Thomas –
This week, advisories were released for bugzilla, lv, mysql, sendmail, bitchx,
PHP, gnupg, cdrtools, xinetd, fileutils, lpr, epic4, glibc, mod_ssl, and quotacheck.
The distributors include Conectiva, Debian, Guardian Digital, Gentoo, Immunix,
Mandrake, OpenPKG, RedHat, and Slackware. There were not any advisories that
particularly caught my attention. Perhaps the most serious are lpr, cdrecord,
and lv, all of which may result in a local root compromise. If you are using
these packages, they should be updated immediately.
Many of you probably have experience in general network security. Also, many
of you have probably worked with wireless equipment. In the last three years
I’ve seen hundreds of articles and whitepapers on how to improve the security
of wireless networks. Each paper usually falls into two categories. First, I
have found that about 80% of the papers are too broad and do not provide any
useful information. The other 20% of articles/whitepapers are helpful in that
they focus on specific issues.
Recently, I had the opportunity to read the O’Reilly book, 802.11
Security. It was written by Bruce Potter and Bob Fleck and published
early this year. If you are looking for a overall source for 802.11 security,
I highly recommend this book. Although it is only 176 pages long, it is cram-packed
with information. Like all O’Reilly books, it is suitable and interesting enough
to read from cover to cover or can be easily used as a reference.
The book begins with an introduction to wireless networking and quickly moves
into explaining types of attacks and potential risks. The second part book focuses
on locking down five types of wireless workstations. It includes specific chapters
that cover FreeBSD, Linux, OpenBSD, OS X, and Windows. Next, it covers aspects
pertaining to access point security and provides guidance on how to build a
Linux, FreeBSD, or OpenBSD gateway. The book concludes with a chapter on authentication
and encryption, and a chapter that discusses several wireless networking issues
and predicts what the future will hold. Although no one can claim that this
book is fully comprehensive, it does provide enough information to get started.
Some of you will probably be looking for more detailed information, while others
will think that it is the perfect dose. Once again, if you are looking for a
general book on 802.11 security, take a look at what O’Reilly has to offer.
Until next time,
Benjamin D. Thomas
ben@linuxsecurity.com
LinuxSecurity Feature Extras:
Intrusion Detection Systems: An Introduction
Intrusion Detection is the process and methodology of inspecting data for
malicious, inaccurate or anomalous activity. At the most basic levels there
are two forms of Intrusion Detection Systems that you will encounter: Host
and Network based.At the RealWorld Linux Expo in Toronto, Guardian
Digital launched the next generation of the Community edition of EnGarde Secure
Linux – the secure and easy to manage system for building a complete Internet
presence while protecting your information assets. Download
the FREE trial today![ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch is a comprehensive newsletter that outlines the security
vulnerabilities that have been announced throughout the week. It includes pointers
to updated packages and descriptions of each vulnerability.
[ Subscribe
]
| Distribution: | Conectiva | ||
| 5/22/2003 | bugzilla | ||
| multiple vulnerabilities
There are multiple vulnerabilities in bugzilla. |
|||
| Distribution: | Debian | ||
| 5/16/2003 | lv | ||
| privilege escalation vulnerability
lv reads options from a configuration file in the current directory. Because |
|||
| 5/16/2003 | mysql | ||
| privilege escalation vulnerability
There are multiple vulnerabilities in the mysql package. |
|||
| 5/16/2003 | sendmail | ||
| insecure tmp file vulnerability
aul Szabo discovered bugs in three scripts included in the sendmail package |
|||
| 5/19/2003 | bitchx | ||
| multiple vulnerabilities
Timo Sirainen discovered several overflow problems in BitchX. |
|||
| Distribution: | EnGarde | ||
| 5/20/2003 | ‘swatch’ incorrect value in default configuration | ||
| multiple vulnerabilities
A bug was recently discovered in the default configuration of the daily |
|||
| 5/21/2003 | PHP | ||
| debugging and PEAR fixes
This update disables debugging and enables support for PEAR in EnGarde’s |
|||
| Distribution: | Gentoo | ||
| 5/16/2003 | gnupg | ||
| key validation bug
As part of the development of GnuPG 1.2.2, a bug was discovered in the key |
|||
| 5/16/2003 | ut2003-demo passive DOS exploit | ||
| key validation bug
There is a negative sign bug in the unreal tournement engine. |
|||
| 5/18/2003 | cdrtools | ||
| privilege escalation vulnerability
Incorrect link fixed. A vulnerability in cdrecord that could lead to a root |
|||
| 5/19/2003 | lv | ||
| arbitrary command execution vulnerability
Previous versions of lv read the file .lv in the current directory. Becuse |
|||
| 5/19/2003 | xinetd | ||
| denial of service vulnerability
Steve Stubb has discovered that xinetd leaks 144 bytes for every connection |
|||
| Distribution: | Immunix | ||
| 5/16/2003 | fileutils | ||
| race condition vulnerability
Steve Stubb has discovered that xinetd leaks 144 bytes for every connection |
|||
| Distribution: | Mandrake | ||
| 5/22/2003 | cdrecord | ||
| privilege escalation vulnaerbility
A vulnerability in cdrecord was discovered that can be used to obtain root |
|||
| 5/22/2003 | lpr | ||
| buffer overflow vulnerability
A buffer overflow was discovered in the lpr printer spooling system that |
|||
| Distribution: | OpenPKG | ||
| 5/16/2003 | gnupg | ||
| incorrect key validation vulnerability
The GNU Privacy Guard (GnuPG) development team discovered that the key validation |
|||
| Distribution: | RedHat | ||
| 5/16/2003 | lv | ||
| privilege escalation vulnerability
A bug has been found in versions of lv that read a .lv file in the current |
|||
| 5/21/2003 | gnupg | ||
| key validation bug
Updated gnupg packages correcting a bug in the GnuPG key validation functions |
|||
| Distribution: | Slackware | ||
| 5/22/2003 | epic4 | ||
| multiple vulnerabilities
New EPIC4 packages are available to fix security problems found by Timo |
|||
| 5/22/2003 | bitchx | ||
| multiple vulnerabilities
Timo Sirainen discovered several overflow problems in BitchX. |
|||
| 5/22/2003 | glibc | ||
| buffer overflow vulnerability
An integer overflow in the xdrmem_getbytes() function found in the glibc |
|||
| 5/22/2003 | gnupg | ||
| key validation bug
A key validation bug which results in all user IDs on a given key being |
|||
| 5/22/2003 | mod_ssl | ||
| timing based attack vulnerability
This version provides RSA blinding by default which prevents an extended |
|||
| 5/22/2003 | quotacheck | ||
| vulnerability
An upgraded sysvinit package is available which fixes a problem with the |
|||
Category:
- Security
