Author: Benjamin D. Thomas
This week, advisories were
released for apache, the Linux kernel, mysql, xonix, ssmtp, openoffice, squid,
cvs, Heimdal, iproute, pwlib, scorched, tcpdump, cadaver, and mailman. The distributors
include Conectiva, Debian, Fedora, FreeBSD, Gentoo, Mandrake, Red Hat, and SuSE.
Professional Associations
Those of you who have been in the IT industry for years are probably already familiar with most professional organizations. Some of the more popular include ISSA (Information Systems Security Association), USENIX/SAGE, ACM, IAPSC, and countless others. Most organizations require it’s members to pay dues, but that is not without value. Because there are so many different organizations, it is a better idea to pick one or two and get heavily involved. Many organizations are worldwide, but have local chapters. This provides many opportunities for benefit.
Did you ever wish you knew the right people? Local chapter meetings are great for professional networking. Some organizations have quarterly meetings, others hold them monthly. Chapter events are a great opportunity to meet people that have similar interests and needs. If you are in search for a specific security solution, often you will find someone at a meeting who can offer it. Conversely, if you’re a business owner and wish to extend your services, meetings can be helpful.
Organizations such as the ISSA offer educational benefits. Usually meetings include a lecture that is centered around an information security topic. Other meetings can include practical demonstrations and round-table discussions. Also, ad hoc study groups are often formed to prepare for certification exams.
Do you need additional credentials on your resume/cv? Do you wish you could prove to management that you are ready for a leadership position? Professional organizations also offer its members the chance to lead. Positions such as chapter president, vice president, secretary, etc. open for election each year. Although time consuming, it can be a worthwhile commitment.
Finally, most professional organizations have monthly/quarterly journals that are written by members. Rather than being subject to corporate pressures, you’ll find the articles in these journals are of high quality and relatively unbiased. Usually you can also find archives of past papers/publications on each organization’s Web site.
For more information about some of the professional organizations that I’ve mentioned, please see the following Web sites:
Information Systems Security Association
http://www.issa.orgAssociation for Computing Machinery
http://www.acm.orgUSENIX/SAGE
http://www.usenix.orgInternational Association of Professional Security Consultants
http://www.iapsc.org/
Until next time, cheers!
Benjamin D. Thomas
LinuxSecurity Feature Extras:
Next Generation Internet Defense & Detection System – Guardian Digital has announced the first fully open source system designed to provide both intrusion detection and prevention functions. Guardian Digital Internet Defense & Detection System (IDDS) leverages best-in-class open source applications to protect networks and hosts using a unique multi-layered approach coupled with the security expertise and ongoing security vigilance provided by Guardian Digital.
Interview with Siem Korteweg: System Configuration Collector – In this interview we learn how the System Configuration Collector (SCC) project began, how the software works, why Siem chose to make it open source, and information on future developments.
Security: MySQL and PHP – This is the second installation of a 3 part article on LAMP (Linux Apache MySQL PHP). In order to safeguard a MySQL server to the basic level, one has to abide by the following guidelines.
[ Linux Advisory Watch ] – [ Linux Security Week ] – [ PacketStorm Archive ] – [ Linux Security Documentation ]
Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability.
[ Subscribe ]
Distribution: | Conectiva | ||
4/12/2004 | ‘mod_python’ DoS | ||
This update fixes a remote denial of service vulnerabiliy in Apache web-servers which have mod_python enabled. |
|||
4/13/2004 | ‘squid’ ACL bypass vulnerability | ||
This update fixes a vulnerability that allows a malicious user to bypass url_regex ACLs by using a specially crafted URL. |
|||
4/14/2004 | apache | ||
Multiple vulnerabilities
Patch corrects non-filtered escape sequences and a DoS attack. |
|||
Distribution: | Debian | ||
4/14/2004 | kernel | ||
Multiple vulnerabilities
This is three advisories in one, each for the same group of kernel 2.4.x vulnerabilities. The first is for the PA-RISC architecture, the second for the IA-64 architecture, and the third for the PowerPC/apus and S/390 architectures. |
|||
4/14/2004 | mysql | ||
Insecure temporary file vulnerabilities
Two scripts contained in the package don’t create temporary files in a secure fashion, which could lead to a root exploit. |
|||
4/15/2004 | kernel | ||
2.4.18 Multiple vulnerabilities
Here is a patch release specifically for kernel 2.4.18 on the i386 architecture, fixing multiple kernel security issues, and fixing a build error from a previous patch to same. |
|||
4/15/2004 | xonix | ||
Privilege retention vulnerability A local attacker could exploit this vulnerability to gain gid “games”. |
|||
4/15/2004 | ssmtp | ||
Format string vulnerability
These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root). |
|||
Distribution: | Fedora | ||
4/14/2004 | kernel | ||
Multiple vulnerabilities This patch fixes a variety of buffer overflow and information leak vulnerabilities. |
|||
4/15/2004 | kernel | ||
Corrected md4sums Something went wrong with the md5sums in yesterdays announcement. |
|||
4/15/2004 | openoffice | ||
Multiple format string vulnerabilities This patch fixes vulnerabilities that may allow execution of arbitrary code, as well as other bugfixes. |
|||
4/15/2004 | squid | ||
2.5 ACL escape vulnerability
This is a backport of an older patch which prevented crafted URLs from being able to ignore Squid’s ACLs. |
|||
Distribution: | FreeBSD | ||
4/15/2004 | cvs | ||
Chroot escape vulnerability
This patch fixes two cvs errors, one with the client and one with the server. Both allow chroot escapes. |
|||
Distribution: | Gentoo | ||
4/9/2004 | Heimdal | ||
Cross-realm scripting vulnerability
Heimdal contains cross-realm vulnerability allowing someone with control over a realm to impersonate anyone in the cross-realm trust path. |
|||
4/9/2004 | iproute | ||
Denial of service vulnerability
The iproute package allows local users to cause a denial of service. |
|||
4/9/2004 | pwlib | ||
Multiple vulnerabilities Multiple vulnerabilites have been found in pwlib that may lead to a remote denial of service or buffer overflow attack. |
|||
4/9/2004 | Scorched | ||
3D Format string attack vulnerability Scorched 3D is vulnerable to a format string attack in the chat box that leads to Denial of Service on the game server and possibly allows execution of arbitrary code. |
|||
4/15/2004 | cvs | ||
Multiple vulnerabilities
There are two vulnerabilities in CVS; one in the server and one in the client. These vulnerabilities allow the reading and writing of arbitrary files on |
|||
Distribution: | Mandrake | ||
4/9/2004 | ipsec-tools Signature non-verification vulnerability |
||
Multiple vulnerabilities Racoon does not verify the RSA signature during phase one of a |
|||
4/14/2004 | cvs | ||
Chroot escape vulnerability A maliciously configured server could then create any file with |
|||
4/14/2004 | kernel | ||
Multiple vulnerabilities This patch fixes a large variety of kernel bugs, including an |
|||
4/15/2004 | tcpdump | ||
Multiple vulnerabilities Corrects out of bounds read and DoS attack. |
|||
Distribution: | Red Hat |
||
4/14/2004 | cvs | ||
Chroot escape vulnerability Updated cvs packages that fix a client vulnerability that could be |
|||
4/14/2004 | cadaver | ||
Multiple format string vulnerabilities An updated cadaver package that fixes a vulnerability in neon |
|||
4/14/2004 | mailman | ||
Denial of service vulnerability An updated mailman package that closes a DoS vulnerability in |
|||
4/14/2004 | OpenOffice | ||
Multiple format string vulnerabilities An attacker could create a malicious WebDAV server in such a way |
|||
4/15/2004 | subversion | ||
Multiple format string vulnerabilities An attacker could create a malicious WebDAV server in such a way |
|||
Distribution: | Suse | ||
4/14/2004 | kernel | ||
Multiple vulnerabilities Two vulnerabilities, one involving symlink names and one involving |
|||
4/14/2004 | cvs | ||
Chroot escape vulnerability Patches an ability for a rogue CVS server to remotely create |
|||