|
[networknewsletters]
||
[Date Prev]
[10-2004 Date Index]
[Date Next]
||
[Thread Prev]
[10-2004 Thread Index]
[Thread Next]
Fwd: [ISN] Linux Advisory Watch - October 22nd 2004
- From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
- To: NetworkNewsletters@xxxxxxxxxxxxx
- Date: Tue, 26 Oct 2004 09:50:09 -0400
**************************************************************
Educational CyberPlayGround Community [ECP]
http://www.edu-cyberpg.com/
Subscribe - Unsubscribe - Email Preferences
http://www.edu-cyberpg.com/Community/index.html
Network Newsletters Mailing List ©1994
<http://www.edu-cyberpg.com/Community/NetworkNewsletters.html>
Find out how to Advertise on K12 Newsletters Mailing List
<http://www.edu-cyberpg.com/Community/Subguidelines.html>
**************************************************************
>Date: Mon, 25 Oct 2004 04:58:55 -0500 (CDT)
>
>
>+---------------------------------------------------------------------+
>| LinuxSecurity.com Weekly Newsletter |
>| October 22nd, 2004 Volume 5, Number 42a |
>+---------------------------------------------------------------------+
>
> Editors: Dave Wreski Benjamin D. Thomas
> dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
>
>Linux Advisory Watch is a comprehensive newsletter that outlines the
>security vulnerabilities that have been announced throughout the week.
>It includes pointers to updated packages and descriptions of each
>vulnerability.
>
>This week, advisories were released for libtiff, libpng, ecartis, cupsys,
>BNC, phpMyAdmin, Squid, PostgreSQL, Ghostscript, glibc, mod_ssl, mozilla,
>cvs, gaim, wxGTK2, squid, wxGTK2, xpdf, gpdf, kdegraphics, ImageMagick,
>and mysql. The distributors include Conectiva, Debian, Fedora, Gentoo,
>Mandrake, Red Hat, SuSE, and Trustix.
>
>-----
>
>-----
>
>xlock and vlock
>
>If you wander away from your machine from time to time, it is nice to be
>able to "lock" your console so that no one tampers with or looks at your
>work. Two programs that do this are: xlock and vlock.
>
>Xlock is a X display locker. It should be included in any Linux
>distributions that support X. Check out the man page for it for more
>options, but in general you can run xlock from any xterm on your console
>and it will lock the display and require your password to unlock.
>
>vlock is a simple little program that allows you to lock some or all of
>the virtual consoles on your Linux box. You can lock just the one you are
>working in or all of them. If you just lock one, others can come in and
>use the console, they will just not be able to use your virtual TTY until
>you unlock it. vlock ships with Red Hat Linux, but your mileage may vary.
>
>Of course locking your console will prevent someone from tampering with
>your work, but does not prevent them from rebooting your machine or
>otherwise disrupting your work. It also does not prevent them from
>accessing your machine from another machine on the network and causing
>problems.
>
>More importantly, it does not prevent someone from switching out of the X
>Window System entirely, and going to a normal virtual console login
>prompt, or to the VC that X11 was started from, and suspending it, thus
>obtaining your privileges. For this reason, you might consider only using
>it while under control of xdm. At the very least, start X in the
>background, and log out of the console
>
>Excerpt from the LinuxSecurity Administrator's Guide:
>http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide.html
>
>Written by: Dave Wreski (dave@xxxxxxxxxxxxxxxxxxx)
>
>-----
>
>Mass deploying Osiris
>
>Osiris is a centralized file-integrity program that uses a client/server
>architecture to check for changes on a system. A central server maintains
>the file-integrity database and configuration for a client and at a
>specified time, sends the configuration file over to the client, runs a
>scan and sends the results back to the server to compare any changes.
>Those changes are then sent via email, if configured, to a system admin or
>group of people. The communication is all done over an encrypted
>communication channel.
>
>http://www.linuxsecurity.com/feature_stories/feature_story-175.html
>
>--> Take advantage of the LinuxSecurity.com Quick Reference Card!
>--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
>
>+---------------------------------+
>| Distribution: Conectiva | ----------------------------//
>+---------------------------------+
>
> 10/18/2004 - gtk+ image loading vulnerabilities fix
>
>
> A vulnerability found in the gdk-pixbuf bmp loader could allow a
> specially crafted BMP image to hang applications in an infinite
> loop (CAN-2004-0753[2]).
> http://www.linuxsecurity.com/advisories/conectiva_advisory-4965.html
>
>
>+---------------------------------+
>| Distribution: Debian | ----------------------------//
>+---------------------------------+
>
> 10/15/2004 - libtiff
> remote code execution fix
>
> Several problems have been discovered in libtiff, the Tag Image
> File Format library for processing TIFF graphics files. An
> attacker could prepare a specially crafted TIFF graphic that would
> cause the client to execute arbitrary code or crash.
> http://www.linuxsecurity.com/advisories/debian_advisory-4960.html
>
> 10/16/2004 - cyrus-sasl-mit arbitrary code execution fix
> remote code execution fix
>
> A vulnerability has been discovered in the Cyrus implementation of
> the SASL library, the Simple Authentication and Security Layer, a
> method for adding authentication support to connection-based
> protocols.
> http://www.linuxsecurity.com/advisories/debian_advisory-4961.html
>
> 10/18/2004 - netkit-telnet-ssl denial of service fix
> remote code execution fix
>
> Michal Zalewski discovered a bug in the netkit-telnet server
> (telnetd) whereby a remote attacker could cause the telnetd
> process to free an invalid pointer.
> http://www.linuxsecurity.com/advisories/debian_advisory-4963.html
>
> 10/18/2004 - netkit-telnet denial of service real fix
> remote code execution fix
>
> Michal Zalewski discovered a bug in the netkit-telnet server
> (telnetd) whereby a remote attacker could cause the telnetd
> process to free an invalid pointer.
> http://www.linuxsecurity.com/advisories/debian_advisory-4964.html
>
> 10/20/2004 - libpng
> several vulnerabilities fix
>
> Several integer overflows have been discovered by its upstream
> developers in libpng, a commonly used library to display PNG
> graphics. They could be exploited to cause arbitrary code to be
> executed when a specially crafted PNG image is processed.
> http://www.linuxsecurity.com/advisories/debian_advisory-4974.html
>
> 10/20/2004 - libpng3
> several vulnerabilities fix
>
> Several integer overflows have been discovered by its upstream
> developers in libpng, a commonly used library to display PNG
> graphics. They could be exploited to cause arbitrary code to be
> executed when a specially crafted PNG image is processed.
> http://www.linuxsecurity.com/advisories/debian_advisory-4975.html
>
> 10/21/2004 - ecartis
> unauthorised access to admin interface fix
>
> A problem has been discovered in ecartis, a mailing-list manager,
> which allows an attacker in the same domain as the list admin to
> gain administrator privileges and alter list settings.
> http://www.linuxsecurity.com/advisories/debian_advisory-4986.html
>
> 10/21/2004 - cupsys
> arbitrary code execution fix
>
> Chris Evans discovered several integer overflows in xpdf, that are
> also present in CUPS, the Common UNIX Printing System, which can
> be exploited remotely by a specially crafted PDF document.
> http://www.linuxsecurity.com/advisories/debian_advisory-4988.html
>
>
>+---------------------------------+
>| Distribution: Fedora | ----------------------------//
>+---------------------------------+
>
> 10/15/2004 - gimp-2.0.5-0.fc2.3 update
> arbitrary code execution fix
>
> A brown paper bag release -- I missed that 1bpp and 24bpp are also
> valid for BMP.
> http://www.linuxsecurity.com/advisories/fedora_advisory-4958.html
>
> 10/18/2004 - glib2-2.4.7-1.1 update
> arbitrary code execution fix
>
> Glib 2.4.7 contains many bug fixes, notably a fix for bug 126666.
> http://www.linuxsecurity.com/advisories/fedora_advisory-4966.html
>
> 10/18/2004 - gtk2-2.4.13-2.1 update
> arbitrary code execution fix
>
> GTK+ 2.4.13 contains many bug fixes, with an emphasis on making
> the new file chooser work better.
> http://www.linuxsecurity.com/advisories/fedora_advisory-4967.html
>
> 10/21/2004 - tzdata-2004e-1.fc2 update
> arbitrary code execution fix
>
> Previous tzdata-2004e-1.fc2 announcement from 2004-10-12 had wrong
> md5sums (before signing).
> http://www.linuxsecurity.com/advisories/fedora_advisory-4991.html
>
> 10/21/2004 - xpdf-3.00-3.4 update
> arbitrary code execution fix
>
> Chris Evans and others discovered a number of integer overflow
> bugs that affected all versions of xpdf. An attacker could
> construct a carefully crafted PDF file that could cause xpdf to
> crash or possibly execute arbitrary code when opened.
> http://www.linuxsecurity.com/advisories/fedora_advisory-4992.html
>
> 10/21/2004 - openoffice.org-1.1.2-10.fc2 update
> arbitrary code execution fix
>
> This update is equivalent to the Fedora Core 3 version of
> OpenOffice.org. The changes since the previous version of
> OpenOffice.org in Fedora Core 2 are too numerous to list here, but
> there are quite a few notable improvements.
> http://www.linuxsecurity.com/advisories/fedora_advisory-4996.html
>
>
>+---------------------------------+
>| Distribution: Gentoo | ----------------------------//
>+---------------------------------+
>
> 10/15/2004 - BNC
> Input validation flaw
>
> BNC contains an input validation flaw which might allow a remote
> attacker to issue arbitrary IRC related commands.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4957.html
>
> 10/18/2004 - phpMyAdmin
> Vulnerability in MIME-based transformation system
>
> A vulnerability has been found in the MIME-based transformation
> system of phpMyAdmin, which may allow remote execution of
> arbitrary commands if PHP's "safe mode" is disabled.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4962.html
>
> 10/18/2004 - Squid
> Remote DoS vulnerability
>
> Squid contains a vulnerability in the SNMP module which may lead
> to a denial of service.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4968.html
>
> 10/18/2004 - PostgreSQL
> Insecure temporary file use in make_oidjoins_check
>
> The make_oidjoins_check script, part of the PostgreSQL package, is
> vulnerable to symlink attacks, potentially allowing a local user
> to overwrite arbitrary files with the rights of the user running
> the utility.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4969.html
>
> 10/20/2004 - OpenOffice.org Temporary files disclosure
> Insecure temporary file use in make_oidjoins_check
>
> OpenOffice.org uses insecure temporary files which could allow a
> malicious local user to gain knowledge of sensitive information
> from other users' documents.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4982.html
>
> 10/20/2004 - Ghostscript
> Insecure temporary file use in multiple scripts
>
> Multiple scripts in the Ghostscript package are vulnerable to
> symlink attacks, potentially allowing a local user to overwrite
> arbitrary files with the rights of the user running the script.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4983.html
>
> 10/21/2004 - glibc
> Insecure tempfile handling in catchsegv script
>
> The catchsegv script in the glibc package is vulnerable to symlink
> attacks, potentially allowing a local user to overwrite arbitrary
> files with the rights of the user running the script.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4989.html
>
> 10/21/2004 - CUPS
> Multiple integer overflows
>
> Multiple integer overflows were discovered in Xpdf, potentially
> resulting in execution of arbitrary code upon viewing a malicious
> PDF file. CUPS includes Xpdf code and therefore is vulnerable to
> the same issues.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4990.html
>
> 10/21/2004 - mod_ssl
> Bypass of SSLCipherSuite directive
>
> In certain configurations, it can be possible to bypass
> restrictions set by the "SSLCipherSuite" directive of mod_ssl.
> http://www.linuxsecurity.com/advisories/gentoo_advisory-4995.html
>
>
>+---------------------------------+
>| Distribution: Mandrake | ----------------------------//
>+---------------------------------+
>
> 10/20/2004 - mozilla
> update fix
>
> A number of vulnerabilities were fixed in mozilla 1.7.3.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4971.html
>
> 10/20/2004 - libtiff
> update fix
>
> Several vulnerabilities have been discovered in the libtiff
> package.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4972.html
>
> 10/20/2004 - cvs
> update fix
>
> iDEFENSE discovered a flaw in CVS versions prior to 1.1.17 in an
> undocumented switch implemented in CVS' history command. The -X
> switch specifies the name of the history file which allows an
> attacker to determine whether arbitrary system files and
> directories exist and whether or not the CVS process has access to
> them.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4973.html
>
> 10/20/2004 - libtiff
> multiple vulnerabilities fix
>
> Several vulnerabilities have been discovered in the libtiff
> package.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4976.html
>
> 10/21/2004 - cvs
> vulnerability fix
>
> iDEFENSE discovered a flaw in CVS versions prior to 1.1.17 in an
> undocumented switch implemented in CVS' history command. The -X
> switch specifies the name of the history file which allows an
> attacker to determine whether arbitrary system files and
> directories exist and whether or not the CVS process has access to
> them.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4984.html
>
> 10/21/2004 - mozilla
> vulnerabilities fix
>
> A number of vulnerabilities were fixed in mozilla 1.7.3.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4985.html
>
> 10/21/2004 - gaim
> vulnerabilities fix
>
> More vulnerabilities in gaim include nstalling smiley themes could
> allow remote attackers to execute arbitrary commands via shell
> metacharacters in the filename of the tar file that is dragged to
> the smiley selector. There is also a buffer overflow in the way
> gaim handles receiving very long URLs.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4993.html
>
> 10/21/2004 - wxGTK2
> vulnerabilities fix
>
> Several vulnerabilities have been discovered in the libtiff
> package; wxGTK2 uses a libtiff code tree, so it may have the same
> vulnerabilities.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4994.html
>
> 10/21/2004 - squid
> SNMP processing vulnerability fix
>
> iDEFENSE discovered a Denial of Service vulnerability in squid
> version 2.5.STABLE6 and previous. The problem is due to an ASN1
> parsing error where certain header length combinations can slip
> through the validations performed by the ASN1 parser, leading to
> the server assuming there is heap corruption or some other
> exceptional condition, and closing all current connections then
> restarting.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4997.html
>
> 10/21/2004 - wxGTK2
> vulnerabilities fix
>
> Several vulnerabilities have been discovered in the libtiff
> package; wxGTK2 uses a libtiff code tree, so it may have the same
> vulnerabilities.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4998.html
>
> 10/21/2004 - gaim
> vulnerabilities fix
>
> More vulnerabilities have been discovered in the gaim instant
> messenger client.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-4999.html
>
> 10/22/2004 - xpdf
> vulnerabilities fix
>
> Chris Evans discovered numerous vulnerabilities in the xpdf
> package which can result in DOS or possibly arbitrary code
> execution.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-5000.html
>
> 10/22/2004 - gpdf
> DoS vulnerability fix
>
> Chris Evans discovered numerous vulnerabilities in the xpdf
> package, which also effect software using embedded xpdf code, such
> as gpdf.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-5001.html
>
> 10/22/2004 - cups
> DoS vulnerabilities fix
>
> Chris Evans discovered numerous vulnerabilities in the xpdf
> package, which also effect software using embedded xpdf code.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-5002.html
>
> 10/22/2004 - kdegraphics
> DoS vulnerability fix
>
> Chris Evans discovered numerous vulnerabilities in the xpdf
> package, which also effect software using embedded xpdf code, such
> as kpdf.
> http://www.linuxsecurity.com/advisories/mandrake_advisory-5003.html
>
>
>+---------------------------------+
>| Distribution: Red Hat | ----------------------------//
>+---------------------------------+
>
> 10/20/2004 - ImageMagick
> security vulnerabilities fix
>
> Updated ImageMagick packages that fix various security
> vulnerabilities are now available.
> http://www.linuxsecurity.com/advisories/redhat_advisory-4977.html
>
> 10/20/2004 - mysql
> minor security issues and bugs fix
>
> Updated mysql packages that fix various temporary file security
> issues, as well as a number of bugs, are now available.
> http://www.linuxsecurity.com/advisories/redhat_advisory-4978.html
>
> 10/20/2004 - squid
> vulnerability fix
>
> An updated squid package that fixes a remote denial of service
> vulnerability is now avaliable.
> http://www.linuxsecurity.com/advisories/redhat_advisory-4979.html
>
> 10/20/2004 - mysql
> security issues and bugs fixes
>
> Updated mysql packages that fix various security issues, as well
> as a number of bugs, are now available for Red Hat Enterprise
> Linux 2.1.
> http://www.linuxsecurity.com/advisories/redhat_advisory-4980.html
>
> 10/20/2004 - gaim
> security issues and bugs fixes
>
> An updated gaim package that fixes security issues, fixes various
> bugs, and includes various enhancements for Red Hat Enterprise
> Linux 3 is now avaliable.
> http://www.linuxsecurity.com/advisories/redhat_advisory-4981.html
>
>
>+---------------------------------+
>| Distribution: Suse | ----------------------------//
>+---------------------------------+
>
> 10/21/2004 - kernel
> remote denial of service
>
> An integer underflow problem in the iptables firewall logging
> rules can allow a remote attacker to crash the machine by using a
> handcrafted IP packet. This attack is only possible with
> firewalling enabled.
> http://www.linuxsecurity.com/advisories/suse_advisory-4987.html
>
>
>+---------------------------------+
>| Distribution: Trustix | ----------------------------//
>+---------------------------------+
>
> 10/15/2004 - libtiff, mysql, squid, cyrus-sasl Multiple security
> vulnerabilities
> remote denial of service
>
> Multiple security vulnerabilities in mysql, squid, cyrus-sasl and
> libtiff.
> http://www.linuxsecurity.com/advisories/trustix_advisory-4959.html
>------------------------------------------------------------------------
>Distributed by: Guardian Digital, Inc. LinuxSecurity.com
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
EDUCATIONAL CYBERPLAYGROUND
http://www.edu-cyberpg.com
Net Happenings, K12 Newsletters, Network Newsletters
http://www.edu-cyberpg.com/Community/index.html
FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/default.asp
HOT LIST OF SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/default.asp
Educational CyberPlayGround Services
http://www.edu-cyberpg.com/PS/Home_Products.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
|
|
