Linux Advisory Watch – February 4, 2005

25

Author: Benjamin D. Thomas

This week, advisories were released for squirrelmail, prozilla, cpio,
openswan, enscript, zlib, gaim, cvs, openssl, curl, ruby, rhgh, file,
net-tools, gimp, squid, dump, mc, dbus, kdepim, xpdf, kernel, ngIRCd,
tikiwiki, f2c, ncfs, clamav, imap, chbg, vim, perl-dbi, and
ethereal. The distributors include Debian, Fedora, Gentoo,
Mandrake, and Red Hat.Getting to Know Linux Security: File Permissions

Welcome to the first tutorial in the ‘Getting to Know Linux Security’ series.
The topic explored is Linux file permissions. It offers an easy to follow explanation
of how to read permissions, and how to set them using chmod. This guide is intended
for users new to Linux security, therefore very simple. If the feedback is good,
I’ll consider creating more complex guides for advanced users. Please let us
know what you think and how these can be improved.

Hello, my name is Benjamin Thomas and I am with Guardian Digital,
the primary sponsor of LinuxSecurity.com Welcome to the first of the
“Getting to know Linux Security” series tutorials that will be
featured on our site. Today’s topic is file permissions. This
lesson is primarily intended for those users who are just getting
started, and other wishing to brush up old skills. The examples I
show you today are from a typical Linux command line. Today, I’ll
be using EnGarde Secure Linux. More information about this
distribution can be found at Guardian Digital.com and it can be
downloaded at EnGardeLinux.org.

Lets Begin. To see a listing of files in a directory, execute the
command ‘ls’. As you’ll see, there are no files in the temporary
directory that I’m using. Let’s first create several files.

touch file1 file2 file3

The command ‘ls’ then shows the files we have created. A more
informative way to show the files is ls -la. The ‘l’ switch lists
files in long format and the ‘a’ switch lists all files,
including hidden ones.

Click to view video demo:
http://www.linuxsecurity.com/content/view/118181/49/

 

LinuxSecurity.com
Feature Extras:

The
Tao of Network Security Monitoring: Beyond Intrusion Detection

– To be honest, this was one of the best books that I’ve read on network security.
Others books often dive so deeply into technical discussions, they fail to
provide any relevance to network engineers/administrators working in a corporate
environment. Budgets, deadlines, and flexibility are issues that we must all
address. The Tao of Network Security Monitoring is presented in such a way
that all of these are still relevant.

Encrypting
Shell Scripts
– Do you have scripts that contain sensitive information
like passwords and you pretty much depend on file permissions to keep it secure?
If so, then that type of security is good provided you keep your system secure
and some user doesn’t have a “ps -ef” loop running in an attempt to capture
that sensitive info (though some applications mask passwords in “ps” output).

A
2005 Linux Security Resolution
– Year 2000, the coming of the
new millennium, brought us great joy and celebration, but also brought great
fear. Some believed it would result in full-scale computer meltdown, leaving
Earth as a nuclear wasteland. Others predicted minor glitches leading only
to inconvenience. The following years (2001-2004) have been tainted with the
threat of terrorism worldwide.

 

Take advantage of our Linux Security discussion
list!
This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with “subscribe” as the subject.

Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week’s most relevant Linux security headline
.


   Debian
  Debian: New squirrelmail package fixes
several vulnerabilities
  1st, February, 2005

Upstream developers noticed that an unsanitised variable could
lead to cross site scripting.

http://www.linuxsecurity.com/content/view/118141

 
  Debian: New prozilla packages fix arbitrary
code execution
  1st, February, 2005

Several buffer overflows have been discovered in prozilla, a
multi-threaded download accelerator which could be exploited by a remote
attacker to execute arbitrary code on the victim’s machine. An exploit
for prozilla is already in the wild.

http://www.linuxsecurity.com/content/view/118148

 
  Debian: New cpio packages fix insecure
file permissions
  2nd, February, 2005

http://www.linuxsecurity.com/content/view/118163

 
   Fedora
  Fedora Core 3 Update: enscript-1.6.1-28.0.4
  31st, January, 2005

This update fixes another regression introduced by a recent
update.

http://www.linuxsecurity.com/content/view/118131

 
  Fedora Core 3 Update: openswan-2.1.5-2.FC3.1
  28th, January, 2005

This erratum fixes the remote exploitation of a stack based
buffer overflow vulnerability in Xelerance Corp.’s Openswan, which could
allow attackers to execute arbitrary code.

http://www.linuxsecurity.com/content/view/118104

 
  Fedora Core 2 Update: elinks-0.9.1-1.1
  28th, January, 2005

http://www.linuxsecurity.com/content/view/118108

 
  Fedora Core 3 Update: elinks-0.9.2-2.1
  28th, January, 2005

Links is a text-based Web browser. Links does not display any
images, but it does support frames, tables and most other HTML tags. Links’
advantage over graphical browsers is its speed–Links starts and exits
quickly and swiftly displays Web pages.

http://www.linuxsecurity.com/content/view/118109

 
  Fedora Core 2 Update: enscript-1.6.1-25.3
  28th, January, 2005

This update fixes a regression introduced by the last update.

http://www.linuxsecurity.com/content/view/118111

 
  Fedora Core 3 Update: enscript-1.6.1-28.0.3
  28th, January, 2005

This update fixes a regression introduced by the last update.

http://www.linuxsecurity.com/content/view/118112

 
  Fedora Core 2 Update: zlib-1.2.1.2-0.fc2
  28th, January, 2005

Fixes 2 DoS issues

http://www.linuxsecurity.com/content/view/118113

 
  CORRECTION: Fedora Core 2 Update: gaim-1.1.2-0.FC2
  28th, January, 2005

Fixes a great many bugs. Refer to the official changelog for
details.

http://www.linuxsecurity.com/content/view/118114

 
  CORRECTION: Fedora Core 3 Update: gaim-1.1.2-0.FC3
  28th, January, 2005

Fixes a great many bugs. Refer to the official changelog for
details.

http://www.linuxsecurity.com/content/view/118115

 
  Fedora Core 3 Update: NetworkManager-0.3.3-1.cvs20050119.2.fc3
  31st, January, 2005

Remove bind+caching-nameserver dep for FC-3, use ‘nscd -i hosts’ instead.
DNS queries may timeout now right after device activation due to this
change.

http://www.linuxsecurity.com/content/view/118122

 
  Fedora Core 3 Update: openssl096b-0.9.6b-21
  31st, January, 2005

This update adds missing fix for CAN-2004-0081.

http://www.linuxsecurity.com/content/view/118126

 
  Fedora Core 2 Update: openssl096b-0.9.6b-20
  31st, January, 2005

This update adds missing fix for CAN-2004-0081.

http://www.linuxsecurity.com/content/view/118127

 
  Fedora Core 3 Update: curl-7.12.3-2
  31st, January, 2005

libidn-devel is now required so that systems using the devel
subpkg will build correctly. The latest version of curl uses the poll()
syscall to get around a previous file descriptor limit.

http://www.linuxsecurity.com/content/view/118128

 
  Fedora Core 3 Update: system-config-printer-0.6.116.1-1
  31st, January, 2005

Bug-fix release.

http://www.linuxsecurity.com/content/view/118132

 
  Fedora Core 3 Update: ruby-1.8.2-1.FC3.1
  31st, January, 2005

Ruby is the interpreted scripting language for quick and easy
object-oriented programming. It has many features to process text files
and to do system management tasks (as in Perl). It is simple, straight-forward,
and extensible.

http://www.linuxsecurity.com/content/view/118133

 
  Fedora Core 3 Update: rhgb-0.16.2-1.FC3
  31st, January, 2005

This update fixes various errors of the form “init: open(/dev/pts/0):
No such file or directory”.

http://www.linuxsecurity.com/content/view/118134

 
  Fedora Core 3 Update: file-4.12-1.FC3.1
  1st, February, 2005

The file command is used to identify a particular file according
to the type of data contained by the file. File can identify many different
file types, including ELF binaries, system libraries, RPM packages, and
different graphics formats.

http://www.linuxsecurity.com/content/view/118143

 
  Fedora Core 3 Update: net-tools-1.60-37.FC3.1
  1st, February, 2005

The net-tools package contains basic networking tools, including
ifconfig, netstat, route, and others.

http://www.linuxsecurity.com/content/view/118144

 
  Fedora Core 3 Update: gimp-2.2.3-0.fc3.2
  1st, February, 2005

The GIMP includes a scripting facility, but many of the included
scripts rely on fonts that we cannot distribute. The GIMP FTP site has
a package of fonts that you can install by yourself, which includes all
the fonts needed to run the included scripts. Some of the fonts have unusual
licensing requirements; all the licenses are documented in the package.

http://www.linuxsecurity.com/content/view/118145

 
  Fedora Core 3 Update: system-config-services-0.8.18-0.fc3.1
  1st, February, 2005

system-config-services is a utility which allows you to configure
which services should be enabled on your machine.

http://www.linuxsecurity.com/content/view/118146

 
  Fedora Core 2 Update: squid-2.5.STABLE7-1.FC2.1
  1st, February, 2005

Squid consists of a main server program squid, a Domain Name
System lookup program (dnsserver), a program for retrieving FTP data (ftpget),
and some management and client tools.

http://www.linuxsecurity.com/content/view/118153

 
  Fedora Core 3 Update: squid-2.5.STABLE7-1.FC3.1
  1st, February, 2005

Squid keeps meta data and especially hot objects cached in RAM,
caches DNS lookups, supports non-blocking DNS lookups, and implements
negative caching of failed requests.

http://www.linuxsecurity.com/content/view/118154

 
  Fedora Core 2 Update: dump-0.4b39-1.FC2
  2nd, February, 2005

Updated dump packages contain fixes related to possible data
corruption, unintentional writes to target partition and many other bugfixes.
The updated dump also contains support for Extended Attributes/Access
Control Lists.

http://www.linuxsecurity.com/content/view/118164

 
  Fedora Core 3 Update: dump-0.4b39-1.FC3
  2nd, February, 2005

Updated dump packages contain fixes for unintentional writes
to target partition and other bugfixes. The updated dump also contains
support for Extended Attributes/Access Control Lists.

http://www.linuxsecurity.com/content/view/118165

 
  Fedora Core 3 Update: mc-4.6.1-0.12.FC3
  2nd, February, 2005

The updated mc package contains the latest release candidate,
mc-4.6.1-pre3 and many bugfixes.

http://www.linuxsecurity.com/content/view/118166

 
  Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.75
  2nd, February, 2005

This package contains the SELinux example policy configuration
along with the Flask configuration information and the application configuration
files.

http://www.linuxsecurity.com/content/view/118167

 
  Fedora Core 3 Update: policycoreutils-1.18.1-2.6
  2nd, February, 2005

Security-enhanced Linux is a patch of the Linux¨ kernel and
a number of utilities with enhanced security functionality designed to
add mandatory access controls to Linux.

http://www.linuxsecurity.com/content/view/118168

 
  Fedora Core 3 Update: dbus-0.22-10.FC3.2
  2nd, February, 2005

Security fix for Bug#146765 (CAN-2005-0201)

http://www.linuxsecurity.com/content/view/118170

 
  Fedora Core 3 Update: kdepim-3.3.1-1.FC3.1
  3rd, February, 2005

A PIM (Personal Information Manager) for KDE.

http://www.linuxsecurity.com/content/view/118175

 
  Fedora Core 3 Update: xpdf-3.00-10.3
  3rd, February, 2005

Xpdf is an X Window System based viewer for Portable Document
Format (PDF) files. Xpdf is a small and efficient program which uses standard
X fonts.

http://www.linuxsecurity.com/content/view/118176

 
  Fedora Core 2 Update: kernel-2.6.10-1.12_FC2
  3rd, February, 2005

The kernel package contains the Linux kernel (vmlinuz), the
core of any Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

http://www.linuxsecurity.com/content/view/118177

 
  Fedora Core 3 Update: kernel-2.6.10-1.760_FC3
  3rd, February, 2005

The kernel package contains the Linux kernel (vmlinuz), the
core of any Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.

http://www.linuxsecurity.com/content/view/118178

 
   Gentoo
  Gentoo: SquirrelMail Multiple vulnerabilities
  28th, January, 2005

SquirrelMail fails to properly sanitize user input, which could
lead to arbitrary code execution and compromise webmail accounts.

http://www.linuxsecurity.com/content/view/118103

 
  Gentoo: ngIRCd Buffer overflow
  28th, January, 2005

ngIRCd is vulnerable to a buffer overflow that can be used to
crash the daemon and possibly execute arbitrary code.

http://www.linuxsecurity.com/content/view/118110

 
  Gentoo: TikiWiki Arbitrary command execution
  30th, January, 2005

A bug in TikiWiki allows certain users to upload and execute
malicious PHP scripts.

http://www.linuxsecurity.com/content/view/118117

 
  Gentoo: VDR Arbitrary file overwriting
issue
  30th, January, 2005

VDR insecurely accesses files with elevated privileges, which
may result in the overwriting of arbitrary files.

http://www.linuxsecurity.com/content/view/118118

 
  Gentoo: f2c Insecure temporary file creation
  30th, January, 2005

f2c is vulnerable to symlink attacks, potentially allowing a
local user to overwrite arbitrary files.

http://www.linuxsecurity.com/content/view/118119

 
  Gentoo: ncpfs Multiple vulnerabilities
  30th, January, 2005

The ncpfs utilities contain multiple flaws, potentially resulting
in the remote execution of arbitrary code or local file access with elevated
privileges.

http://www.linuxsecurity.com/content/view/118120

 
  Gentoo: Gallery Cross-site scripting
vulnerability
  30th, January, 2005

Gallery is vulnerable to cross-site scripting attacks.

http://www.linuxsecurity.com/content/view/118121

 
  Gentoo: ClamAV Multiple issues
  31st, January, 2005

ClamAV contains two vulnerabilities that could lead to Denial
of Service and evasion of virus scanning.

http://www.linuxsecurity.com/content/view/118130

 
  Gentoo: FireHOL Insecure temporary file
creation
  1st, February, 2005

FireHOL is vulnerable to symlink attacks, potentially allowing
a local user to overwrite arbitrary files.

http://www.linuxsecurity.com/content/view/118150

 
  Gentoo: FireHOL Insecure temporary file
creation
  1st, February, 2005

FireHOL is vulnerable to symlink attacks, potentially allowing
a local user to overwrite arbitrary files.

http://www.linuxsecurity.com/content/view/118151

 
  Gentoo: UW IMAP CRAM-MD5 authentication
bypass
  2nd, February, 2005

UW IMAP contains a vulnerability in the code handling CRAM-MD5
authentication allowing authentication bypass.

http://www.linuxsecurity.com/content/view/118157

 
  Gentoo: enscript Multiple vulnerabilities
  2nd, February, 2005

enscript suffers from vulnerabilities and design flaws, potentially
resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/118159

 
  Gentoo: Squid Multiple vulnerabilities
  2nd, February, 2005

Squid contains vulnerabilities in the code handling WCCP, HTTP
and LDAP which could lead to Denial of Service, access control bypass,
web cache and log poisoning.

http://www.linuxsecurity.com/content/view/118169

 
  Gentoo: Newspost Buffer overflow vulnerability
  2nd, February, 2005

A buffer overflow can be exploited to crash Newspost remotely
and potentially execute arbitrary code.

http://www.linuxsecurity.com/content/view/118171

 
   Mandrake
  Mandrake: Updated clamav package
  29th, January, 2005

A problem in the initscript prevented clamd from starting properly.
These new packages fix that problem.

http://www.linuxsecurity.com/content/view/118116

 
  Mandrake: Updated clamav packages fix
  31st, January, 2005

Two problems were discovered in versions of clamav prior to
0.81. An attacker could evade virus scanning by sending a base64-encoded
imaege file in a URL. Also, by sending a specially-crafted ZIP file, an
attacker could cause a DoS (Denial of Service) by crashing the clamd daemon.

http://www.linuxsecurity.com/content/view/118136

 
  Mandrake: Updated KDE packages
  31st, January, 2005

A problem with the previous update prevented users from updating
kdebase due to a missing file and incomplete rpm header information. The
updated kdebase packages fix this problem.

http://www.linuxsecurity.com/content/view/118137

 
  Mandrake: Updated imap packages fix
  2nd, February, 2005

A vulnerability was discovered in the CRAM-MD5 authentication
in UW-IMAP where, on the fourth failed authentication attempt, a user
would be able to access the IMAP server regardless. This problem exists
only if you are using CRAM-MD5 authentication and have an /etc/cram-md5.pwd
file. This is not the default setup. The updated packages have been patched
to prevent these problems.

http://www.linuxsecurity.com/content/view/118155

 
  Mandrake: Updated chbg packages fix
  2nd, February, 2005

A vulnerability in chbg was discovered by Danny Lungstrom. A
maliciously-crafted configuration/scenario file could overflow a buffer
leading to the potential execution of arbitrary code. The updated packages
are patched to prevent the problem.

http://www.linuxsecurity.com/content/view/118156

 
  Mandrake: Updated vim packages fix
  2nd, February, 2005

Javier Fernandez-Sanguino Pena discovered two vulnerabilities
in scripts included with the vim editor. The two scripts, “tcltags” and
“vimspell.sh” created temporary files in an insecure manner which could
allow a malicious user to execute a symbolic link attack or to create,
or overwrite, arbitrary files with the privileges of the user invoking
the scripts. The updated packages are patched to prevent this problem.

http://www.linuxsecurity.com/content/view/118172

 
   Red
Hat
  RedHat: Updated enscript package fixes
security issues
  1st, February, 2005

An updated enscript package that fixes several security issues
is now available.

http://www.linuxsecurity.com/content/view/118138

 
  RedHat: Updated CUPS packages fix security
issue
  1st, February, 2005

Updated CUPS packages that fixes a security issue are now available.

http://www.linuxsecurity.com/content/view/118139

 
  RedHat: Updated perl-DBI package fixes
security issue
  1st, February, 2005

An updated perl-DBI package that fixes a temporary file flaw
in DBI::ProxyServer is now available.

http://www.linuxsecurity.com/content/view/118140

 
  RedHat: Updated Ethereal packages fix
security issues
  2nd, February, 2005

Updated Ethereal packages that fix various security vulnerabilities
are now available.

http://www.linuxsecurity.com/content/view/118158