[ISN] Linux Advisory Watch - April 7th 2006
InfoSec News
isn at c4i.org
Fri Apr 7 01:34:45 EDT 2006
+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| April 7th, 2006 Volume 7, Number 15n |
| |
| Editorial Team: Dave Wreski dave at linuxsecurity.com |
| Benjamin D. Thomas ben at linuxsecurity.com |
+---------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week advisories were released for apache, storebackup, kaffeine,
clamav, dia, sash, mailman, rpm, scim-hangul, scim, mrtg, wpa_supplicant,
samba, policycoreutils, selinux-policy, mc, k3b, open office, pcmciautils,
gnome-applets, binutils, sendmail, newt, dovecot, dia, sane-backends,
iptraf, tix, xscreensaver, liboil, alsa-utils, system-config-printer,
horde, freeradius, mysql, and openmotif. The distributors include
Debian, Fedora, Gentoo, Mandriva, and Red Hat.
---
EnGarde Secure Linux: Why not give it a try?
EnGarde Secure Linux is a Linux server distribution that is geared
toward providing a open source platform that is highly secure by default
as well as easy to administer. EnGarde Secure Linux includes a select
group of open source packages configured to provide maximum security
for tasks such as serving dynamic websites, high availability mail
transport, network intrusion detection, and more. The Community
edition of EnGarde Secure Linux is completely free and open source,
and online security and application updates are also freely
available with GDSN registration.
http://www.engardelinux.org/modules/index/register.cgi
---
Review: The TCP/IP Guide
By: Eric Lubow
To be a comprehensive source of information is something that any
and every author attempts to be in their works. While writing The
TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols
Reference, Charles Kozierok nothing short of comprehensive. In this
1616 page, 88 chapter reference of the TCP/IP protocol set, all
the important topics are covered.
Normally, when I review books, I give a little bit of information
on each chapter. In this case, that would be a little drastic and
cause an extremely long review.
Whatever little I write as a summary here just will not do this
guide the justice it deserves for the effort of the author. Although
the book covers such a wide variety of topics, each one is covered
very thoroughly.
Beginning with basic networking concepts and moving into the OSI
(Open Systems Interconnection) model, the bases are fully covered.
He even goes so far in depth as to discuss the standards
organizations that contribute to, support, and govern networking
and the Internet. Once the OSI model is covered, he goes on to
talk about how TCP, UDP, and IP protocols integrate themselves
into the OSI model.
The first topic that is covered within the TCP/IP protocol suite
are the interface protocols: SLIP and PPP. Every major PPP and
SLIP sub item is covered within the chapters. These include: LCP,
PAP, CHAP, ECP, PPP MP, just to name a few.
The next set of chapters is covering ARP, RARP, IPv4, IPv6, IP
NAT and IP Sec. This basically covers how to move from level 2
to level 3 in the OSI model. Following the OSI model up, he then
covers ICMPv4 and ICMPv6 prior to proceeding into routing. The
routing protocols covered are: RIP, RIP-2, RIPng OSPF, BGP3,
BGP4, GGP, EGP, EGRP, EIGRP, and HELLO.
After thoroughly covering how data moves from place to place on
the lower levels of the OSI model, he begins by covering TCP and
UDP by session establishment and handshaking. Since the book is
about TCP protocols, there is a lot of discussion and diagrams
of message headers and the theory behind TCP and UDP being
designed the way they are.
Since all these protocols are merely transport mechanisms for
higher level applications, a great deal of time in this book is
dedicated to how those higher level applications function. Some
of these applications and systems are: DNS, NFS, BOOTP, DHCP,
SNMP, RMON, URI and URL structure, FTP, TFP, Email systems
including SMTP and MIME structures, HTTP (transfers, encoding,
messages, entities, etc), NNTP, and Gopher (again to name just
a few). All of these applications that now have counterparts
that support IPv6 are also examined and broken down. Each one
of the topics listed above have associated diagrams and message
layouts to allow as deep a comprehension as is desired by the
reader.
He finishes up the book talking about remote application protocols
and troubleshooting tools. This is especially handy information to
have at your fingertips if you are constantly troubleshooting
network or application level issues. He even goes so far as to
break down common UNIX and Windows commands into their command
lines and what the output is actually saying about the state of
the packet, interface, application, or network.
Read More:
http://www.linuxsecurity.com/content/view/122263/49/
----------------------
EnGarde Secure Community 3.0.4 Released
Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.4 (Version 3.0, Release 4). This release
includes several bug fixes and feature enhancements to the Guardian
Digital WebTool and the SELinux policy, and several new packages
available for installation.
http://www.linuxsecurity.com/content/view/121560/65/
---
Linux File & Directory Permissions Mistakes
One common mistake Linux administrators make is having file and
directory permissions that are far too liberal and allow access
beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this
article, so I'll assume you are familiar with the usage of such
tools as chmod, chown, and chgrp. If you'd like a refresher, one
is available right here on linuxsecurity.com.
http://www.linuxsecurity.com/content/view/119415/49/
---
Buffer Overflow Basics
A buffer overflow occurs when a program or process tries to
store more data in a temporary data storage area than it was
intended to hold. Since buffers are created to contain a finite
amount of data, the extra information can overflow into adjacent
buffers, corrupting or overwriting the valid data held in them.
http://www.linuxsecurity.com/content/view/119087/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New Apache2::Request packages fix denial of service
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122186
* Debian: New storebackup packages fix several vulnerabilities
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122206
* Debian: New Linux kernel 2.4.27 packages fix several
vulnerabilities
5th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122222
* Debian: New kaffeine packages fix arbitrary code execution
5th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122223
* Debian: New clamav packages fix several vulnerabilities
5th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122237
* Debian: New dia packages fix arbitrary code execution
6th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122244
* Debian: New sash packages fix potential arbitrary code execution
6th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122245
* Debian: New mailman packages fix denial of service
6th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122246
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
* Fedora Core 4 Update: kernel-2.6.16-1.2069_FC4
30th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122170
* Fedora Core 4 Update: rpm-4.4.1-23
30th, March, 2006
This update fixes an issue with a double free experienced in
verification with matchpathcon.
http://www.linuxsecurity.com/content/view/122171
* Fedora Core 5 Update: scim-hangul-0.2.2-1.fc5
30th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122172
* Fedora Core 5 Update: scim-anthy-1.0.0-1.fc5
30th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122173
* Fedora Core 5 Update: mrtg-2.13.2-0.fc5.1
30th, March, 2006
Fixes the RouterUptime option.
http://www.linuxsecurity.com/content/view/122174
* Fedora Core 5 Update: wpa_supplicant-0.4.8-6.fc5
30th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122175
* Fedora Core 5 Update: samba-3.0.22-1.fc5
30th, March, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122176
* Fedora Core 5 Update: policycoreutils-1.30.1-3.fc5
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122189
* Fedora Core 5 Update: selinux-policy-2.2.25-3.fc5
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122190
* Fedora Core 5 Update: mc-4.6.1a-12.FC5
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122191
* Fedora Core 5 Update: k3b-0.12.14-0.FC5.2
3rd, April, 2006
update to version 0.12.14
http://www.linuxsecurity.com/content/view/122192
* Fedora Core 4 Update: k3b-0.12.14-0.FC4.1
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122193
* Fedora Core 5 Update: openoffice.org-2.0.2-5.7.2
3rd, April, 2006
Fixes for a11y and font handling.
http://www.linuxsecurity.com/content/view/122194
* Fedora Core 5 Update: pcmciautils-012-0.FC5.2
3rd, April, 2006
User with pcmcia, namely Laptop users, who experience a hangup at
"Starting udev" should update to this package.
http://www.linuxsecurity.com/content/view/122195
* Fedora Core 5 Update: gnome-applets-2.14.0-1.fc5
3rd, April, 2006
This update allows the gswitchit applet's plugins to work.
http://www.linuxsecurity.com/content/view/122196
* Fedora Core 5 Update: perl-HTML-Parser-3.51-1.FC5
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122197
* Fedora Core 5 Update: perl-DBD-Pg-1.47-0.1.FC5
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122198
* Fedora Core 5 Update: perl-Net-DNS-0.57-1
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122199
* Fedora Core 5 Update: binutils-2.16.91.0.6-5
3rd, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122200
* Fedora Core 5 Update: wpa_supplicant-0.4.8-7.fc5
3rd, April, 2006
This update works around older and 3rd-party drivers that report
wireless network names incorrectly, causing wpa_supplicant to
prematurely terminate a wireless connection.
http://www.linuxsecurity.com/content/view/122201
* Fedora Core 5 Update: gthumb-2.7.5.1-1.fc5.1
4th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122221
* Fedora Core 4 Update: sendmail-8.13.6-0.FC4.1
5th, April, 2006
A flaw in the handling of asynchronous signals. A remote attacker may
be able to exploit a race condition to execute arbitrary code as
root.
http://www.linuxsecurity.com/content/view/122232
* Fedora Core 5 Update: sendmail-8.13.6-0.FC5.1
5th, April, 2006
A flaw in the handling of asynchronous signals. A remote attacker may
be able to exploit a race condition to execute arbitrary code as
root.
http://www.linuxsecurity.com/content/view/122233
* Fedora Core 5 Update: newt-0.52.2-6
5th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122234
* Fedora Core 4 Update: dovecot-0.99.14-8.fc4
5th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122235
* Fedora Core 4 Update: dia-0.94-13.fc4
5th, April, 2006
Fixes CVE-2006-1550 Dia multiple buffer overflows
http://www.linuxsecurity.com/content/view/122236
* Fedora Core 5 Update: sane-backends-1.0.17-5.fc5.8
5th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122238
* Fedora Core 5 Update: iptraf-3.0.0-1.3.FC5
5th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122239
* Fedora Core 5 Update: tix-8.4.0-6
5th, April, 2006
The tix package was assembled incorrectly which ended up breaking
wish and tkinter/ipython. The libraries are now in the right place.
http://www.linuxsecurity.com/content/view/122240
* Fedora Core 5 Update: xscreensaver-4.24-2
6th, April, 2006
Don't leak zombie processes with the GL SlideShow ScreenSaver
http://www.linuxsecurity.com/content/view/122254
* Fedora Core 5 Update: GConf2-2.14.0-1
6th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122255
* Fedora Core 5 Update: liboil-0.3.8-1.fc5
6th, April, 2006
This update rebases liboil to 0.3.8 to help resolve issues required
by packages in Fedora Extras.
http://www.linuxsecurity.com/content/view/122256
* Fedora Core 5 Update: gnome-screensaver-2.14.0-1.fc5
6th, April, 2006
This update corrects a problem where kerberos credentials weren't
being properly refreshed when a user successfully authenticates in
the unlock dialog.
http://www.linuxsecurity.com/content/view/122257
* Fedora Core 5 Update: alsa-utils-1.0.11-4.rc2
6th, April, 2006
Updated package.
http://www.linuxsecurity.com/content/view/122258
* Fedora Core 5 Update: system-config-printer-0.6.151.2-1
6th, April, 2006
With no configured printers, it was not possible to disable automatic
browsing for shared printers.
http://www.linuxsecurity.com/content/view/122259
* Fedora Core 5 Update: gnome-screensaver-2.14.0-1.fc5.1
6th, April, 2006
This update fixes problems detecting idle activity.
http://www.linuxsecurity.com/content/view/122260
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: MediaWiki Cross-site scripting vulnerability
4th, April, 2006
MediaWiki is vulnerable to a cross-site scripting attack that could
allow arbitrary JavaScript code execution.
http://www.linuxsecurity.com/content/view/122217
* Gentoo: Horde Application Framework Remote code execution
4th, April, 2006
The help viewer of the Horde Framework allows attackers to execute
arbitrary remote code.
http://www.linuxsecurity.com/content/view/122219
* Gentoo: FreeRADIUS Authentication bypass in EAP-MSCHAPv2
4th, April, 2006
The EAP-MSCHAPv2 module of FreeRADIUS is affected by a validation
issue which causes some authentication checks to be bypassed.
http://www.linuxsecurity.com/content/view/122220
* Gentoo: Kaffeine Buffer overflow
5th, April, 2006
Kaffeine is vulnerable to a buffer overflow that could lead to the
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/122241
* Gentoo: Doomsday Format string vulnerability
5th, April, 2006
Format string vulnerabilities in Doomsday may lead to the execution
of arbitrary code.
http://www.linuxsecurity.com/content/view/122243
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated dia packages fix buffer overflow vulnerabilities
3rd, April, 2006
Three buffer overflows were discovered by infamous41md in dia's xfig
import code. This could allow for user-complicit attackers to have
an unknown impact via a crafted xfig file, possibly involving an
invalid color index, number of points, or depth. Updated packages
have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/122207
* Mandriva: Updated php packages fix information disclosure
vulnerability
3rd, April, 2006
A vulnerability was discovered where the html_entity_decode()
function would return a chunk of memory with length equal to the
string supplied, which could include php code, php ini data, other
user data, etc. Note that by default, Corporate 3.0 and Mandriva
Linux LE2005 ship with magic_quotes_gpc on which seems to protect
against this vulnerability "out of the box" but users are encourages
to upgrade regardless.
http://www.linuxsecurity.com/content/view/122208
* Mandriva: Updated MySQL packages fix logging bypass vulnerability
3rd, April, 2006
MySQL allows local users to bypass logging mechanisms via SQL queries
that contain the NULL character, which are not properly handled by
the mysql_real_query function. Updated packages have been patched to
correct this issue.
http://www.linuxsecurity.com/content/view/122209
* Mandriva: Updated kaffeine packages fix remote buffer overflow
vulnerability
5th, April, 2006
Marcus Meissner discovered Kaffeine contains an unchecked buffer
while creating HTTP request headers for fetching remote RAM
playlists, which allows overflowing a heap allocated buffer. As a
result, remotely supplied RAM playlists can be used to execute
arbitrary code on the client machine.
http://www.linuxsecurity.com/content/view/122231
* Mandriva: Updated FreeRADIUS packages fix off-by-one overflow
vulnerabilty
5th, April, 2006
Off-by-one error in the sql_error function in sql_unixodbc.c in
FreeRADIUS might allow remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code by causing the external
database query to fail. Updated packages have been patched to correct
this issue.
http://www.linuxsecurity.com/content/view/122242
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Important: freeradius security update
4th, April, 2006
Updated freeradius packages that fix an authentication weakness are
now available. This update has been rated as having important
security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/122210
* RedHat: Moderate: openmotif security update
4th, April, 2006
Updated openmotif packages that fix a security issue are now
available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/122211
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request at linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
More information about the ISN
mailing list