Linux Advisory Watch – April 1, 2005

40

Author: Benjamin D. Thomas

This week, advisories were released for ethereal, kernel, netkit-telnet, mc, mailreader, samba, mozilla, lsof, thunderbird, epiphany, devhelp, spamassassin, slypheed, krb5, xorg, telnet, foomatic, squid, ImageMagick, gdk, mpg321, ipsec-tools, htdig, grip, mysql, XFree86, and MySQL. The distributors include Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, and SuSE.Information Security Techniques

When addressing matters of information confidentiality, integrity, and availability, there
are four perspectives that can be taken when introducing security controls. A control
can be a protection, detection, response, or assurance mechanism. It is not uncommon
for a single control to provide information security on multiple levels.

Protection
A protection mechanism is used to prevent security incidents from occurring. Examples
of protection mechanisms include: firewall rules, access control lists, encrypting packets
that transverse over a network, passwords, biometrics, etc.

Detection
It is an information security mechanism that detects when an incident is occurring, and
allows a business to adjust its course of action. Detection mechanisms include:
intrusion detection systems, virus/spam scanners, vulnerability scanning, quotas, logging
alerts, etc. Detection mechanisms often lead into response mechanisms, and are often
the same as or similar to assurance mechanisms.

Response
A response mechanism addresses the consequences of a security incident and helps
the organization return to a normal state. Response mechanisms can either be in the
form of technical security controls (e.g. intrusion prevention system), policy (e.g.
requiring a computer emergency response team), or procedures developed for all
persons to follow during an incident.

Assurance
Assurance mechanisms give management or third parties the ability to verify the
effectiveness of the security controls in place. It may include logging, auditing, and
reporting capabilities. Assurance is important to help justify further expenditure on
information security projects.

Until next time, cheers!
Benjamin D. Thomas

 

LinuxSecurity.com
Feature Extras:

Getting
to Know Linux Security: File Permissions
– Welcome to the first
tutorial in the ‘Getting to Know Linux Security’ series. The topic explored
is Linux file permissions. It offers an easy to follow explanation of how
to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple. If the feedback is
good, I’ll consider creating more complex guides for advanced users. Please
let us know what you think and how these can be improved.

The
Tao of Network Security Monitoring: Beyond Intrusion Detection

– To be honest, this was one of the best books that I’ve read on network security.
Others books often dive so deeply into technical discussions, they fail to
provide any relevance to network engineers/administrators working in a corporate
environment. Budgets, deadlines, and flexibility are issues that we must all
address. The Tao of Network Security Monitoring is presented in such a way
that all of these are still relevant.

Encrypting
Shell Scripts
– Do you have scripts that contain sensitive information
like passwords and you pretty much depend on file permissions to keep it secure?
If so, then that type of security is good provided you keep your system secure
and some user doesn’t have a “ps -ef” loop running in an attempt to capture
that sensitive info (though some applications mask passwords in “ps” output).

 

Take advantage of our Linux Security discussion
list!
This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with “subscribe” as the subject.

Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week’s most relevant Linux security headline
.


   Contectiva
  Conectiva: ethereal Fixes for security
vulnerabilities in ethereal
  28th, March, 2005

Ethereal[1] is a powerful network traffic analyzer with a graphical
user interface (GUI).

http://www.linuxsecurity.com/content/view/118712

 
  Conectiva: kernel Kernel fixes
  31st, March, 2005

The Linux kernel is responsible for handling the basic functions
of the GNU/Linux operating system.

http://www.linuxsecurity.com/content/view/118764

 
   Debian
  Debian: New netkit-telnet packages fix
arbitrary code execution
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118726

 
  Debian: New mc packages fix buffer overflow
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118728

 
  Debian: New netkit-telnet-ssl packages
fix arbitrary code execution
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118729

 
  Debian: New mailreader packages fix cross-site
scripting vulnerability
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118746

 
  Debian: New samba packages fix arbitrary
code execution
  31st, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118763

 
   Fedora
  Fedora Core 2 Update: mozilla-1.7.6-1.2.2
  25th, March, 2005

A buffer overflow bug was found in the way Mozilla processes
GIF images. It is possible for an attacker to create a specially crafted
GIF image, which when viewed by a victim will execute arbitrary code as
the victim.

http://www.linuxsecurity.com/content/view/118704

 
  Fedora Core 3 Update: lsof-4.72-2.2
  24th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118697

 
  Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.90
  24th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118698

 
  Fedora Core 3 Update: thunderbird-1.0.2-1.3.2
  24th, March, 2005

There was an issue with a patch being incorrectly applied which
caused the Advanced Preferences panel to fail to load.

http://www.linuxsecurity.com/content/view/118699

 
  Fedora Core 2 Update: epiphany-1.2.10-0.2.1
  25th, March, 2005

There were several security flaws found in the mozilla package,
which epiphany depends on. Users of epiphany are advised to upgrade to
this updated package which has been rebuilt against a later version of
mozilla which is not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/118705

 
  Fedora Core 2 Update: devhelp-0.9.1-0.2.5
  25th, March, 2005

There were several security flaws found in the mozilla package,
which devhelp depends on. Users of devhelp are advised to upgrade to this
updated package which has been rebuilt against a later version of mozilla
which is not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/118706

 
  Fedora Core 2 Update: kernel-2.6.10-1.771_FC2
  28th, March, 2005

Updated Package.

http://www.linuxsecurity.com/content/view/118717

 
  Fedora Core 3 Update: squirrelmail-1.4.4-1.FC3
  28th, March, 2005

Multiple issues in squirrelmail (CAN-2005-0104) Upgrade to 1.4.4

http://www.linuxsecurity.com/content/view/118719

 
  Fedora Core 2 Update: squirrelmail-1.4.4-1.FC2
  28th, March, 2005

Multiple issues in squirrelmail (CAN-2005-0104) Upgrade to 1.4.4

http://www.linuxsecurity.com/content/view/118720

 
  Fedora Core 3 Update: spamassassin-3.0.2-0.fc3
  28th, March, 2005

http://wiki.apache.org/spamassassin/changes302 Upstream bug
fixes.

http://www.linuxsecurity.com/content/view/118721

 
  Fedora Core 2 Update: mozilla-1.7.6-1.2.5
  29th, March, 2005

This update supercedes the previous 1.7.6-1.2.2 which mistakenly
had dependencies on FC3.

http://www.linuxsecurity.com/content/view/118731

 
  Fedora Core 2 Update: sylpheed-1.0.4-0.fc2
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118732

 
  Fedora Core 3 Update: sylpheed-1.0.4-0.fc3
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118733

 
  Fedora Core 2 Update: krb5-1.3.6-4
  29th, March, 2005

Updated krb5 packages which fix two buffer overflow vulnerabilities
in the included Kerberos-aware telnet client are now available.

http://www.linuxsecurity.com/content/view/118735

 
  Fedora Core 3 Update: krb5-1.3.6-5
  29th, March, 2005

Updated krb5 packages which fix two buffer overflow vulnerabilities
in the included Kerberos-aware telnet client are now available.

http://www.linuxsecurity.com/content/view/118736

 
  Fedora Core 3 Update: xorg-x11-6.8.2-1.FC3.13
  29th, March, 2005

An integer overflow flaw was found in libXpm, which is used
by some applications for loading of XPM images.

http://www.linuxsecurity.com/content/view/118739

 
  Fedora Core 2 Update: xorg-x11-6.7.0-14
  29th, March, 2005

An integer overflow flaw was found in libXpm, which is used
by some applications for loading of XPM images. An attacker could create
a malicious XPM file that would execute arbitrary code if opened by a
victim using an application linked to the vulnerable library.

http://www.linuxsecurity.com/content/view/118740

 
  Fedora Core 3 Update: system-config-services-0.8.21-0.fc3.1
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118748

 
  Fedora Core 3 Update: telnet-0.17-32.FC3.2
  30th, March, 2005

Two buffer overflow flaws were discovered in the way the telnet
client handles messages from a server. An attacker may be able to execute
arbitrary code on a victim’s machine if the victim can be tricked into
connecting to a malicious telnet server. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468
and CAN-2005-0469 to these issues.

http://www.linuxsecurity.com/content/view/118749

 
  Fedora Core 3 Update: foomatic-3.0.2-13.3
  30th, March, 2005

This is an update to a newer version.

http://www.linuxsecurity.com/content/view/118750

 
  Fedora Core 2 Update: squid-2.5.STABLE9-1.FC2.2
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118751

 
  Fedora Core 3 Update: squid-2.5.STABLE9-1.FC3.4
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118752

 
  Fedora Core 2 Update: telnet-0.17-28.FC2.1
  30th, March, 2005

Two buffer overflow flaws were discovered in the way the telnet
client handles messages from a server. An attacker may be able to execute
arbitrary code on a victim’s machine if the victim can be tricked into
connecting to a malicious telnet server. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468
and CAN-2005-0469 to these issues.

http://www.linuxsecurity.com/content/view/118753

 
  Fedora Core 2 Update: ImageMagick-6.2.0.7-2.fc2
  30th, March, 2005

Andrei Nigmatulin discovered a heap based buffer overflow flaw
in the ImageMagick image handler. An attacker could create a carefully
crafted Photoshop Document (PSD) image in such a way that it would cause
ImageMagick to execute arbitrary code when processing the image.

http://www.linuxsecurity.com/content/view/118754

 
  Fedora Core 3 Update: ImageMagick-6.2.0.7-2.fc3
  30th, March, 2005

Andrei Nigmatulin discovered a heap based buffer overflow flaw
in the ImageMagick image handler. An attacker could create a carefully
crafted Photoshop Document (PSD) image in such a way that it would cause
ImageMagick to execute arbitrary code when processing the image.

http://www.linuxsecurity.com/content/view/118755

 
  Fedora Core 2 Update: gdk-pixbuf-0.22.0-12.fc2
  30th, March, 2005

David Costanzo found a bug in the way gdk-pixbuf processes BMP
images. It is possible that a specially crafted BMP image could cause
a denial of service attack in applications linked against gdk-pixbuf.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0891 to this issue.

http://www.linuxsecurity.com/content/view/118756

 
  Fedora Core 3 Update: gdk-pixbuf-0.22.0-16.fc3
  30th, March, 2005

David Costanzo found a bug in the way gdk-pixbuf processes BMP
images. It is possible that a specially crafted BMP image could cause
a denial of service attack in applications linked against gdk-pixbuf.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0891 to this issue.

http://www.linuxsecurity.com/content/view/118757

 
  Fedora Core 2 Update: gtk2-2.4.14-2.fc2
  30th, March, 2005

David Costanzo found a bug in the way GTK+ processes BMP images.
It is possible that a specially crafted BMP image could cause a denial
of service attack in applications linked against GTK+. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891
to this issue.

http://www.linuxsecurity.com/content/view/118758

 
  Fedora Core 3 Update: gtk2-2.4.14-3.fc3
  30th, March, 2005

David Costanzo found a bug in the way GTK+ processes BMP images.
It is possible that a specially crafted BMP image could cause a denial
of service attack in applications linked against GTK+. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891
to this issue.

http://www.linuxsecurity.com/content/view/118759

 
  Fedora Core 3 Update: initscripts-7.93.7-1
  30th, March, 2005

This update fixes various bugs, including several IPSEC bugs.

http://www.linuxsecurity.com/content/view/118761

 
  Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.93
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118762

 
   Gentoo
  Gentoo: mpg321 Format string vulnerability
  28th, March, 2005

A flaw in the processing of ID3 tags in mpg321 could potentially
lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/118711

 
   Mandrake
  Mandrake: Updated krb5 packages fix
  29th, March, 2005

Two buffer overflow issues were discovered in the way telnet
clients handle messages from a server. Because of these issues, an attacker
may be able to execute arbitray code on the victim’s machine if the victim
can be tricked into connecting to a malicious telnet server. The Kerberos
package contains a telnet client and is patched to deal with these issues.

http://www.linuxsecurity.com/content/view/118743

 
  Mandrake: Updated ipsec-tools packages
  31st, March, 2005

A bug was discovered in the way that the racoon daemon handled
incoming ISAKMP requests. It is possible that an attacker could crash
the racoon daemon by sending a specially crafted ISAKMP packet. The updated
packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/118767

 
  Mandrake: Updated libexif packages fix
  31st, March, 2005

A buffer overflow was discovered in the way libexif parses EXIF
tags. An attacker could exploit this by creating a special EXIF image
file which could cause image viewers linked against libexif to crash.
The updated packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/118768

 
  Mandrake: Updated htdig packages fix
  31st, March, 2005

A cross-site scripting vulnerability in ht://dig was discovered
by Michael Krax. The updated packages have been patched to correct this
issue.

http://www.linuxsecurity.com/content/view/118769

 
   Red
Hat
  RedHat: Moderate: grip security update
  28th, March, 2005

A new grip package is available that fixes a remote buffer overflow.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118714

 
  RedHat: Important: telnet security update
  28th, March, 2005

Updated telnet packages that fix two buffer overflow vulnerabilities
are now available. This update has been rated as having important security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118715

 
  RedHat: Important: mysql security update
  28th, March, 2005

Updated mysql packages that fix several vulnerabilities are
now available. This update has been rated as having important security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118716

 
  RedHat: Important: krb5 security update
  30th, March, 2005

Updated krb5 packages which fix two buffer overflow vulnerabilities
in the included Kerberos-aware telnet client are now available. This update
has been rated as having important security impact by the Red Hat Security
Response Team.

http://www.linuxsecurity.com/content/view/118744

 
  RedHat: Moderate: XFree86 security update
  30th, March, 2005

Updated XFree86 packages that fix a libXpm integer overflow
flaw are now available. This update has been rated as having moderate
security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118745

 
   SuSE
  SuSE: several kernel security problems
  24th, March, 2005

The Linux kernel is the core component of the Linux system.
Several vulnerabilities were reported in the last few weeks which is fixed
by this update.

http://www.linuxsecurity.com/content/view/118695

 
  SuSE: MySQL vulnerabilities
  24th, March, 2005

MySQL is an Open Source database server, commonly used together
with web services provided by PHP scripts or similar.

http://www.linuxsecurity.com/content/view/118696

 
  SuSE: ipsec-tools remote denial of service
  31st, March, 2005

Racoon is a ISAKMP key management daemon used in IPsec setups.

http://www.linuxsecurity.com/content/view/118765