Linux Advisory Watch – September 23, 2005

36

Author: Benjamin D. Thomas

This week, advisories were released for turqstat, centericq, lm-sensors, kdebase,
python, XFree86, Mailutils, Shorewall, mozilla, mod_ssl, clam, mod_ssl, Zebedee,
umount, squid, and mod_ssl. The distributors include Debian, Fedora, Gentoo,
and Red Hat.Security Basics

In the ever-changing world of global data communications, inexpensive Internet
connections, and fast-paced software development, security is becoming more
and more of an issue. Security is now a basic requirement because global computing
is inherently insecure. As your data goes from point A to point B on the Internet,
for example, it may pass through several other points along the way, giving
other users the opportunity to intercept, and even alter, your data. Even other
users on your system may maliciously transform your data into something you
did not intend. Unauthorized access to your system may be obtained by intruders,
also known as “crackers”, who then use advanced knowledge to impersonate you,
steal information from you, or even deny you access to your own resources. If
you’re still wondering what the difference is between a “Hacker” and a “Cracker”,
see Eric Raymond’s document, “How to Become A Hacker”, available at: http://www.catb.org/~esr/faqs/hacker-howto.html

How Vulnerable Are We?

While it is difficult to determine just how vulnerable a particular system
is, there are several indications we can use:

  • The Computer Emergency Response Team consistently reports an increase in
    computer vulnerabilities and exploits.
  • TCP and UDP, the protocols that comprise the Internet, were not written
    with security as their first priority when it was created more than 30 years
    ago.
  • A version of software on one host has the same vulnerabilities as the same
    version of software on another host. Using this information, an intruder can
    exploit multiple systems using the same attack method.
  • Many administrators don’t even take simple security measures necessary to
    protect their site, or don’t understand the ramifications of implementing
    some services. Many administrators are not given the additional time necessary
    to integrate the necessary security measures.

Excerpt from the LinuxSecurity Administrator’s Guide:
http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide.html
Written by: Dave Wreski (dave@guardiandigital.com)


  Debian: New turqstat packages fix buffer overflow
  15th, September, 2005

Updated package.

 
  Debian: New centericq packages fix several vulnerabilities
  15th, September, 2005

Updated package.

 
  Debian: New lm-sensors packages fix insecure temporary file
  15th, September, 2005

Updated package.

 
  Debian: New kdebase packages fix local root vulnerability
  16th, September, 2005

Updated package.

 
  Debian: New python2.2 packages fix arbitrary code execution
  22nd, September, 2005

Updated package.

 
  Debian: New XFree86 packages fix arbitrary code execution
  22nd, September, 2005

Updated package.

 
  Fedora Core 4 Update: dia-0.94-12.fc4
 

16th, September, 2005

Updated package.

 
  Fedora Core 4 Update: qt-3.3.4-15.4
  16th, September, 2005

Updated package.

 
  Gentoo: Py2Play Remote execution of arbitrary Python
  17th, September, 2005

A design error in Py2Play allows attackers to execute arbitrary code.

 
  Gentoo: Mailutils Format string vulnerability in imap4d
  17th, September, 2005

The imap4d server contains a vulnerability allowing an authenticated user to execute arbitrary code with the privileges of the imap4d process.

 
  Gentoo: Shorewall Security policy bypass
  17th, September, 2005

A vulnerability in Shorewall allows clients authenticated by MAC address filtering to bypass all other security rules.

 
  Gentoo: Mozilla Suite, Mozilla Firefox Buffer overflow
  18th, September, 2005

Mozilla Suite and Firefox are vulnerable to a buffer overflow that might be exploited to execute arbitrary code.

 
  Gentoo: Apache, mod_ssl Multiple vulnerabilities
  19th, September, 2005

mod_ssl and Apache are vulnerable to a restriction bypass and a potential local privilege escalation.

 
  Gentoo: Clam AntiVirus Multiple vulnerabilities
 

19th, September, 2005

Clam AntiVirus is subject to vulnerabilities ranging from Denial of Service to execution of arbitrary code when handling compressed executables.

 
  Gentoo: Apache, mod_ssl Multiple vulnerabilities
  19th, September, 2005

mod_ssl and Apache are vulnerable to a restriction bypass and a potential local privilege escalation.

 
  Gentoo: Shorewall Security policy bypass
  19th, September, 2005

A vulnerability in Shorewall allows clients authenticated by MAC address filtering to bypass all other security rules.

 
  Gentoo: Zebedee Denial of Service vulnerability
  20th, September, 2005

A bug in Zebedee allows a remote attacker to perform a Denial of Service attack.

 
  Gentoo: util-linux umount command validation error
  20th, September, 2005

A command validation error in umount can lead to an escalation of privileges.

 
  RedHat: Important: XFree86 security update
  15th, September, 2005

This update has been rated as having important security impact by the Red Hat Security Response Team.

 
  RedHat: Important: squid security update
  15th, September, 2005

An updated Squid package that fixes security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

 
  RedHat: Important: mod_ssl security update
 

15th, September, 2005

An updated mod_ssl package for Apache that corrects a security issue is now available. This update has been rated as having important security impact by the Red Hat Security Response Team.