Linux Advisory Watch - December 20th 2002

    Date19 Dec 2002
    CategoryForums
    1076
    Posted ByAnthony Pell
    This week, advisories were released for wget, kernel, fetchmail, mysql, openldap, lynx, micq, libpng, squirrelmail, net-snmp, exim, apache, lynx-ssl, perl, and tcpdump.  The distributors include Conectiva, Debian, EnGarde, Gentoo, Mandrake, Red Hat, and Trustix.. . . This week, advisories were released for wget, kernel, fetchmail, mysql, openldap, lynx, micq, libpng, squirrelmail, net-snmp, exim, apache, lynx-ssl, perl, and tcpdump.  The distributors include Conectiva, Debian, EnGarde, Gentoo, Mandrake, Red Hat, and Trustix.
    Concerned about the next threat? EnGarde is the undisputed winner!
    Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing Editor's Choice Award, EnGarde "walked away with our Editor's Choice award thanks to the depth of its security strategy..." Find out what the other Linux vendors are not telling you.
    LinuxSecurity Feature Extras:
    If It Ain't Broke See If It's Fixed - Attackers are still compromising servers with well-known attacks. General awareness can assist the busy administrators and users to protect their systems from these kinds of attacks. SANS provides a list of the Top 20 most common security vulnerabilities, how to identify each, and what can be done to protect   against these vulnerabilities.

    Network Security Audit - "Information for the right people at right time and from anywhere" has been the driving force for providing access to the most of the vital information on the network of an organization over the Internet. This is a simple guide on conducting a network security audit.

    [ Linux Advisory Watch ] - [ Linux Security Week ] - [ PacketStorm Archive ] - [ Linux Security Documentation ]

     

    PackagesVendors
    wgetConectiva, Debian, Trustix
    kernelConectiva, Trustix
    fetchmailConectiva, Gentoo, Red Hat
    mysqlConectiva, Debian, EnGarde, Mandrake, Gentoo
    openldapConectiva
    lynxDebian
    micqDebian
    libpngDebian
    squirrelmailGentoo
    eximGentoo
    net-SNMPRed Hat
    apacheMandrake
    lynx-sslTrustix
    perlTrustix
    tcpdumpTrustix

    Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week.  It includes pointers to updated packages and descriptions of each vulnerability.
    [ Subscribe ]
     



     
     
    Package:wget
    Date:12-13-2002
    Description:The vulnerability resides in the way wget handles server answers to LIST and multiple GET requests. If the filenames in the answer begin with characters pointing to parent directories (like "../" or "/"), wget can download files to that location, thus overwritting arbitrary files.
    Vendor Alerts:Conectiva:
    ftp://atualizacoes.conectiva.com.br/8/RPMS/wget-1.8.2-1U80_1cl.i386.rpm

    Conectiva Vendor Advisory:
    http://www.linuxsecurity.com/advisories/conectiva_advisory-2664.html
     

    Debian:
    http://security.debian.org/pool/updates/main/w/wget/wget_1.5.3-3.1_i386.deb
    Size/MD5 checksum:   227812 fc7c576836d26cebc397c07f3bbd1488
    Debian Vendor Advisory:
    http://www.linuxsecurity.com/advisories/debian_advisory-2661.html
     
    Trustix:
    Trustix Vendor Advisory:
    http://www.linuxsecurity.com/advisories/trustix_advisory-2689.html

     
    Package:kernel
    Date:12-13-2002
    Description:Christophe Devine reported[1] a vulnerability in versions prior to 2.4.20 of the linux kernel that could be exploited by a local non-root user to completely "freeze" the machine. A local attacker could exploit this vulnerability to cause a Denial of Service (DoS) condition. This update fixes this problem.
    Vendor Alerts:Conectiva:
    PLEASE SEE VENDOR ADVISORY FOR UPDATE

    Conectiva Vendor Advisory:
    http://www.linuxsecurity.com/advisories/conectiva_advisory-2673.html
     

    Trustix:
    Trustix Vendor Advisory:
    http://www.linuxsecurity.com/advisories/trustix_advisory-2685.html

     
    Package:fetchmail
    Date:12-16-2002
    Description:Stefan Esser discovered[1] a buffer overflow vulnerability in fetchmail  versions prior to 6.1.3 (inclusive) that can be exploited remotelly with the use of specially crafted mail messages. By exploiting this the attacker can crash fetchmail or execute arbitrary code with the privileges of the user running it.
    Vendor Alerts:Conectiva:
    ftp://atualizacoes.conectiva.com.br/8/RPMS/
    fetchmail-5.9.12-1U80_3cl.i386.rpm

    ftp://atualizacoes.conectiva.com.br/8/RPMS/
    fetchmailconf-5.9.12-1U80_3cl.i386.rpm

    ftp://atualizacoes.conectiva.com.br/8/RPMS/
    fetchmail-doc-5.9.12-1U80_3cl.i386.rpm

    Conectiva Vendor Advisory:
    http://www.linuxsecurity.com/advisories/conectiva_advisory-2674.html
     

    Gentoo:
    Gentoo Vendor Advisory:
    http://www.linuxsecurity.com/advisories/gentoo_advisory-2666.html
    Red Hat:
    Red Hat Vendor Advisory:
    http://www.linuxsecurity.com/advisories/redhat_advisory-2676.html

     
    Package:mysql
    Date:12-17-2002
    Description:The server vulnerabilities can be exploited to crash the MySQL server, bypass password restrictions or even execute arbitrary code with the privileges of the user running the server process. The library ones consist in an arbitrary size heap overflow and a memory addressing problem that can be both exploited to crash or execute arbitrary code in programs linked against libmysql.
    Vendor Alerts:Conectiva:
    PLEASE SEE VENDOR ADVISORY FOR UPDATE

    Conectiva Vendor Advisory:
    http://www.linuxsecurity.com/advisories/conectiva_advisory-2678.html
     

    Debian:
    Debian Vendor Advisory:
    http://www.linuxsecurity.com/advisories/debian_advisory-2675.html
    EnGarde:
    EnGarde Vendor Advisory:
    http://www.linuxsecurity.com/advisories/engarde_advisory-2660.html
    Mandrake:
    Mandrake Vendor Adivsory:
    http://www.linuxsecurity.com/advisories/mandrake_advisory-2681.html


    OpenPKG:

    OpenPKG:
    http://www.linuxsecurity.com/advisories/other_advisory-2670.html


    Gentoo:

    Gentoo Vendor Advisory:
    http://www.linuxsecurity.com/advisories/gentoo_advisory-2665.html

     
    Package:openldap
    Date:12-19-2002
    Description:The vulnerabilities consists mainly in buffer overflows in both the OpenLDAP server and in the libraries provided with the OpenLDAP package. Some of these vulnerabilities can be exploited by attackers remotely or locally to compromise the OpenLDAP server or applications linked against the vulnerable libraries.
    Vendor Alerts:Conectiva:
    PLEASE SEE VENDOR ADVISORY FOR UPDATE

    Conectiva Vendor Advisory:
    http://www.linuxsecurity.com/advisories/conectiva_advisory-2682.html


     
    Package:lynx
    Date:12-13-2002
    Description:lynx (a text-only web browser) did not properly check for illegal characters in all places, including processing of command line options, which could be used to insert extra HTTP headers in a request.
    Vendor Alerts:Debian:
    http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.3-1.1_i386.deb
    Size/MD5 checksum:   973310 9f591d8c7e97b1bd84da2f841397a75c

    http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.3.1-1.1_i386.deb
    Size/MD5 checksum:   980678 ef6cf5f0e4a8781b14876639fafa78be

    Debian Vendor Advisory:
    http://www.linuxsecurity.com/advisories/debian_advisory-2662.html


     
    Package:micq
    Date:12-13-2002
    Description:Rüdiger Kuhlmann, upstream developer of mICQ, a text based ICQ client, discovered a problem in mICQ.  Receiving certain ICQ message types that do not contain the required 0xFE seperator causes all versions to
    crash.
    Vendor Alerts:Debian:
    http://security.debian.org/pool/updates/main/m/
    micq/micq_0.4.3-4.1_i386.deb
    Size/MD5 checksum:    42682 1ed0c823d4ccc05bc9e2070c15a687be

    Debian Vendor Advisory:
    http://www.linuxsecurity.com/advisories/debian_advisory-2663.html


     
    Package:libpng
    Date:12-19-2002
    Description:Glenn Randers-Pehrson discovered a problem in connection with 16-bit samples from libpng, an interface for reading and writing PNG (Portable Network Graphics) format files.  The starting offsets for the loops are calculated incorrectly which causes a buffer overrun beyond the beginning of the row buffer.
    Vendor Alerts:Debian:
    http://security.debian.org/pool/updates/main/libp/libpng/
    libpng2_1.0.5-1.1_i386.deb
    Size/MD5 checksum:    93642 adaf7a70c5c96cc86dd37e3e97662749

    http://security.debian.org/pool/updates/main/libp/libpng/
    libpng2-dev_1.0.5-1.1_i386.deb
    Size/MD5 checksum:   174272 55f53fa4fd4c4f4c56a9b6d89e466f21

    Debian Vendor Advisory:
    http://www.linuxsecurity.com/advisories/debian_advisory-2683.html


     
    Package:squirrelmail
    Date:12-15-2002
    Description:read_body.php didn't filter out user input for 'filter_dir' and 'mailbox', making a xss attack possible.
    Vendor Alerts:Gentoo:
    PLEASE SEE VENDOR ADVISORY FOR UPDATE

    Gentoo Vendor Advisory:
    http://www.linuxsecurity.com/advisories/gentoo_advisory-2668.html


     
    Package:exim
    Date:12-16-2002
    Description:This is a format string bug in daemon.c.
    Vendor Alerts:Gentoo:
    PLEASE SEE VENDOR ADVISORY FOR UPDATE

    Gentoo Vendor Advisory:
    http://www.linuxsecurity.com/advisories/gentoo_advisory-2669.html


     
     
    Package:net-SNMP
    Date:12-16-2002
    Description:The Net-SNMP packages shipped with Red Hat Linux 8.0 contain several bugs including a remote denial of service vulnerability. This errata release corrects those problems.
    Vendor Alerts:Red Hat:
    ftp://updates.Red Hat.com/8.0/en/os/i386/net-snmp-5.0.6-8.80.2.i386.rpm
    756809c05de41a612dd39f175c545816

    Red Hat Vendor Advisory:
    http://www.linuxsecurity.com/advisories/redhat_advisory-2677.html


     
     
     
    Package:apache
    Date:12-18-2002
    Description:A number of vulnerabilities were discovered in Apache versions prior to 1.3.27.  The first is regarding the use of shared memory (SHM) in Apache.  An attacker that is able to execute code as the UID of the
     webserver (typically "apache") is able to send arbitrary processes a USR1 signal as root.  Using this vulnerability, the attacker can also cause the Apache process to continously span more children processes, thus causing a local DoS.  Another vulnerability was discovered by Matthew Murphy regarding a cross site scripting vulnerability in the standard 404 error page.  Finally, some buffer overflows were found in the "ab" benchmark program that is included with Apache.
    Vendor Alerts:Mandrake:
    PLEASE SEE VENDOR ADVISORY FOR UPDATE

    Mandrake Vendor Advisory:
    http://www.linuxsecurity.com/advisories/mandrake_advisory-2680.html


     
    Package:lynx-ssl
    Date:12-19-2002
    Description:This SSL patch package for Lynx provides the ability to make use of SSL over HTTP for secure access to web sites (HTTPS) and over NNTP for secure access to news servers (SNEWS).  SSL is handled transparently, allowing users to continue accessing web sites and news services from within Lynx   through the same interface for both secure and standard transfers.
    Vendor Alerts:Trustix:
    ./1.5/RPMS/lynx-ssl-2.8.4-1tr.i586.rpm
    b9a901ce8b48c6fd77ca996c6f998540 
    http://www.trustix.net/pub/Trustix/updates/

    Trustix Vendor Advisory:
    http://www.linuxsecurity.com/advisories/trustix_advisory-2686.html


     
    Package:perl
    Date:12-19-2002
    Description:Perl allows for socalled "safe compartmemts" where code can be evalutated without access to variables outside this environment. There was, however, a bug with regards to applications using this safe compartment more than once.
    Vendor Alerts:Trustix:
    ./1.5/RPMS/perl-5.00503-14tr.i586.rpm
    6e864051fab21be22c8e295dbff00df2 
    http://www.trustix.net/pub/Trustix/updates/

    Trustix Vendor Advisory:
    http://www.linuxsecurity.com/advisories/trustix_advisory-2687.html


     
    Package:tcpdump
    Date:12-19-2002
    Description:Tcpdump tries to decode packages it sees on the network to provide some information to the user.  In the decoding of BGP packages, it failed to do proper bounds checking.  The impact is not known, but
      it could at least be used to crash tcpdump.  This is fixed in the 3.7.1 release of tcpdump.
    Vendor Alerts:Trustix:
    PLEASE SEE VENDOR ADVISORY FOR UPDATE

    Trustix Vendor Advisory:
    http://www.linuxsecurity.com/advisories/trustix_advisory-2688.html
     


     

    LinuxSecurity Poll

    What is your favorite LinuxSecurity.com feature?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    17
    radio
    [{"id":"65","title":"Feature articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"66","title":"News","votes":"1","type":"x","order":"2","pct":100,"resources":[]},{"id":"67","title":"HOWTOs","votes":"0","type":"x","order":"3","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.