Thomas
Linux Advisory Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It includes pointers
to updated packages and descriptions of each vulnerability.
This week, advisories were released for bind, perl, canna, klisa, cyrus-imapd,
wget, kde, and fetchmail. The distributors include Caldera, Debian, Gentoo,
and SuSE.
LinuxSecurity Feature Extras:
No
‘A’ Word In Time – Maintaining accurate time is required for security.
Many tools and devices exist to ensure that accurate time is maintained
on an organization’s system. It makes the job of analysis and system administration
much easier to deal with, as well.If
It Ain’t Broke See If It’s Fixed – Attackers are still compromising
servers with well-known attacks. General awareness can assist the busy
administrators and users to protect their systems from these kinds of attacks.
SANS provides a list of the Top 20 most common security vulnerabilities,
how to identify each, and what can be done to protect against
these vulnerabilities.
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
| Package: | bind |
| Date: | 12-20-2002 |
| Description: | A vulnerability in the DNS resolver library may allow remote attackers to execute arbitrary code with the privileges of applications that issue network name or address requests. |
| Vendor Alerts: | Caldera:
|
| Package: | perl |
| Date: | 12-20-2002 |
| Description: | A security hole has been discovered in Safe.pm. When a Safe compartment has already been used, there’s no guarantee that it’s safe any longer, because there’s a way for code executed within the Safe compartment to alter its operation mask. (Thus, programs that use a Safe compartment only once aren’t affected by this bug |
| Vendor Alerts: | Gentoo:
|
| Package: | canna |
| Date: | 12-20-2002 |
| Description: | hsj” of Shadow Penguin Security discovered a heap overflow vulnerability in the irw_through function in canna server version 3.6 and earlier.” |
| Vendor Alerts: | Gentoo:
|
| Package: | klisa |
| Date: | 12-20-2002 |
| Description: | The lisa daemon contains a buffer overflow vulnerability which potentially enables any local user, as well any any remote attacker on the LAN who is able to gain control of the LISa port (7741 by default), to obtain root privileges. In addition, a remote attacker potentially may be able to gain access to a victim’s account by using an “rlan://” URL in an HTML page or via another KDE application. |
| Vendor Alerts: | Debian:
|
| Package: | cyrus-imapd |
| Date: | 12-20-2002 |
| Description: | The cyrus imapd contains a buffer overflow which could be exploited by remote attackers prior to logging in. Attackers could generate oversized error messages and overflow buffers inside imapd. |
| Vendor Alerts: | SuSE:
Debian:
|
| Package: | wget |
| Date: | 12-20-2002 |
| Description: | A malicious server could potentially overwrite key files to cause a denial of service or, in some cases, gain privileges by modifying executable files. The risk is mitigated because non-default configurations are primarily affected, and the user must be convinced to access the malicious server. However, web-based clients may be more easily exploited. |
| Vendor Alerts: | Gentoo:
|
| Package: | kde |
| Date: | 12-22-2002 |
| Description: | In some instances KDE fails to properly quote parameters of instructions passed to a command shell for execution. |
| Vendor Alerts: | Gentoo:
|
| Package: | fetchmail |
| Date: | 12-22-2002 |
| Description: | When fetchmail retrieves a mail all headers that contain addresses are searched for local addresses. If a hostname is missing, fetchmail appends it but doesn’t reserve enough space for it. This heap overflow can be used by remote attackers to crash it or to execute arbitrary code with the privileges of the user running fetchmail. |
| Vendor Alerts: | Debian:
|
Category:
- Security
