Linux Advisory Watch – May 9th 2003

12
– By Benjamin D. Thomas

This week, advisories were released for samba, file, tcpsec, krb5, vnc, snort, epic4, balsa, leksbot, libgtop, fuzz, openssh, MySQL, and mod_auth_any. The distributors include SCO, Conectiva, Connectiva, Debian, Gentoo, and RedHat.

Have you noticed any changes? It probably will not take you long to realize that something is different. First, rather than sorting security advisories by package, we are now sorting by distribution. The purpose of that is to allow you to more easily find information about your desired distribution. Second, the description information provided with each advisory is shorter and probably more informative. For example, rather than giving extreme detail on some vulnerabilities and little to none on others, we are now making an effort to provide a consistent level of detail for all advisories listed. Hopefully, these changes will allow this newsletter to be more helpful to you.

In addition, each week we will include commentary on particularly significant advisories, security news, opinion, tips, research, and anything else that may be interesting to readers.

Do you have any suggestions? We are currently in the first phase of a three-part reconstruction effort to improve the quality of our newsletters. Our goal is to provide a single place for security advisory information that can be accessed quickly. How can we make your job easier? What would you like to see in our newsletters? Do you welcome this change? Do you have any other suggestions on how we can improve?

We look forward to hearing from you!
newsletter-admins@linuxsecurity.com

LinuxSecurity Feature Extras:

At the RealWorld Linux Expo in Toronto, Guardian Digital launched the next generation of the Community edition of our EnGarde Secure Linux. – Guardian Digital is an Internet security company, focusing on the Linux operating system. We have developed a suite of open source Internet security products aimed at companies that recognize the requirement to be secure on the Internet today.

Days of the Honeynet: Attacks, Tools, Incidents – Among other benefits, running a honeynet makes one acutely aware about “what is going on” out there. While placing a network IDS outside one’s firewall might also provide a similar flood of alerts, a honeypot provides a unique prospective on what will be going on when a related server is compromised used by the intruders.

[ Linux Advisory Watch ] – [ Linux Security Week ] – [ PacketStorm Archive ] – [ Linux Security Documentation ]

SCO
Conectiva
Debian
Gentoo
Red Hat

Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability.
[ Subscribe ]

Distribution: SCO
5/7/2003 samba
multiple vulnerabilities

This updates fixes multiple vulnerabilities in samba.
http://www.linuxsecurity.com/advisories/caldera_advisory-3240.html

5/7/2003 file
buffer overflow vulnerability

The file command is vulnerable to a buffer overflow when given a maliciously crafted binary to examine.
http://www.linuxsecurity.com/advisories/caldera_advisory-3241.html

5/7/2003 tcpsec
SYN+FIN packet discarding vulnerability

Allowing TCP packets with both the SYN and FIN bits set significantly improve an attacker’s chances of circumventing a firewall.
http://www.linuxsecurity.com/advisories/caldera_advisory-3242.html

Distribution: Conectiva
5/5/2003 krb5
Multiple vulnerabilities

Cryptographic weakness, buffer overrun and underrun, faulty length checks, and integer signedness vulnerabilities have been fixed.
http://www.linuxsecurity.com/advisories/connectiva_advisory-3232.html

5/5/2003 vnc
Multiple vulnerabilities

Cryptographic weakness, buffer overrun and underrun, faulty length checks, and integer signedness vulnerabilities have been fixed.
http://www.linuxsecurity.com/advisories/connectiva_advisory-3233.html

5/7/2003 snort
integer overflow vulnerability

There is a remotely exploitable integer overflow vulnerability in Snort.
http://www.linuxsecurity.com/advisories/connectiva_advisory-3243.html

Distribution: Debian
5/5/2003 epic4
buffer overflow vulnerability

A malicious server could craft special reply strings, triggering the client to write beyond buffer boundaries.
http://www.linuxsecurity.com/advisories/debian_advisory-3231.html

5/6/2003 balsa
off-by-one vulnerabilities

Byrial Jensen discovered a couple of off-by-one buffer overflow in the IMAP code of Mutt.
http://www.linuxsecurity.com/advisories/debian_advisory-3235.html

5/6/2003 leksbot
improper setuid-root execution

Due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root.
http://www.linuxsecurity.com/advisories/debian_advisory-3236.html

5/7/2003 libgtop
Remote buffer overflow vulnerability

Due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root.
http://www.linuxsecurity.com/advisories/debian_advisory-3244.html

5/7/2003 fuzz
Local privilege escalation vulnerability

Due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root.
http://www.linuxsecurity.com/advisories/debian_advisory-3245.html

Distribution: Gentoo
5/2/2003 openssh
Information disclosure vulnerability

Due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root.
http://www.linuxsecurity.com/advisories/gentoo_advisory-3226.html

Distribution: RedHat
5/2/2003 MySQL
Multiple vulnerabilities

Due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root.
http://www.linuxsecurity.com/advisories/redhat_advisory-3227.html

5/2/2003 mod_auth_any
Arbitrary command execution vulnerability

Due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root.
http://www.linuxsecurity.com/advisories/redhat_advisory-3228.html

Category:

  • Security