D. Thomas
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for pine, samba, python, sendmail,
kernel, and mod_php. The distributors include Conectiva, Debian,
Guardian Digital’s EnGarde Secure Linux, Mandrake, Red Hat, Slackware,
SuSE, and Trustix.
LinuxSecurity Feature Extras:
Security:
MySQL and PHP (3 of 3) – This is the third installation of a 3
part article on LAMP (Linux Apache MySQL PHP). In order to safeguard a
MySQL server to the basic level, one has to abide by the following guidelines.
FEATURE:
Security: Physical and Service (1 of 3) – The first installation
of a 3 part article covering everything from physical security and service
security to LAMP security (Linux Apache MySQL PHP).
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
| Package: | pine |
| Date: | 11-22-2002 |
| Description: | It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium’s Restricted Shell (SMRSH) and execute a binary of his choosing by inserting a special character sequence into his .forward file. SMRSH is an application intended as a replacement for sh for use in Sendmail. |
| Vendor Alerts: | SuSE:
EnGarde:
|
| Package: | samba |
| Date: | 11-22-2002 |
| Description: | Steve Langasek found an exploitable bug in the password handling code in samba: when converting from DOS code-page to little endian UCS2 unicode a buffer length was not checked and a buffer could be overflowed. There is no known exploit for this, but an upgrade is strongly recommended. |
| Vendor Alerts: |
|
| Package: | python |
| Date: | 11-25-2002 |
| Description: | A vulnerability was discovered in python by Zack Weinberg in the way that the execvpe() method from the os.py module uses a temporary file name. The file is created in an unsafe manner and execvpe() tries to execute it, which can be used by a local attacker to execute arbitrary code with the privilege of the user running the python code that is using this method. |
| Vendor Alerts: | Mandrake:
|
| Package: | sendmail |
| Date: | 11-22-2002 |
| Description: | It is possible for an attacker to bypass the restrictions imposed by The Sendmail Consortium’s Restricted Shell (SMRSH) and execute a binary of his choosing by inserting a special character sequence into his .forward file. SMRSH is an application intended as a replacement for sh for use in Sendmail. |
| Vendor Alerts: | Caldera:
|
| Package: | EnGarde kernel |
| Date: | 11-22-2002 |
| Description: | Solar Designer kindly pointed out to us that our last kernel update (ESA-20021022-026) was incomplete because 2.2.22-rc1 did not contain all the critical security fixes. This update backports the remaining fixes. |
| Vendor Alerts: | EnGarde:
|
| Package: | Red Hat kernel |
| Date: | 11-25-2002 |
| Description: | The Linux kernel handles the basic functions of the operating system. A vulnerability in the Linux kernel has been discovered in which a non-root user can cause the machine to freeze. This kernel addresses the vulnerability. |
| Vendor Alerts: | Red Hat:
|
| Package: | mod_php |
| Date: | 11-22-2002 |
| Description: | This update upgrades PHP in EnGarde 1.0.1, 1.1, and 1.2 to version 4.2.3. This update also fixes a recent vulnerability where a script could bypass safe mode restrictions. |
| Vendor Alerts: | EnGarde:
|
