This week, advisories were
released for docview, unzip, sendmail, iptables, pam_smb, gdm, php, and perl.
The distributors include Debian, FreeBSD, Gentoo, Mandrake, Red Hat, Slackware,
SuSE, and TurboLinux.
Last Saturday, ISECOM released
version 2.1 of the Open-Source Security Testing Methodology Manual. For those
of you who are not familiar with it, the OSSTMM is an established standard for
testing security. It includes information on ethics, legalities, rules of engagement,
and many templates that will prove to be useful to those conducting penetration
tests. The document is intended to be used by security testing professionals
as well as developers, systems analysts, and architects.
The OSSTMM provides a very
structured method for pen-testing. The manual includes sections on information
security, process security, internet technology security, communications security,
wireless security, and physical security. Each section module has several detailed
parts. For example, information security testing includes posture assessment,
information integrity review, human resources review, competitive intelligence
scouting, and many others. The beauty of the OSSTMM is that it provides a peer-reviewed
and comprehensive listing of tests that should be conducted. Many consulting
firms have an established testing methodology. However, the average security
professional has a few tricks, but it is by no means comprehensive. The OSSTMM
gives everyone an open standard that can be trusted and is not unnecessarily
complex.
As mentioned previously,
the OSSTMM provides pen-testing templates. The examples provided can easily
be re-produced in any spreadsheet application to be used multiple times. It
is also just as acceptable to re-print or edit the PDF. Templates include one
for firewall analysis, ids testing, social engineering, privacy, password cracking,
denial of service, and others. If you are involved in security at any level,
you should definitely use the OSSTMM. It is extremely valuable.
The OSSTMM document and
the Institute for Security and Open Methodologies Web site is at the following
URL: http://www.isecom.org
Until next time,
Benjamin D. Thomas
LinuxSecurity Feature
Extras:
A
Practical Approach of Stealthy Remote Administration
– This paper is written for those paranoid administrators who are looking
for a stealthy technique of managing sensitive servers (like your enterprise
firewall console or IDS).Expert
vs. Expertise: Computer Forensics and the Alternative OS – No longer
a dark and mysterious process, computer forensics have been significantly
on the scene for more than five years now. Despite this, they have only recently
gained the notoriety they deserve.[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.
[ Subscribe
]
| Distribution: | Debian | ||
| 8/26/2003 | unzip | ||
| directory traversal vulnerability
A directory traversal vulnerability in UnZip 5.50 allows attackers tobypass |
|||
| 8/26/2003 | libpam-smb buffer overflow vulnerability | ||
| directory traversal vulnerability
If a long password is supplied, this cancause a buffer overflow which could |
|||
| Distribution: | FreeBSD | ||
| 8/26/2003 | sendmail | ||
| DNS map vulnerability
Some versions of sendmail (8.12.0 through 8.12.8) contain aprogramming error |
|||
| Distribution: | Gentoo | ||
| 8/25/2003 | vmware-server env variable vulnerability | ||
| DNS map vulnerability
By manipulating the VMware GSX Server and VMware Workstationenvironment |
|||
| Distribution: | Mandrake | ||
| 8/27/2003 | sendmail | ||
| dns map vulnerability
Due to wrong initialization of RESOURCE_RECORD_T structures, if sendmail |
|||
| Distribution: | Red Hat | ||
| 8/26/2003 | iptables | ||
| upgrade fix
Recent updates to the kernel in Red Hat Linux versions 7.1, 7.2, 7.3 and8.0 |
|||
| 8/27/2003 | pam_smb | ||
| remote buffer overflow vulnerability
On systems that use pam_smb and are configured to authenticate aremotely |
|||
| Distribution: | Slackware | ||
| 8/25/2003 | GDM | ||
| file permission vulnerability
This fixes a bug where a local user may read any system file by making a |
|||
| 8/26/2003 | unzip | ||
| directory traversal vulnerability
These fix a security issue where a specially crafted archive mayoverwrite |
|||
| Distribution: | SuSE | ||
| 8/26/2003 | sendmail | ||
| dns map vulnerability
When sendmail receives an invalid DNS response it tries to call free on |
|||
| Distribution: | TurboLinux | ||
| 8/27/2003 | php | ||
| XSS vulnerability
The cross-site scripting vulnerability is in the transparent SID support |
|||
| 8/27/2003 | gdm | ||
| file permission vulnerability
GDM contains a bug where GDM will run as root when examining the ~/.xsession-errors |
|||
| 8/27/2003 | perl | ||
| CGI.pm XSS vulnerability
A cross-site scripting vulnerability exists in the start_form() function |
|||
Category:
- Security
