Linux Advisory Watch – July 22, 2005

47

Author: Benjamin D. Thomas

This week, advisories were released for krb5, heimdal, phpgadmin,
ekg, heartbeat, affix, zlib, cacti, java, diskdumputils, radvd,
bind, kdelibs, freeradius, firefox, thunderbird, ypserv, mysql,
setarch, openoffice, pvm, fetchmail, mozilla, epiphany, devhelp,
yelp, php, ruby, acroread, phpgroupware, dhcpd, mediawiki, cpio,
shorewall, and kdenetwork. The distributors include Debian,
Fedora, Gentoo, and Red Hat.

Network Server Monitoring With Nmap
By: Pax Dickinson

Portscanning, for the uninitiated, involves sending connection requests
to a remote host to determine what ports are open for connections and
possibly what services they are exporting. Portscanning is the first
step a hacker will take when attempting to penetrate your system, so
you should be preemptively scanning your own servers and networks to
discover vulnerabilities before someone unfriendly gets there first.

Any open ports that are unnecessary for proper system operation should
be closed. Every open port is a possible access point for an
unauthorized user, and every service accepting connections from the
world could have a vulnerability. Even if you are diligent about
applying patches, any unnecessarily running service is still a window
an attacker could possibly climb through.

One way of viewing open ports on your Linux system is with the netstat
command. Issue the command netstat –inet -a to view both your
established connections and open listening network ports. This command
reads from your /etc/services file to determine the service name for a
given port number, so seeing *:www under the Local Address heading
indicates your server’s port 80 is open and listening, not that there
is necessarily a webserver running on that port. You should check the
list and ensure that the servers listening are indeed desired, and if
they are not, they should be disabled. For example, this output shows
me that my system is accepting connections on the ports for www, ssh,
smtp and https.

Read Complete Article:

http://www.linuxsecurity.com/content/view/119808/49/

 

LinuxSecurity.com
Feature Extras:


Pull The Plug Revisited: An Interview Five Years Later
– Five years after our original interview with Brian Gemberling, founder
of PullthePlug.org, we catch up with Daniel Alvarez and the rest of
the site’s administrative management. Its structured management and
focus on the community will ensure many years of continued success.
You’re asking, what is pull the plug? Read more to find out…

Linux File
& Directory Permissions Mistakes
– One common mistake Linux administrators
make is having file and directory permissions that are far too liberal and
allow access beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this article,
so I’ll assume you are familiar with the usage of such tools as chmod, chown,
and chgrp. If you’d like a refresher, one is available right here on linuxsecurity.com.

Introduction:
Buffer Overflow Vulnerabilities
– Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.

 

Take advantage of our Linux Security discussion
list!
This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with “subscribe” as the subject.

Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week’s most relevant Linux security headline
.


   Debian
  Debian: New krb5 packages fix multiple vulnerabilities
  17th, July, 2005

Daniel Wachdorf reported two problems in the MIT krb5 distribution used
for network authentication.

 
  Debian: New heimdal packages fix arbitrary code execution
  18th, July, 2005

A buffer overflow has been discovered in the telnet server from
Heimdal, a free implementation of Kerberos 5, that could lead to the
execution of arbitrary code.

 
  Debian: New phppgadmin packages fix directory traversal vulnerability
  18th, July, 2005

A vulnerability has been discovered in phppgadmin, a set of PHP
scripts to administrate PostgreSQL over the WWW, that can lead to
disclose sensitive information. Successful exploitation requires that
“magic_quotes_gpc” is disabled.

 
  Debian: New ekg packages fix several vulnerabilities
  18th, July, 2005

Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program.

 
  Debian: New heartbeat packages fix insecure temporary files
  19th, July, 2005

Eric Romang discovered several insecure temporary file creations in heartbeat, the subsystem for High-Availability Linux.

 
  Debian: New affix packages fix arbitrary command and code execution
  19th, July, 2005

Kevin
Finisterre discovered two problems in the Bluetooth FTP client from
affix, user space utilities for the Affix Bluetooth protocol
stack.

 
  Debian: New zlib packages fix buffer overflow
  20th, July, 2005

Flaw
in the way zlib, a library used for file compression and decompression,
handles invalid input. This flaw can cause programs which use zlib to
crash when opening an invalid file.

 
  Debian: New cacti packages fix several vulnerabilities
  21st, July, 2005

Several
vulnerabilities have been discovered in cacti, a round-robin database
(RRD) tool that helps create graphs from database information.

 
   Fedora
  Fedora Core 4 Update: java-1.4.2-gcj-compat-1.4.2.0-40jpp_31rh.FC4.1
  18th, July, 2005

Cope with impending libgcj and eclipse-ecj updates and provide aot-compile-rpm.

 
  Fedora Core 3 Update: diskdumputils-1.1.7-3
  18th, July, 2005

Updated package released.

 
  Fedora Core 4 Update: diskdumputils-1.1.7-4
  18th, July, 2005

Updated package released.

 
  Fedora Core 4 Update: radvd-0.8-1.FC4
  18th, July, 2005

New package released.

 
  Fedora Core 3 Update: radvd-0.8-1.FC3
  18th, July, 2005

New package released.

 
  Fedora Core 4 Update: bind-9.3.1-8.FC4
  19th, July, 2005

Fix named.init script bugs.

 
  Fedora Core 3 Update: bind-9.2.5-3
  19th, July, 2005

Fix named.init script bugs.

 
  Fedora Core 3 Update: radvd-0.8-2.FC3
  19th, July, 2005

Updated package released.

 
  Fedora Core 4 Update: radvd-0.8-2.FC4
  19th, July, 2005

Updated package released.

 
  Fedora Core 3 Update: kdelibs-3.3.1-2.14.FC3
  19th, July, 2005

A
flaw was discovered affecting Kate, the KDE advanced text editor, and
Kwrite. Depending on system settings it may be possible for a local
user
to read the backup files created by Kate or Kwrite.

 
  Fedora Core 4 Update: freeradius-1.0.4-1.FC4.1
  20th, July, 2005

Fixes missing ldap plugin.

 
  Fedora Core 3 Update: firefox-1.0.6-1.1.fc3
  20th, July, 2005

Fix various security related bugs.

 
  Fedora Core 3 Update: thunderbird-1.0.6-1.1.fc3
  20th, July, 2005

Fix various security related bugs.

 
  Fedora Core 4 Update: firefox-1.0.6-1.1.fc4
  20th, July, 2005

Fix various security related bugs.

 
  Fedora Core 4 Update: thunderbird-1.0.6-1.1.fc4
  20th, July, 2005

Fix various security related bugs.

 
  Fedora Core 4 Update: ypserv-2.13-7
  20th, July, 2005

Fix crash with ypxfr caused by failing to zero out data.

 
  Fedora Core 4 Update: mysql-4.1.12-2.FC4.1
  20th, July, 2005

Update
to MySQL 4.1.12 (includes a low-impact security fix, see bz#158689).
Repair some issues in openssl support. Re-enable the old ISAM table
type.

 
  Fedora Core 4 Update: setarch-1.8-1.FC4
  21st, July, 2005

Bugfix package release.

 
  Fedora Core 4 Update: openoffice.org-1.9.117-3.1.0.fc4
  21st, July, 2005

Updated package released.

 
  Fedora Core 3 Update: pvm-3.4.5-5_FC3
  21st, July, 2005

Updated package released.

 
  Fedora Core 4 Update: pvm-3.4.5-5_FC4
  21st, July, 2005

Updated package released.

 
  Fedora Core 4 Update: fetchmail-6.2.5-7.fc4.1
  21st, July, 2005

A
buffer overflow was discovered in fetchmail’s POP3 client. A malicious
server could cause fetchmail to execute arbitrary code. The Common
Vulnerabilities and Exposures project has assigned the name
CAN-2005-2355 to this issue. All fetchmail users should upgrade to the
updated package, which fixes this issue.

 
  Fedora Core 3 Update: fetchmail-6.2.5-7.fc3.1
  21st, July, 2005

A
buffer overflow was discovered in fetchmail’s POP3 client. A malicious
server could cause fetchmail to execute arbitrary code. The Common
Vulnerabilities and Exposures project has assigned the name
CAN-2005-2355 to this issue. All fetchmail users should upgrade to the
updated package, which fixes this issue.

 
  Fedora Core 3 Update: mozilla-1.7.10-1.3.1
  22nd, July, 2005

Package repairs various vulnerabilities.

 
  Fedora Core 3 Update: epiphany-1.4.4-4.3.5
  22nd, July, 2005

There
were several security flaws found in the mozilla package, which
epiphany depends on. Users of epiphany are advised to upgrade to this
updated package which has been rebuilt against a version of mozilla not
vulnerable to these flaws.

 
  Fedora Core 3 Update: devhelp-0.9.2-2.3.5
  22nd, July, 2005

There
were several security flaws found in the mozilla package, which devhelp
depends on. Users of devhelp are advised to upgrade to this updated
package which has been rebuilt against a version of mozilla not
vulnerable to these flaws.

 
  Fedora Core 4 Update: mozilla-1.7.10-1.5.1
  22nd, July, 2005

Package repairs various vulnerabilities.

 
  Fedora Core 4 Update: epiphany-1.6.3-2
  22nd, July, 2005

There
were several security flaws found in the mozilla package, which
epiphany depends on. Users of epiphany are advised to upgrade to this
updated package which has been rebuilt against a version of mozilla not
vulnerable to these flaws.

 
  Fedora Core 4 Update: devhelp-0.10-1.4.1
  22nd, July, 2005

There
were several security flaws found in the mozilla package, which devhelp
depends on. Users of devhelp are advised to upgrade to this updated
package which has been rebuilt against a version of mozilla not
vulnerable to these flaws.

 
  Fedora Core 4 Update: yelp-2.10.0-1.4.1
  22nd, July, 2005

There
were several security flaws found in the mozilla package, which yelp
depends on. Users of yelp are advised to upgrade to this updated
package which has been rebuilt against a version of mozilla not
vulnerable to these flaws.

 
   Gentoo
  Gentoo: Mozilla Firefox Multiple Vulnerabilities
  15th, July, 2005

Several vulnerabilities in Mozilla Firefox allow attacks ranging from
execution of script code with elevated privileges to information leak.

 
  Gentoo: PHP Script injection through XML-RPC
  15th, July, 2005

PHP includes an XML-RPC implementation which allows remote attackers to
execute arbitrary PHP script commands.

 
  Gentoo: Ruby Arbitrary command execution through XML-RPC
  15th, July, 2005

A vulnerability in XMLRPC.iPIMethods allows remote attackers to execute
arbitrary commands.

 
  Gentoo: Adobe Acrobat Reader Buffer overflow vulnerability
  15th, July, 2005

Adobe Acrobat Reader is vulnerable to a buffer overflow that could lead
to remote execution of arbitrary code.

 
  Gentoo: phpGroupWare, eGroupWare PHP script injection vulnerability
  15th, July, 2005

phpGroupWare and eGroupWare include an XML-RPC implementation which
allows remote attackers to execute arbitrary PHP script commands.

 
  Gentoo: dhcpcd Denial of Service vulnerability
  15th, July, 2005

A vulnerability in dhcpcd may cause the dhcpcd daemon to crash.

 
  Gentoo: Mozilla Thunderbird Multiple Vulnerabilities
  18th, July, 2005

Several vulnerabilities in Mozilla Thunderbird allow attacks ranging
from execution of script code with elevated privileges to information
leak.

 
  Gentoo: Mozilla Thunderbird Multiple vulnerabilities
  19th, July, 2005

Several
vulnerabilities in Mozilla Thunderbird allow attacks ranging from
execution of script code with elevated privileges to information
leaks.

 
  Gentoo: MediaWiki Cross-site scripting vulnerability
  20th, July, 2005

MediaWiki is vulnerable to a cross-site scripting attack that could allow arbitrary JavaScript code execution.

 
  Gentoo: zlib Buffer overflow
  22nd, July, 2005

zlib is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.

 
  Gentoo: Shorewall Security policy bypass
  22nd, July, 2005

A vulnerability in Shorewall allows clients authenticated by MAC address filtering to bypass all other security rules.

 
   Red
Hat
  RedHat: Important: firefox security update
  21st, July, 2005

An
updated firefox package that fixes various security bugs is now
available for Red Hat Enterprise Linux 4. This update has been rated as
having important security impact by the Red
Hat Security Response Team.

 
  RedHat: Low: cpio security update
  21st, July, 2005

An
updated cpio package that fixes multiple issues is now available. This
update has been rated as having low security impact by the Red Hat
Security Response Team.

 
  RedHat: Important: zlib security update
  21st, July, 2005

Updated
zlib packages that fix a buffer overflow are now available for Red Hat
Enterprise Linux 4. This update has been rated as having important
security impact by the Red Hat Security Response Team.

 
  RedHat: Important: thunderbird security update
  21st, July, 2005

Updated
thunderbird package that fixes various bugs is now available for Red
Hat Enterprise Linux 4. This update has been rated as having important
security impact by the Red Hat Security Response Team.

 
  RedHat: Critical: kdenetwork security update
  21st, July, 2005

Updated
kdenetwork packages to correct a security flaw in Kopete are now
available for Red Hat Enterprise Linux 4. This update has been rated as
having critical security impact by the Red
Hat Security Response Team.

 
  RedHat: Important: mozilla security update
  22nd, July, 2005

Updated
mozilla packages that fix various security issues are now available.
This update has been rated as having important security impact by the
Red
Hat Security Response Team.