Author: Benjamin D. Thomas
released for heimdal, cvs, neon, cadaver, libpng, iproute, lha, mailman, kdelibs,
tcpdump, utempter, subversion, exim, Pound, ProFTPD, Icecast, libuser, passwd,
apache, kdelibs, cadaver, mc, rsync, the and kernel. The distributors include
Debian, Fedora, FreeBSD, Gentoo, Mandrake, Red Hat, Slackware, SuSE, and Trustix.
Security Failure
Over the years computer
systems and networks of all types have been the object of attack and compromise.
Generally, systems that are compromised have similar characteristics. I will
focus on some of the more common shortcomings. First, failure to have adequate
security policies and procedures. What information assets should be protected?
Who and what are they being protected from, and how should they be protected?
All these questions should be addressed formally. A security policy provides
direction and justification. Next, poor system logging and auditing. On many
occasions, system administrators fail to review log files. If the job is too
big to do it manually, there are many automated tools that will do a fine job.
Knowing the network and its traffic patterns intimately can have many advantages.
Failure to patch vulnerable services or applications in a timely
fashion is a major contributor. Begin testing patches as soon as they are publicly
available. After it has been determined stable, roll the changes out to production.
Also, don’t forget to verify those MD5s! Next, poor password generation and
management can be troublesome. It is important to be sure that users are choosing
and using strong passwords. Often, this is the only form of control used. Remember,
weak passwords or bad key management practices can circumvent even the strongest
cryptography schemes.
Unused software/tools/commands should be removed, and network
services should be disabled. If it is not there, it can’t be exploited. You’ll
find that this is one technique that many hardened distributions (such as EnGarde
Linux) use. A Web server does not need X11, games, etc. The system should be
built for one purpose, exposing it to the least amount of risk. It is also important
to ensure that all configurations are correct. On many distributions, the default
settings are generally calibrated for usability, rather than high security.
It is up to you to do the necessary research to find out what changes must be
made. This also brings up the point of removing or disabling any pre-installed
accounts or default passwords.
Finally, it is imperative that the system is protected from
remote network attacks. A properly configured, restrictive, firewall can go
a long way in improving a systems security posture. In several situations, I’ve
seen companies with firewalls that virtually allow all traffic through. Over
time, service by service, new rules are added after each complaint. Rather than
provide strong security, it only gives false assurance. By taking simple precautions,
security can greatly be improved. Give your valuable information the protection
it deserves.
Until next time, cheers!
Benjamin D. Thomas
LinuxSecurity
Feature Extras:
Guardian
Digital Security Solutions Win Out At Real World Linux
– Enterprise Email and Small Business Solutions Impres at Linux Exposition.
Internet and network security was a consistent theme and Guardian Digital
was on hand with innovative solutions to the most common security issues.
Attending to the growing concern for cost-effective security, Guardian Digital’s
enterprise and small business applications were stand-out successes.Interview
with Siem Korteweg: System Configuration Collector
– In this interview we learn how the System Configuration Collector (SCC)
project began, how the software works, why Siem chose to make it open source,
and information on future developments.Security:
MySQL and PHP
– This is the second installation of a 3 part article on LAMP (Linux Apache
MySQL PHP). In order to safeguard a MySQL server to the basic level, one has
to abide by the following guidelines.[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.
[ Subscribe
]
| Distribution: | Debian | ||
| 5/18/2004 | heimdal | ||
| Buffer overflow vulnerability This problem could perhaps be exploited to cause the daemon to read a negative |
|||
| 5/19/2004 | cvs | ||
| Heap overflow vulnerability Stefan Esser discovered a heap overflow in the CVS server, which serves |
|||
| 5/19/2004 | neon | ||
| Heap overflow vulnerability User input is copied into variables not large enough for all cases. This |
|||
| 5/19/2004 | cadaver | ||
| Heap overflow vulnerability User input is copied into variables not large enough for all cases. This |
|||
| Distribution: | Fedora | ||
| 5/14/2004 | libpng | ||
| 1.2.2 Information leak vulnerability Fixes a possible out-of-bounds read in the error message handler. |
|||
| 5/14/2004 | libpng | ||
| 1.0.13 Information leak Fixes a possible out-of-bounds read in the error message handler. |
|||
| 5/14/2004 | iproute | ||
| Denial of service vulnerability iproute 2.4.7 and earlier allows local users to cause a denial of service |
|||
| 5/14/2004 | lha | ||
| Multiple vulnerabilities Ulf Hþrnhammar discovered two stack buffer overflows and two directory traversal |
|||
| 5/18/2004 | mailman | ||
| Cross-site scripting vulnerability A cross-site scripting (XSS) vulnerability exists in the admin CGI script |
|||
| 5/18/2004 | neon | ||
| Format string vulnerabilities Exploiting these bugs may allow remote malicious WebDAV servers to execute |
|||
| 5/18/2004 | cvs | ||
| Chroot escape vulnerability The client for CVS before 1.11.15 allows a remote malicious CVS server to |
|||
| 5/18/2004 | kdelibs | ||
| Multiple vulnerabilities An attacker could create a carefully crafted link such that when opened |
|||
| Distribution: | Fedora: 1 |
||
| 5/19/2004 | tcpdump | ||
| Denial of service vulnerability Upon receiving specially crafted ISAKMP packets, TCPDUMP would try to read |
|||
| Distribution: | Fedora: Legacy |
||
| 5/19/2004 | utempter | ||
| Insecure temporary file vulnerability An updated utempter package that fixes a potential symlink vulnerability |
|||
| Distribution: | Fedora: 2 |
||
| 5/19/2004 | kdelibs | ||
| Insufficient input sanitation An attacker could create a carefully crafted link such that when opened |
|||
| Distribution: | Fedora: 2,1 |
||
| 5/19/2004 | cvs | ||
| Heap overflow vulnerability Stefan Esser discovered a flaw in cvs where malformed “Entry” lines could |
|||
| 5/19/2004 | neon | ||
| Heap overflow vulnerability An attacker could create a malicious WebDAV server in such a way as to allow |
|||
| 5/19/2004 | subversion | ||
| Buffer overflow vulnerability An attacker could send malicious requests to a Subversion server and perform |
|||
| Distribution: | Fedora: 2 |
||
| 5/19/2004 | ipsec-tools Denial of service vulnerability |
||
| Buffer overflow vulnerability A crafted ISAKMP header can cause racoon to crash. |
|||
| Distribution: | FreeBSD | ||
| 5/19/2004 | cvs | ||
| Heap overflow vulnerability Malformed data can cause a heap buffer to overflow, allowing the client |
|||
| Distribution: | Gentoo | ||
| 5/14/2004 | exim | ||
| Buffer overflow vulnerabiity When the verify=header_syntax option is set, there is a buffer overflow |
|||
| 5/14/2004 | libpng | ||
| Denial of service vulnerability A bug in the libpng library can be abused using a crafted .png to crash |
|||
| 5/19/2004 | Pound | ||
| Format string vulnerability There is a format string flaw in Pound, allowing remote execution of arbitrary |
|||
| 5/19/2004 | ProFTPD | ||
| ACL bypass vulnerability Version 1.2.9 of ProFTPD introduced a vulnerability that causes CIDR-based |
|||
| 5/19/2004 | Icecast | ||
| Denial of service vulnerability Icecast is vulnerable to a denial of service attack allowing remote users |
|||
| 5/19/2004 | KDE | ||
| Insufficient input sanitation Vulnerabilities in KDE URI handlers makes your system vulnerable to various |
|||
| Distribution: | Mandrake | ||
| 5/18/2004 | libuser | ||
| Denial of service vulnerability Steve Grubb discovered a number of problems in the libuser library that |
|||
| 5/18/2004 | passwd | ||
| Multiple vulnerabilities Passwords given to passwd via stdin are one character shorter than they |
|||
| 5/18/2004 | apache | ||
| Multiple vulnerabilities Patch fixes four seperate apache vulnerabilities. |
|||
| 5/19/2004 | kdelibs | ||
| Insufficient input sanitation This vulnerability can allow remote attackers to create or truncate arbitrary |
|||
| 5/19/2004 | cvs | ||
| Buffer overflow vulnerability Stefan Esser discovered that malformed “Entry” lines can be used to overflow |
|||
| 5/19/2004 | libneon | ||
| Heap overflow vulnerability It was discovered that in portions of neon can be used to overflow a static |
|||
| Distribution: | Red Hat |
||
| 5/18/2004 | kdelibs | ||
| Multiple vulnerabilities Updated kdelibs packages that fix telnet URI handler and mailto URI handler |
|||
| 5/19/2004 | cvs | ||
| Buffer overflow vulnerability An updated cvs package that fixes a server vulnerability that could be exploited |
|||
| 5/19/2004 | cadaver | ||
| Heap overflow vulnerability An updated cadaver package is now available that fixes a vulnerability in |
|||
| 5/19/2004 | mc | ||
| Multiple vulnerabilities Updated mc packages that resolve several buffer overflow vulnerabilities, |
|||
| 5/19/2004 | rsync | ||
| Chroot escape vulnerability An updated rsync package that fixes a directory traversal security flaw |
|||
| 5/19/2004 | libpng | ||
| Denial of service vulnerability An attacker could carefully craft a PNG file in such a way that it would |
|||
| Distribution: | Slackware | ||
| 5/17/2004 | mc | ||
| Multiple vulnerabilities These could lead to a denial of service or the execution of arbitrary code |
|||
| 5/18/2004 | kdelibs | ||
| Multiple vulnerabilities The telnet, rlogin, ssh and mailto URI handlers in KDE do not do sufficient |
|||
| Distribution: | Suse | ||
| 5/14/2004 | mc | ||
| Multiple vulnerabilities This patch fixes buffer overflows, temporary file problems and format string |
|||
| 5/19/2004 | cvs | ||
| Buffer overflow vulnerability Stefan Esser reported buffer overflow conditions within the cvs program. |
|||
| Distribution: | Trustix | ||
| 5/14/2004 | apache | ||
| Multiple vulnerabilities This patch addresses a wide variety of known apache vulnerabilities. |
|||
| 5/14/2004 | kernel | ||
| Privilege escalation vulnerability Patch corrects a local root exploit. |
|||
Category:
- Linux
