Linux Advisory Watch – February 27, 2004

This week, advisories were released for XFree86, the Linux kernel, lbreakout2, mailman, synaesthesia, hsftp, pwlib, metamail, libxml2, mtools, OpenSSL, mod_python, and libxml2. The distributors include Conectiva, Debian, Fedora, Immunix, Mandrake, NetBSD, Red Hat, Suse, Trustix, and Turbolinux.

SELinux Making Progress

First released in December 2000,
SELinux has continued making progress in development. It was introduced containing
mandatory access controls and an example security policy demonstrating its usage.
Over the past three years, the NSA and a team of volunteers have continued making
improvements on a consistent basis.

SELinux can provide access control
for kernel objects, services, processes, files, directories, sockets, network
interfaces, and others. It provides protection mechanisms against many well-known
problems because it eliminates the dependence on setuid/setgid binaries. In
a nutshell, mandatory access control provides a finer and more in-depth level
of control for administrators. Rather than being bound to the rules established
by software, effectively an administrator can fully set the security policy.

The latest release of SELinux includes
an updated base kernel and enhanced policy language. SELinux is a patch that
can be applied to the kernel of virtually any Linux system. At the moment, many
of the major Linux distributions are developing patches that will give users
the ability to easily take advantage of SELinux. When used correctly, SELinux
can provide administrators with a greater level of assurance.

Although the technology that SELinux
takes advantage of can provide many benefits, if used incorrectly a system can
still remain vulnerable. Poor administration practices and uninformed staff
can be problematic. For example, incorrectly implementing the software could
give a false impression of security, when in reality problems still exist. When
evaluating a new tool or kernel patch it is important to take each step slowly.
The system should be setup in a test environment and fully evaluated. Also,
before moving a system into production, everyone involved should be fully trained
to deal with incidents if they arise.

If you are interested in finding
out more about SELinux, please see the following link.

Until next time, cheers!
Benjamin D. Thomas

LinuxSecurity
Feature Extras:

Interview
with Vincenzo Ciaglia, Founder of Netwosix
– In this article, a brief introduction of Netwosix is given and the project
founder Vincenzo Ciaglia is interviewed. Netwosix is light Linux distribution
for system administrators and advanced users.

Introduction
to Netwox and Interview with Creator Laurent Constantin
– In this article Duane Dunston gives a brief introduction to Netwox, a combination
of over 130 network auditing tools. Also, Duane interviews Laurent Constantin,
the creator of Netwox.

Managing
Linux Security Effectively in 2004
– This article examines the process of proper Linux security management in
2004. First, a system should be hardened and patched. Next, a security routine
should be established to ensure that all new vulnerabilities are addressed.
Linux security should be treated as an evolving process.

[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]

 

Linux Advisory Watch
is a comprehensive newsletter that outlines the security vulnerabilities that
have been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.
[ Subscribe
]

Distribution:			Conectiva
	2/23/2004	kernel
		Privilege escalation vulnerability Bug can be used by local attackers to obtain root privileges. Advisory
	2/23/2004	XFree86
		Multiple vulnerabilities Greg MacManus from iDEFENSE Labs discovered[3][5] two vulnerabilities in the way the X server deals with font files. Advisory
Distribution:			Debian
	2/20/2004	XFree86
		Multiple vulnerabilities Various buffer-overflow and input-non-validation vulnerabilities are fixed in this patch. Advisory
	2/20/2004	kernel
		Privilege escalation vulnerability This patch is for the ia64 architecture. Advisory
	2/23/2004	lbreakout2
		Environment non-sanitation vulnerability This bug could be exploited by a local attacker to gain the privileges of group “games”. Advisory
	2/23/2004	mailman
		Multiple vulnerabilities Patch for cross-site scripting and denial of service vulnerabilities. Advisory
	2/23/2004	synaesthesia
		Insecure file creation This type of vulnerability can usually be easily exploited to execute arbitary code with root privileges by various means. Advisory
	2/23/2004	hsftp
		Format string vulnerability An attacker, able to create files on a remote server, could potentially execute arbitrary code with the privileges of the user invoking hsftp. Advisory
	2/23/2004	pwlib
		Multiple vulnerabilities This library is most notably used in several applications implementing the H.323 teleconferencing protocol, including the OpenH323 suite, gnomemeeting and asterisk. Advisory
	2/24/2004	metamail
		Multiple vulnerabilities An attacker could create a carefully-crafted mail message which will execute arbitrary code as the victim when it is opened and parsed through metamail. Advisory
Distribution:			Fedora
	2/26/2004	libxml2
		Buffer overflow vulnerability Updated libxml2 packages are available to fix an overflow when parsing the URI for remote resources. Advisory
Distribution:			Immunix
	2/26/2004	kernel
		Privilege escalation vulnerability While they found the flaw on the 2.4 series of Linux kernels, the 2.2 series of Linux kernels is also vulnerable to the same problem. Advisory
Distribution:			Mandrake
	2/24/2004	kernel
		Privilege escalation vulnerability A flaw in the Linux kernel, versions 2.4.24 and previous, could allow a local user to obtain root privileges. Advisory
	2/25/2004	mtools
		Inappropriate use of privilege The mformat program can be used to gain root privileges when run suid root. Advisory
	2/26/2004	kernel
		Privilege escalation vulnerabilities This patches one mremap() and several driver vulnerabilites, each capable of allowing a local root compromise. Advisory
Distribution:			NetBSD
	2/20/2004	Multiple
		Addendums to recent advisories Here are three mailings from the NetBSD announce list that discuss various gotchas with the recent advisories. Advisory
	2/20/2004	OpenSSL
		Denial of service vulnerability OpenSSL 0.9.6k ASN.1 parser had a possible denial-of-service vulnerability. Advisory
Distribution:			Red Hat
	2/26/2004	mod_python
		Denial of service vulnerability Updated mod_python packages that fix a denial of service vulnerability are now available for Red Hat Linux. Advisory
	2/26/2004	libxml2
		Buffer overflow vulernability Updated libxml2 packages that fix an overflow when parsing remote resources are now available. Advisory
	2/26/2004	mod_python
		Denial of service vulnerability Updated mod_python packages that fix a denial of service vulnerability are now available for Red Hat Enterprise Linux. Advisory
	2/26/2004	libxml2
		Improper parse vulnerability Updated libxml2 packages that fix an overflow when parsing remote resources are now available. Advisory
Distribution:			Suse
	2/23/2004	XFree86
		Multiple vulnerabilities Successful exploitation of these bugs leads to local root access. Advisory
Distribution:			Trustix
	2/23/2004	kernel
		2.2.25 Privilege escalation vulnerability Through this hole, it is possible for anyone with a local account on the system to gain root privileges. This is the kernel 2.2.25 counterpart to the security hole fixed in TSLSA-2004-0007. Advisory
Distribution:			Turbolinux
	2/23/2004	kernel
		Privilege escalation vulnerability A Linux memory management subsystem (mremap) issue has been discovered in kernel 2.4. Advisory