitoring

Tripwire is a program that monitors file integrity by maintainig a
database of cryptographic signature for programs and configuration files
installed on the system, and reports changes in any of these files.

A database of checksums and other characteristics for the files listed in
the configuration file is created.  Each subsequent run compares any
differences to the reference database, and the administrator is notified.

The greatest level of assurance that can be provided occurs if Tripwire is
run immediately after Linux has been installed and security updates
applied, and before it is connected to a network.

A text configuration file, called a policy file, is used to define the
characteristics for each file that are tracked.  Your level of paranoid
determines the frequency in which the intergrity of the files are checked.
Administration requries constant a ttention to the system changes, and can
be time-consuming if used for many systems.  Tripwire is available in
unsupported commercial binary for Red Hat and similar distributions.

Here are several examples:

  # Create policy file from text file
  /usr/TSS/bin/twadmin -m P policy.txt

  # Initialize database according to policy file
  /usr/TSS/bin/tripwire --init

  # Print database
  /usr/TSS/bin/twprint -m d

  # Generate daily report file
  /usr/TSS/bin/tripwire -m c -t 1 -M

  # Update database according to policy file and report file
  /usr/TSS/bin/tripwire --update --polfile policy/tw.pol
                        --twrfile report/-.twr


Security Tip Written by Ryan Maple (ryan@xxxxxxxxxxxxxxxxxxx) Additional
tips are available at the following URL:
http://www.linuxsecurity.com/tips/tip-25.html

Until next time, cheers!
Benjamin D. Thomas
ben@xxxxxxxxxxxxxxxxx

-----
Open Source Leaving Microsoft Sitting on the Fence?

The open source model, with special regard to Linux, has no doubt become a
formidable competitor to the once sole giant of the software industry,
Microsoft. It is expected when the market share of an industry leader
becomes threatened, retaliation with new product or service offerings and
marketing campaigns refuting the claims of the new found competition are
inevitable. However, in the case of Microsoft, it seems they have not
taken a solid or plausible position on the use of open source applications
as an alternative to Windows.

http://www.linuxsecurity.com/feature_stories/feature_story-168.html

-------------------------------------------------------------------

Interview with Brian Wotring, Lead Developer for the Osiris Project

Brian Wotring is currently the lead developer for the Osiris project and
president of Host Integrity, Inc. He is also the founder of
knowngoods.org, an online database of known good file signatures. Brian is
the co-author of Mac OS X Security and a long-standing member of the Shmoo
Group, an organization of security and cryptography professionals.
http://www.linuxsecurity.com/feature_stories/feature_story-164.html

--------------------------------------------------------------------

Guardian Digital Launches Next Generation Secure Mail Suite

Guardian Digital, the premier open source security company, announced the
availability of the next generation Secure Mail Suite, the industry's most
secure open source corporate email system. This latest edition has been
optimized to support the changing needs of enterprise and small business
customers while continually providing protection from the latest in email
security threats.

http://www.linuxsecurity.com/feature_stories/feature_story-166.html

--------------------------------------------------------------------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

 6/19/2004 - sup
   Format string vulnerability

   By explointing this, a remote attacker could potentially cause
   arbitrary code to be executed with the privileges of the
   supfilesrv process
   http://www.linuxsecurity.com/advisories/debian_advisory-4494.html

 6/19/2004 - super
   Format string vulnerability

   This vulnerability could potentially be exploited by a local user
   to execute arbitrary code with root privileges.
   http://www.linuxsecurity.com/advisories/debian_advisory-4500.html

 6/19/2004 - www-sql Buffer overflow vulnerability
   Format string vulnerability

   Exploiting this vulnerability, a local user could cause the
   execution of arbitrary code by creating a web page and processing
   it with www-sql.
   http://www.linuxsecurity.com/advisories/debian_advisory-4501.html

 6/21/2004 - rlpr
   Format string vulnerabilities

   By exploiting one of these vulnerabilities, a local or remote user
   could potentially cause arbitrary code to be executed with the
   privileges of 1) the rlprd process (remote), or 2) root (local).
   http://www.linuxsecurity.com/advisories/debian_advisory-4508.html


+---------------------------------+
|  Distribution: EnGarde          | ----------------------------//
+---------------------------------+

 6/21/2004 - Multiple
   'kernel' vulnerabilities

   This update fixes several security vulnerabilities in the Linux
   Kernel shipped with EnGarde Secure Linux.
   http://www.linuxsecurity.com/advisories/engarde_advisory-4509.html

 6/21/2004 - kernel
   2.4 Multiple vulnerabilities

   This update fixes several security vulnerabilities, including the
   famous "fsave/frstor" vulnerability and an information leak in the
   e1000 driver.
   http://www.linuxsecurity.com/advisories/engarde_advisory-4510.html


+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

 6/21/2004 - libpng
   1.2 Denial of service vulnerability

   An attacker could carefully craft a PNG file in such a way that it
   would cause an application linked to libpng to crash or
   potentially execute arbitrary code.
   http://www.linuxsecurity.com/advisories/fedora_advisory-4506.html

 6/21/2004 - libpng
   1.0 Denial of service vulnerability

   An attacker could carefully craft a PNG file in such a way that it
   would cause an application linked to libpng to crash or
   potentially execute arbitrary code when opened by a victim.
   http://www.linuxsecurity.com/advisories/fedora_advisory-4507.html


+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

 6/18/2004 - Usermin
   Multiple vulnerabilities

   Usermin contains two security vulnerabilities which could lead to
   a Denial of Service attack and information disclosure.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-4485.html


+---------------------------------+
|  Distribution: Openwall         | ----------------------------//
+---------------------------------+

 6/21/2004 - kernel
   Multiple vulnerabilities

   This update fixes multiple security-related bugs in the Linux
   kernel as well as two non-security bugs in the patch itself.  This
   includes the now-famous DoS bug.
   http://www.linuxsecurity.com/advisories/openwall_advisory-4504.html


+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

 6/18/2004 - libpng
   Buffer overflow vulnerability

   Updated libpng packages that fix a possible buffer overflow are
   now available.
   http://www.linuxsecurity.com/advisories/redhat_advisory-4486.html

 6/21/2004 - kernel
   Multiple vulnerabilities

   This contains two similar advisories, once set fixing RHEE 3, and
   the other RHEE 2.1.	Patch addresses two DoS attacks and several
   vulnerable drivers.
   http://www.linuxsecurity.com/advisories/redhat_advisory-4503.html


+---------------------------------+
|  Distribution: Trustix          | ----------------------------//
+---------------------------------+

 6/21/2004 - kernel
   Multiple vulnerabilities

   During checks of the Linux 2.6 source using an automated tool
   called sparse, several issues were discovered.  Some of these were
   discovered to also apply to the 2.4 series of the Linux kernel.
   http://www.linuxsecurity.com/advisories/trustix_advisory-4502.html


+---------------------------------+
|  Distribution: Turbolinux       | ----------------------------//
+---------------------------------+

 6/19/2004 - kernel
   Denial of service vulnerability

   The vulnerability allows an attacker to make the cause of the
   denial of service of the kernel.
   http://www.linuxsecurity.com/advisories/turbolinux_advisory-4493.html

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux