Author: Preston St. Pierre
Squid, PostgreSQL, Ghostscript, glibc, CUPS, mod_ssl, mozilla, cvs, gaim, wxGTK2,
squid, wxGTK2, xpdf, gpdf, kdegraphics, ImageMagick, and mysql. The distributors
include Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, SuSE, and Trustix.xlock and vlock
If you wander away from your machine from time to time, it is nice
to be able to “lock” your console so that no one tampers with or looks
at your work. Two programs that do this are: xlock and vlock.
Xlock is a X display locker. It should be included in any Linux
distributions that support X. Check out the man page for it for more
options, but in general you can run xlock from any xterm on your console
and it will lock the display and require your password to unlock.
vlock is a simple little program that allows you to lock some or all of
the virtual consoles on your Linux box. You can lock just the one you
are working in or all of them. If you just lock one, others can come in
and use the console, they will just not be able to use your virtual TTY
until you unlock it. vlock ships with Red Hat Linux, but your mileage may
vary.
Of course locking your console will prevent someone from tampering with
your work, but does not prevent them from rebooting your machine or
otherwise disrupting your work. It also does not prevent them from
accessing your machine from another machine on the network and causing
problems.
More importantly, it does not prevent someone from switching out of the X
Window System entirely, and going to a normal virtual console login prompt,
or to the VC that X11 was started from, and suspending it, thus obtaining
your privileges. For this reason, you might consider only using it while
under control of xdm. At the very least, start X in the background, and
log out of the console
Excerpt from the LinuxSecurity Administrator’s Guide:
http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide.html
Written by: Dave Wreski (dave@guardiandigital.com)
LinuxSecurity.com
Feature Extras:
Mass
deploying Osiris – Osiris is a centralized file-integrity program
that uses a client/server architecture to check for changes on a system. A central
server maintains the file-integrity database and configuration for a client
and at a specified time, sends the configuration file over to the client, runs
a scan and sends the results back to the server to compare any changes. Those
changes are then sent via email, if configured, to a system admin or group of
people. The communication is all done over an encrypted communication channel.
AIDE
and CHKROOTKIT -Network security is continuing to be a big problem
for companies and home users. The problem can be resolved with an accurate security
analysis. In this article I show how to approach security using aide and chkrootkit.
An
Interview with Gary McGraw, Co-author of Exploiting Software: How to Break Code
– Gary McGraw is perhaps best known for his groundbreaking work on securing
software, having co-authored the classic Building Secure Software (Addison-Wesley,
2002). More recently, he has co-written with Greg Hoglund a companion volume,
Exploiting Software, which details software security from the vantage point
of the other side, the attacker. He has graciously agreed to share some of his
insights with all of us at LinuxSecurity.com.
[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch is
a comprehensive newsletter that outlines the security vulnerabilities that have
been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.[
Subscribe
| Distribution: | Conectiva | ||
| 10/18/2004 | gtk+ image loading vulnerabilities fix | ||
|
A vulnerability found in the gdk-pixbuf bmp loader could allow a specially crafted BMP image to hang applications in an infinite loop (CAN-2004-0753[2]). http://www.linuxsecurity.com/advisories/conectiva_advisory-4965.html |
|||
| Distribution: | Debian | ||
| 10/15/2004 | libtiff | ||
|
remote code execution fix
Several problems have been discovered in libtiff, the Tag Image File Format library for processing TIFF graphics files. An attacker could prepare a specially crafted TIFF graphic that would cause the client to execute arbitrary code or crash. |
|||
| 10/16/2004 | cyrus-sasl-mit arbitrary code execution fix | ||
|
remote code execution fix
A vulnerability has been discovered in the Cyrus implementation of the SASL library, the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. |
|||
| 10/18/2004 | netkit-telnet-ssl denial of service fix | ||
|
remote code execution fix
Michal Zalewski discovered a bug in the netkit-telnet server (telnetd) whereby a remote attacker could cause the telnetd process to free an invalid pointer. |
|||
| 10/18/2004 | netkit-telnet denial of service real fix | ||
|
remote code execution fix
Michal Zalewski discovered a bug in the netkit-telnet server (telnetd) whereby a remote attacker could cause the telnetd process to free an invalid pointer. |
|||
| 10/20/2004 | libpng | ||
|
several vulnerabilities fix
Several integer overflows have been discovered by its upstream developers in libpng, a commonly used library to display PNG graphics. They could be exploited to cause arbitrary code to be executed when a specially crafted PNG image is processed. |
|||
| 10/20/2004 | libpng3 | ||
|
several vulnerabilities fix
Several integer overflows have been discovered by its upstream developers in libpng, a commonly used library to display PNG graphics. They could be exploited to cause arbitrary code to be executed when a specially crafted PNG image is processed. |
|||
| 10/21/2004 | ecartis | ||
|
unauthorised access to admin interface fix
A problem has been discovered in ecartis, a mailing-list manager, which allows an attacker in the same domain as the list admin to gain administrator privileges and alter list settings. |
|||
| 10/21/2004 | cupsys | ||
|
arbitrary code execution fix
Chris Evans discovered several integer overflows in xpdf, that are also present in CUPS, the Common UNIX Printing System, which can be exploited remotely by a specially crafted PDF document. |
|||
| Distribution: | Fedora | ||
| 10/15/2004 | gimp-2.0.5-0.fc2.3 update | ||
|
arbitrary code execution fix
A brown paper bag release — I missed that 1bpp and 24bpp are also valid for BMP. |
|||
| 10/18/2004 | glib2-2.4.7-1.1 update | ||
|
arbitrary code execution fix
Glib 2.4.7 contains many bug fixes, notably a fix for bug 126666. |
|||
| 10/18/2004 | gtk2-2.4.13-2.1 update | ||
|
arbitrary code execution fix
GTK+ 2.4.13 contains many bug fixes, with an emphasis on making the new file chooser work better. |
|||
| 10/21/2004 | tzdata-2004e-1.fc2 update | ||
|
arbitrary code execution fix
Previous tzdata-2004e-1.fc2 announcement from 2004-10-12 had wrong md5sums (before signing). |
|||
| 10/21/2004 | xpdf-3.00-3.4 update | ||
|
arbitrary code execution fix
Chris Evans and others discovered a number of integer overflow bugs that affected all versions of xpdf. An attacker could construct a carefully crafted PDF file that could cause xpdf to crash or possibly execute arbitrary code when opened. |
|||
| 10/21/2004 | openoffice.org-1.1.2-10.fc2 update | ||
|
arbitrary code execution fix
This update is equivalent to the Fedora Core 3 version of OpenOffice.org. The changes since the previous version of OpenOffice.org in Fedora Core 2 are too numerous to list here, but there are quite a few notable improvements. |
|||
| Distribution: | Gentoo | ||
| 10/15/2004 | BNC | ||
|
Input validation flaw
BNC contains an input validation flaw which might allow a remote attacker to issue arbitrary IRC related commands. |
|||
| 10/18/2004 | phpMyAdmin | ||
|
Vulnerability in MIME-based transformation system
A vulnerability has been found in the MIME-based transformation system of phpMyAdmin, which may allow remote execution of arbitrary commands if PHP’s “safe mode” is disabled. |
|||
| 10/18/2004 | Squid | ||
|
Remote DoS vulnerability
Squid contains a vulnerability in the SNMP module which may lead to a denial of service. |
|||
| 10/18/2004 | PostgreSQL | ||
|
Insecure temporary file use in make_oidjoins_check
The make_oidjoins_check script, part of the PostgreSQL package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility. |
|||
| 10/20/2004 | OpenOffice.org Temporary files disclosure | ||
|
Insecure temporary file use in make_oidjoins_check
OpenOffice.org uses insecure temporary files which could allow a malicious local user to gain knowledge of sensitive information from other users’ documents. |
|||
| 10/20/2004 | Ghostscript | ||
|
Insecure temporary file use in multiple scripts
Multiple scripts in the Ghostscript package are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the script. |
|||
| 10/21/2004 | glibc | ||
|
Insecure tempfile handling in catchsegv script
The catchsegv script in the glibc package is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the script. |
|||
| 10/21/2004 | CUPS | ||
|
Multiple integer overflows
Multiple integer overflows were discovered in Xpdf, potentially resulting in execution of arbitrary code upon viewing a malicious PDF file. CUPS includes Xpdf code and therefore is vulnerable to the same issues. |
|||
| 10/21/2004 | mod_ssl | ||
|
Bypass of SSLCipherSuite directive
In certain configurations, it can be possible to bypass restrictions set by the “SSLCipherSuite” directive of mod_ssl. |
|||
| Distribution: | Mandrake | ||
| 10/20/2004 | mozilla | ||
|
update fix
A number of vulnerabilities were fixed in mozilla 1.7.3. |
|||
| 10/20/2004 | libtiff | ||
|
update fix
Several vulnerabilities have been discovered in the libtiff package. |
|||
| 10/20/2004 | cvs | ||
|
update fix
iDEFENSE discovered a flaw in CVS versions prior to 1.1.17 in an undocumented switch implemented in CVS’ history command. The -X switch specifies the name of the history file which allows an attacker to determine whether arbitrary system files and directories exist and whether or not the CVS process has access to them. |
|||
| 10/20/2004 | libtiff | ||
|
multiple vulnerabilities fix
Several vulnerabilities have been discovered in the libtiff package. |
|||
| 10/21/2004 | cvs | ||
|
vulnerability fix
iDEFENSE discovered a flaw in CVS versions prior to 1.1.17 in an undocumented switch implemented in CVS’ history command. The -X switch specifies the name of the history file which allows an attacker to determine whether arbitrary system files and directories exist and whether or not the CVS process has access to them. |
|||
| 10/21/2004 | mozilla | ||
|
vulnerabilities fix
A number of vulnerabilities were fixed in mozilla 1.7.3. |
|||
| 10/21/2004 | gaim | ||
|
vulnerabilities fix
More vulnerabilities in gaim include nstalling smiley themes could allow remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. There is also a buffer overflow in the way gaim handles receiving very long URLs. |
|||
| 10/21/2004 | wxGTK2 | ||
|
vulnerabilities fix
Several vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities. |
|||
| 10/21/2004 | squid | ||
|
SNMP processing vulnerability fix
iDEFENSE discovered a Denial of Service vulnerability in squid version 2.5.STABLE6 and previous. The problem is due to an ASN1 parsing error where certain header length combinations can slip through the validations performed by the ASN1 parser, leading to the server assuming there is heap corruption or some other exceptional condition, and closing all current connections then restarting. |
|||
| 10/21/2004 | wxGTK2 | ||
|
vulnerabilities fix
Several vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities. |
|||
| 10/21/2004 | gaim | ||
|
vulnerabilities fix
More vulnerabilities have been discovered in the gaim instant messenger client. |
|||
| 10/22/2004 | xpdf | ||
|
vulnerabilities fix
Chris Evans discovered numerous vulnerabilities in the xpdf package which can result in DOS or possibly arbitrary code execution. |
|||
| 10/22/2004 | gpdf | ||
|
DoS vulnerability fix
Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as gpdf. |
|||
| 10/22/2004 | cups | ||
|
DoS vulnerabilities fix
Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code. |
|||
| 10/22/2004 | kdegraphics | ||
|
DoS vulnerability fix
Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as kpdf. |
|||
| Distribution: | Red Hat | ||
| 10/20/2004 | ImageMagick | ||
|
security vulnerabilities fix
Updated ImageMagick packages that fix various security vulnerabilities are now available. |
|||
| 10/20/2004 | mysql | ||
|
minor security issues and bugs fix
Updated mysql packages that fix various temporary file security issues, as well as a number of bugs, are now available. |
|||
| 10/20/2004 | squid | ||
|
vulnerability fix
An updated squid package that fixes a remote denial of service vulnerability is now avaliable. |
|||
| 10/20/2004 | mysql | ||
|
security issues and bugs fixes
Updated mysql packages that fix various security issues, as well as a number of bugs, are now available for Red Hat Enterprise Linux 2.1. |
|||
| 10/20/2004 | gaim | ||
|
security issues and bugs fixes
An updated gaim package that fixes security issues, fixes various bugs, and includes various enhancements for Red Hat Enterprise Linux 3 is now avaliable. |
|||
| Distribution: | Suse | ||
| 10/21/2004 | kernel | ||
|
remote denial of service
An integer underflow problem in the iptables firewall logging rules can allow a remote attacker to crash the machine by using a handcrafted IP packet. This attack is only possible with firewalling enabled. |
|||
| Distribution: | Trustix | ||
| 10/15/2004 | libtiff, mysql, squid, cyrus-sasl Multiple security vulnerabilities | ||
|
remote denial of service
Multiple security vulnerabilities in mysql, squid, cyrus-sasl and libtiff. |
|||
