Author: Preston St. Pierre
for syscons, shareutils, netpbm, kdelibs, PHP, samba, kernel, XFree86, samba,
getmail, zlib, mozilla, and squid. The distributors include Debian, Slackware,
SuSE, Trustix, and Turbolinux.Password Cracking
If for some reason your passwd program
is not enforcing non easily guessable passwords, you might want to run a password
cracking program and make sure your users passwords are secure.
Password cracking programs work
on a simple idea. They try every word in the dictionary, and then variations
on those words. They encrypt each one and check it against your encrypted password.
If they get a match they are in. Also, the “dictionary” may include usernames,
Star Trek ships, foreign words, keyboard patterns, etc.
There are a number of programs out
there…the two most notable of which are “Crack” and “John the Ripper”
http://www.false.com/security/john/index.html
They will take up a lot
of your CPU time, but you should be able to tell if an attacker could get in
using them by running them first yourself and notifying users with weak passwords.
Note that an attacker would have to use some other hole first in order to get
your passwd (Unix /etc/passwd) file, but these are more common than you might
think.
Excerpt from the LinuxSecurity Administrator’s Guide:
http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide.html
Written by: Dave Wreski (dave@guardiandigital.com)
LinuxSecurity
Feature Extras:
AIDE
and CHKROOTKIT -Network security is continuing to be a big problem
for companies and home users. The problem can be resolved with an accurate security
analysis. In this article I show how to approach security using aide and chkrootkit.
An
Interview with Gary McGraw, Co-author of Exploiting Software: How to Break Code
– Gary McGraw is perhaps best known for his groundbreaking work on securing
software, having co-authored the classic Building Secure Software (Addison-Wesley,
2002). More recently, he has co-written with Greg Hoglund a companion volume,
Exploiting Software, which details software security from the vantage point
of the other side, the attacker. He has graciously agreed to share some of his
insights with all of us at LinuxSecurity.com.
Security
Expert Dave Wreski Discusses Open Source Security – Dave Wreski,
CEO of Guardian Digital, Inc. and respected author of various hardened security
and Linux publications, talks about how Guardian Digital is changing the face
of IT security today. Guardian Digital is perhaps best known for their hardened
Linux solution EnGarde Secure Linux, touted as the premier secure, open-source
platform for its comprehensive array of general purpose services, such as web,
FTP, email, DNS, IDS, routing, VPN, firewalling, and much more.
[ Linux
Advisory Watch ] – [ Linux
Security Week ] – [ PacketStorm
Archive ] – [ Linux Security
Documentation ]
Linux Advisory Watch is
a comprehensive newsletter that outlines the security vulnerabilities that have
been announced throughout the week. It includes pointers to updated packages
and descriptions of each vulnerability.[
Subscribe
]
Distribution: | Debian | ||
10/2/2004 | netkit-telnet invalid free(3) |
||
Michal Zalewski discovered a bug in the netkit-telnet server (telnetd) whereby |
|||
10/4/2004 | rp-pppoe, pppoe missing privilegue dropping |
||
Max Vozeler discovered a vulnerability in pppoe, the PPP over Ethernet driver |
|||
10/6/2004 | libapache-mod-dav potential denial of service |
||
Julian Reschke reported a problem in mod_dav of Apache 2 in connection with |
|||
10/6/2004 | net-acct insecure temporary file creation |
||
Stefan Nordhausen has identified a local security hole in net-acct, a user-mode |
|||
Distribution: | Fedora | ||
10/5/2004 | cups-1.1.20-11.4 Update |
||
This update fixes an information leakage problem when printing to SMB shares |
|||
Distribution: | FreeBSD | ||
10/4/2004 | syscons | ||
Boundary checking errors in syscons The syscons CONS_SCRSHOT ioctl(2) does insufficient validation of its input |
|||
Distribution: | Gentoo | ||
10/1/2004 | sharutils | ||
Buffer overflows sharutils contains two buffer overflow vulnerabilities that could lead to |
|||
10/4/2004 | netpbm | ||
Multiple temporary file issues Utilities included in old Netpbm versions are vulnerable to multiple temporary |
|||
Distribution: | RedHat | ||
10/4/2004 | kdelibs | ||
and kdebase security issues Updated kdelib and kdebase packages that resolve multiple security issues |
|||
Distribution: | Gentoo | ||
10/5/2004 | NetKit-telnetd buffer overflows in telnet and telnetd |
||
and kdebase security issues Buffer overflows exist in the telnet client and daemon provided by netkit-telnetd, |
|||
10/5/2004 | PHP | ||
Memory disclosure and arbitrary location file upload Two bugs in PHP may allow the disclosure of portions of memory and allow |
|||
Distribution: | Mandrake | ||
10/1/2004 | samba | ||
fix vulnerability
Karol Wiesek discovered a bug in the input validation routines used to convert |
|||
10/5/2004 | kernel | ||
various enhancements New kernels are available for Mandrakelinux 10.0 that fix a few bugs and/or |
|||
Distribution: | Red Hat |
||
10/4/2004 | XFree86 | ||
security issues and bugs Updated XFree86 packages that fix several security flaws in libXpm, as well |
|||
10/4/2004 | samba | ||
security issue Updated samba packages that fix an input validation vulnerability are now |
|||
10/6/2004 | XFree86 | ||
security issues and bugs Updated XFree86 packages that fix several security issues in libXpm, as |
|||
Distribution: | Slackware | ||
10/4/2004 | getmail | ||
security issue New getmail packages are available for Slackware 9.1, 10.0 and -current |
|||
10/4/2004 | zlib | ||
DoS
New zlib packages are available for Slackware 10.0 and -current to fix a |
|||
Distribution: | Suse | ||
10/5/2004 | samba | ||
remote file disclosure The Samba server, which allows to share files and resources via the SMB/CIFS |
|||
10/6/2004 | mozilla | ||
various vulnerabilities During the last months a number of security problems have been fixed in |
|||
Distribution: | Trustix | ||
10/1/2004 | samba | ||
access files outside of defined path A security vulnerability has been located in Samba 2.2.x |
|||
10/1/2004 | mod_php4, hwdata bugfix update |
||
access files outside of defined path This update contains bug fixes and additional features for mod_php4 and |
|||
Distribution: | Turbolinux | ||
10/5/2004 | squid | ||
DoS vulnerability
A vulnerability in the NTLM helpers in squid. The vulnerabilities allow |
|||