Linux Advisory Watch - March 21st, 2003

– By Benjamin D.
Thomas –

This week, advisories were released for kde, openssl, tcpdump, samba, netpbm-free,
lxr, kernel, libc, qpopper, man, mysql, rxvt, zlib, gnome-lokkit, and libc.
The distributors include, Caldera, Debian, Guardian Digital’s EnGarde Secure
Linux, Gentoo, Mandrake, Red Hat, Slackware, SuSE, and Trustix.

LinuxSecurity Feature Extras:

Get
out of a BIND – install DJBDNS– DJBDNS eases DNS management and
improves security over BIND alternatives by taking a different approach
to serving and caching DNS answers.

Remote
Syslog with MySQL and PHP – Msyslog has the ability to log syslog
messages to a database. This allows for easier monitoring of multiple servers
and the ability to be display and search for syslog messages using PHP
or any other programming language that can communicate with the database.by
that, too.

[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]

The Linux Advisory Watch newsletter is developed by the community of
volunteers at LinuxSecurity.com
and sponsored by Guardian Digital, Inc., the open
source security company.

Package:	KDE
Date:	03-17-2003
Description:	The implementation of the rlogin protocol in all of the affected systems, and the implementation of the telnet protocol in affected KDE 2 systems.
Vendor Alerts:	Caldera: kdelibs2-2.2.1-6.3.i386.rpm 8129d823e229783c726199a844318eee ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/ Server/CSSA-2003-012.0/RPMS Caldera Vendor Advisory: http://www.linuxsecurity.com/advisories/caldera_advisory-2964.html

Package:	openssl
Date:	03-19-2003
Description:	The xdrmem_getbytes() function in the XDR library provided by Sun Microsystems contains an integer overflow that can lead to improperly sized dynamic memory allocation.
Vendor Alerts:	Caldera: glibc-2.2.4-26.i386.rpm 22c6bf3a5dc5423c57eea99f7fef610d ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/ Server/CSSA-2003-012.0/RPMS Caldera Vendor Advisory: http://www.linuxsecurity.com/advisories/caldera_advisory-3012.html EnGarde: EnGarde Vendor Advisory: http://www.linuxsecurity.com/advisories/engarde_advisory-3009.html Gentoo: Gentoo Vendor Advisory: http://www.linuxsecurity.com/advisories/gentoo_advisory-3013.html Trustix: Trustix Vendor Advisory: http://www.linuxsecurity.com/advisories/trustix_advisory-2991.html

Package:	tcpdump
Date:	03-19-2003
Description:	An attacker is able to send a specially crafted RADIUS network packet which causes tcpdump to enter an infinite loop.
Vendor Alerts:	Debian: http://security.debian.org/pool/updates/main/t/ tcpdump/tcpdump_3.6.2-2.4_i386.deb Size/MD5 checksum: 169580 ff9e64004901cb5b00bf0cb213451e76 Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-2960.html Trustix: Trustix Vendor Advisory: http://www.linuxsecurity.com/advisories/trustix_advisory-2972.html

Package:	samba
Date:	03-19-2003
Description:	A buffer overflow and race condition vulnerabilities have been fixed. These vulnerabilities may lead to remote root compromise.
Vendor Alerts:	Debian: PLEASE SEE VENDOR ADVISORY FOR UPDATE Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-2961.html Gentoo: Gentoo Vendor Advisory: http://www.linuxsecurity.com/advisories/gentoo_advisory-2965.html Mandrake: Mandrake Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-2963.html Slackware: Slackware Vendor Advisory: http://www.linuxsecurity.com/advisories/slackware_advisory-2962.html SuSE: SuSE Vendor Advisory: http://www.linuxsecurity.com/advisories/suse_advisory-3000.html Red Hat: Red Hat Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-3001.html Trustix: Trustix Vendor Advisory: http://www.linuxsecurity.com/advisories/trustix_advisory-2992.html

Package:	netpbm-free
Date:	03-17-2003
Description:	These vulnerabilities may allow remote attackers to cause a denial of service or execute arbitrary code.
Vendor Alerts:	Debian: PLEASE SEE VENDOR ADVISORY FOR UPDATE Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-2968.html

Package:	lxr
Date:	03-19-2003
Description:	There is a vulnerability that allows a remote attacker to read arbitrary files on the host system as user www-data.
Vendor Alerts:	Debian: http://security.debian.org/pool/updates/main/l/lxr/lxr_0.3-3_i386.deb Size/MD5 checksum: 25922 b0e19c5aaf6930b9e88d1a2dd0e4828e Debian Vendor Advisory: http://www.linuxsecurity.com/advisories/debian_advisory-3003.html

Package:	kernel
Date:	03-18-2003
Description:	This update fixes several vulnerabilities in the Linux kernel
Vendor Alerts:	EnGarde: ftp://ftp.engardelinux.org/pub/engarde/stable/updates/ i386/kernel-2.2.19-1.0.30.i386.rpm MD5 Sum: 9a16886321cc19365ea1a7d27d927b83 i386/kernel-lids-mods-2.2.19-1.0.30.i386.rpm MD5 Sum: 784e3abd25e27db6036bd7638ac22ef6 i386/kernel-smp-lids-mods-2.2.19-1.0.30.i386.rpm MD5 Sum: 42a9c7d7b5879e061d59d1008011dab7 i386/kernel-smp-mods-2.2.19-1.0.30.i386.rpm MD5 Sum: 64b89dcd411abdd455bbb55539a29df6 i686/kernel-2.2.19-1.0.30.i686.rpm MD5 Sum: af21a043fcde3004ad645ca4bb26117e i686/kernel-lids-mods-2.2.19-1.0.30.i686.rpm MD5 Sum: 8f90859a9313f731c710247e27915a42 i686/kernel-smp-lids-mods-2.2.19-1.0.30.i686.rpm MD5 Sum: 74ff5e04d89e9a5b60d79f3fc0491034 i686/kernel-smp-mods-2.2.19-1.0.30.i686.rpm MD5 Sum: 1fa7cffecc2fd417713f67c4bb19da90 EnGarde Vendor Advisory: http://www.linuxsecurity.com/advisories/engarde_advisory-2976.html Red Hat: Red Hat Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-3016.html Trustix: Trustix Vendor Advisory: http://www.linuxsecurity.com/advisories/trustix_advisory-2973.html

Package:	libc
Date:	03-20-2003
Description:	The xdrmem XDR stream object does incorrect bounds-checking.
Vendor Alerts:	FreeBSD: PLEASE SEE VENDOR ADVISORY FOR UPDATE FreeBSD Vendor Advisory: http://www.linuxsecurity.com/advisories/freebsd_advisory-3022.html

Package:	qpopper
Date:	03-20-2003
Description:	Under certain conditions it is possible to execute arbitrary code using a buffer overflow in the recent qpopper.
Vendor Alerts:	Gentoo: PLEASE SEE VENDOR ADVISORY FOR UPDATE Gentoo Vendor Advisory: http://www.linuxsecurity.com/advisories/gentoo_advisory-2966.html

Package:	man
Date:	03-20-2003
Description:	man 1.5l fixes a bug which results in arbitrary code execution upon reading a specially formatted man file.
Vendor Alerts:	Gentoo: PLEASE SEE VENDOR ADVISORY FOR UPDATE Gentoo Vendor Advisory: http://www.linuxsecurity.com/advisories/gentoo_advisory-2995.html Trustix: Trustix Vendor Advisory: http://www.linuxsecurity.com/advisories/trustix_advisory-2989.html

Package:	mysql
Date:	03-20-2003
Description:	MySQL will no longer read config files that are world-writeable.
Vendor Alerts:	Gentoo: PLEASE SEE VENDOR ADVISORY FOR UPDATE Gentoo Vendor Advisory: http://www.linuxsecurity.com/advisories/gentoo_advisory-2996.html Trustix: Trustix Vendor Advisory: http://www.linuxsecurity.com/advisories/trustix_advisory-2990.html

Package:	rxvt
Date:	03-20-2003
Description:	Many of the features supported by popular terminal emulator software can be abused when un-trusted data is displayed on the screen. The impact of this abuse can range from annoying screen garbage to a complete system compromise. All of the issues below are actually documented features, anyone who takes the time to read over the man pages or source code could use them to carry out an attack.
Vendor Alerts:	Gentoo: PLEASE SEE VENDOR ADVISORY FOR UPDATE Gentoo Vendor Advisory: http://www.linuxsecurity.com/advisories/gentoo_advisory-3014.html Red Hat: Red Hat Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-2969.html

Package:	zlib
Date:	03-18-2003
Description:	Richard Kettlewell discovered a buffer overflow vulnerability in the zlib library’s gzprintf() function.
Vendor Alerts:	Mandrake: PLEASE SEE VENDOR ADVISORY FOR UPDATE Mandrake Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-3002.html

Package:	gnome-lokkit
Date:	03-17-2003
Description:	Updated Gnome-lokkit packages fix missing FORWARD ruleset in Red Hat Linux 8.0.
Vendor Alerts:	Red Hat: ftp://updates.redhat.com/8.0/en/os/i386/ gnome-lokkit-0.50-21.8.0.i386.rpm 01f42937db89e8afb3f30a704e52ca7f ftp://updates.redhat.com/8.0/en/os/i386/ lokkit-0.50-21.8.0.i386.rpm 0f80d90d4766f04eef08928b33b6a25e Red Hat Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-2967.html

Package:	glibc
Date:	03-17-2003
Description:	Updated glibc packages are available to fix an integer overflow in the XDR decoder.
Vendor Alerts:	Red Hat: PLEASE SEE VENDOR ADVISORY FOR UPDATE Red Hat Vendor Advisory: http://www.linuxsecurity.com/advisories/redhat_advisory-3015.html

RELATED ARTICLESMORE FROM AUTHOR

Xen 4.19 is released

Advancing Xen on RISC-V: key updates

AI Produces Data-driven OpenFOAM Speedup (HPC Wire)

Delivering Prime Training Deals – 2 DAYS ONLY

Why You Need to Know About Event Modeling: —An Intro

RELATED ARTICLES MORE FROM AUTHOR