Linux Advisory Watch – October 21, 2005

43

Author: Benjamin D. Thomas

This week, advisories were released for Ruby, hylafax, Mozilla, module-assistant,
Lynx, phpMyAdmin, AbiWord, netpbm, gdb, xloadimage, and openldap. The distributors
include Debian, Gentoo, and Red Hat.Local User Security
Dave Wreski

Getting access to a local user account is one of the first things that system
intruders attempt while on their way to exploiting the root account. With lax
local security, they can then “upgrade” their normal user access to root access
using a variety of bugs and poorly setup local services. If you make sure your
local security is tight, then the intruder will have another hurdle to jump.

Local users can also cause a lot of havoc with your system even
(especially) if they really are who they say they are. Providing accounts
to people you don’t know or for whom you have no contact information is
a very bad idea.

You should make sure you provide user accounts with only the minimal
requirements for the task they need to do. If you provide your son
(age 10) with an account, you might want him to only have access to a
word processor or drawing program, but be unable to delete data that
is not his.

Several good rules of thumb when allowing other people legitimate
access to your Linux machine:

  • Give them the minimal amount of privileges they need.
  • Be aware when/where they login from, or should be logging in from.
  • Make sure you remove inactive accounts, which you can determine
    by using the ‘last’ command and/or checking log files for any
    activity by the user.
  • The use of the same userid on all computers and networks is
    advisable to ease account maintenance, and permits easier analysis
    of log data.
  • The creation of group user-id’s should be absolutely prohibited.
    User accounts also provide accountability, and this is not possible
    with group accounts.

Many local user accounts that are used in security compromises have not
been used in months or years. Since no one is using them they, provide the
ideal attack vehicle.

Read more from the Linux Security Howto:
http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/


   Debian
  Debian: New Ruby 1.8 packages fix safety
bypass
  13th, October, 2005

Updated package.
 
  Debian: New hylafax packages fix insecure
temporary files
  13th, October, 2005

Updated package.
 
  Debian: New Mozilla packages fix several
vulnerabilities
  20th, October, 2005

Updated package.
 
  Debian: New module-assistant package
fixes insecure temporary file
  20th, October, 2005

Updated package.
 
   Gentoo
  Gentoo: KOffice, KWord RTF import buffer
overflow
  14th, October, 2005

KOffice and KWord are vulnerable to a buffer overflow in the
RTF importer, potentially resulting in the execution of arbitrary code.
 
  Gentoo: SPE Insecure file permissions
  15th, October, 2005

SPE files are installed with world-writeable permissions, potentially
leading to privilege escalation.
 
  Gentoo: Perl, Qt-UnixODBC, CMake RUNPATH
issues
  17th, October, 2005

Multiple packages suffer from RUNPATH issues that may allow
users in the “portage” group to escalate privileges.
 
  Gentoo: Lynx Buffer overflow in NNTP
processing
  17th, October, 2005

Lynx contains a buffer overflow that may be exploited to execute
arbitrary code.
 
  Gentoo: phpMyAdmin Local file inclusion
vulnerability
  17th, October, 2005

phpMyAdmin contains a local file inclusion vulnerability that
may lead to the execution of arbitrary code.
 
  Gentoo: AbiWord New RTF import buffer
overflows
  20th, October, 2005

AbiWord is vulnerable to an additional set of buffer overflows
during RTF import, making it vulnerable to the execution of arbitrary
code.
 
  Gentoo: Netpbm Buffer overflow in pnmtopng
  20th, October, 2005

The pnmtopng utility, part of the Netpbm tools, contains a vulnerability
which can potentially result in the execution of arbitrary code.
 
   Red
Hat
  RedHat: Moderate: openldap and nss_ldap
security update
  17th, October, 2005

Updated openldap and nss_ldap packages that correct a potential
password disclosure issue are now available. This update has been rated
as having moderate security impact by the Red Hat Security Response Team.
 
  RedHat: Moderate: openldap and nss_ldap
security update
  17th, October, 2005

Updated openldap and nss_ldap packages that correct a potential
password disclosure issue and possible authentication vulnerability are
now available.
 
  RedHat: Critical: lynx security update
  17th, October, 2005

An updated lynx package that corrects a security flaw is now
available. This update has been rated as having critical security impact
by the Red Hat Security Response Team.
 
  RedHat: Moderate: netpbm security update
  18th, October, 2005

Updated netpbm packages that fix a security issue are now available.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
 
  RedHat: Low: gdb security update
  18th, October, 2005

An updated gdb package that fixes minor security issues is now
available. This update has been rated as having low security impact by
the Red Hat Security Response Team.
 
  RedHat: Low: xloadimage security update
  18th, October, 2005

A new xloadimage package that fixes bugs in handling malformed
tiff and pbm/pnm/ppm images, and in handling metacharacters in file names
is now available.