Thomas –
This week, advisories were released for sendmail, php, slocate, mhc, eterm,
tcpdump, snort, OpenSSL, tg3, squirrelmail, and im. The distributors include
Conectiva, Debian, FreeBSD, Gentoo, Mandrake, NetBSD, Red Hat, Slackware, SuSE,
and Yellow Dog.
LinuxSecurity Feature Extras:
Get
out of a BIND – install DJBDNS– DJBDNS eases DNS management and
improves security over BIND alternatives by taking a different approach
to serving and caching DNS answers.Remote
Syslog with MySQL and PHP – Msyslog has the ability to log syslog
messages to a database. This allows for easier monitoring of multiple servers
and the ability to be display and search for syslog messages using PHP
or any other programming language that can communicate with the database.by
that, too.
[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
The Linux Advisory Watch newsletter is developed by the community of volunteers
at
by Guardian Digital, Inc., the open
source security company.
| Package: | php |
| Date: | 03-14-2003 |
| Description: | Two vulnerabilities exists in the mail() PHP function. The first one allows execution of any program/script, bypassing the safe_mode restriction. The second one may allow an open-relay if the mail() function is not carefully used in PHP scripts. |
| Vendor Alerts: | Caldera:
|
| Package: | slocate |
| Date: | 03-06-2003 |
| Description: | The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. |
| Vendor Alerts: | Caldera:
|
| Package: | mhc |
| Date: | 02-28-2003 |
| Description: | It has been discovered that adb2mhc from the mhc-utils package. The default temporary directory uses a predictable name. This adds a vulnerability that allows a local attacker to overwrite arbitrary files the users has write permissions for. |
| Vendor Alerts: | Debian:
|
| Package: | eterm |
| Date: | 03-03-2003 |
| Description: | Many of the features supported by popular terminal emulator software can be abused when un-trusted data is displayed on the screen. The impact of this abuse can range from annoying screen garbage to a complete system compromise. All of the issues below are actually documented features, anyone who takes the time to read over the man pages or source code could use them to carry out an attack. |
| Vendor Alerts: | Gentoo:
|
| Package: | tcpdump |
| Date: | 03-05-2003 |
| Description: | A vulnerability exists in the parsing of ISAKMP packets (UDP port 500) that allows an attacker to force TCPDUMP into an infinite loop upon receipt of a specially crafted packet. |
| Vendor Alerts: | Gentoo:
|
| Package: | snort |
| Date: | 03-06-2003 |
| Description: | Remote attackers may exploit the buffer overflow condition to run arbitrary code on a Snort sensor with the privileges of the Snort IDS process, which typically runs as the superuser. The vulnerable preprocessor is enabled by default. It is not necessary to establish an actual connection to a RPC portmapper service to exploit this vulnerability. |
| Vendor Alerts: | Gentoo:
|
| Package: | openssl |
| Date: | 03-06-2003 |
| Description: | Block cipher padding errors and MAC verification errors were handled differently in the SSL/TLS parts of the OpenSSL library. This leaks information in the case of incorrect SSL streams and allows for an adaptive timing attack. |
| Vendor Alerts: | NetBSD:
Red Hat:
|
| Package: | tg3 |
| Date: | 03-06-2003 |
| Description: | Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 are now available that fix a deadlock with the tg3 driver on certain revisions of the Broadcom 570x gigabit ethernet series. |
| Vendor Alerts: | Red Hat:
|
| Package: | squirrelmail |
| Date: | 03-06-2003 |
| Description: | SquirrelMail is a webmail package written in PHP. Two vulnerabilities have been found that affect versions of SquirrelMail shipped with Red Hat Linux 8.0. |
| Vendor Alerts: | Red Hat:
|
| Package: | im |
| Date: | 03-06-2003 |
| Description: | A vulnerability has been discovered by Tatsuya Kinoshita in the way two IM utilities create temporary files. By anticipating the names used to create files and directories stored in /tmp, it may be possible for a local attacker to corrupt or modify data as another user. |
| Vendor Alerts: | Red Hat:
|
Category:
- Security
