Linux Advisory Watch: August 26th 2005

    Date25 Aug 2005
    CategoryNewsletters
    6138
    Posted ByBenjamin D. Thomas
    This week, advisories were releaed for bluez-utils, thunderbird, mysql, epiphany, system-config-netboot, kdbg, doxygen, kdeedu, ncpfs, gaim, system-config-bind, tar, vnc, metacity, cups, pygtk, slocate, myodbc, xpdf, libgal2, dhcpv, diskdumputils, kdebase, cvs, hwdata, eject, pcre, kismet, wikiwiki, apache, tor, netpbm, vim, and elm. The distributors include Debian, Fedora, Gentoo, and Red Hat.


    Master of Science in Information Security - Earn your Master of Science in Information Security online from Norwich University. Designated a "Center of Excellence", the program offers a solid education in the management of information assurance, and the unique case study method melds theory into practice. Using today's e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

    Introduction: IP Spoofing
    By: Suhas A Desai

    An article on "Security Problems in the TCP/IP Protocol Suite" by S.M.Bellovin in 1989 initially explored IP Spoofing attacks . He described how Robert Morris, creator of the now infamous Internet Worm, figured out how TCP created sequence numbers and forged a TCP packet sequence.

    This TCP packet included the destination address of his victim and using as IP spoofing attack Morris was able to obtain root access to his targeted system without a User ID or password.

    Introduction:

    IP spoofing is a technique used to gain unauthorized access to computers, whereby the attacker sends messages to a computer with a forging IP address indicating that the message is coming from a trusted host. There are a few variations on the types of attacks that using IP spoofing.

    1.non-blind spoofing

    This attack takes place when the attacker is on the same subnet as the target that could see sequence and acknowledgement of packets. The threat of this type of spoofing is session hijacking and an attacker could bypass any authentication measures taken place to build the connection. This is accomplished by corrupting the DataStream of an established connection, then re-establishing it based on correct sequence and acknowledgement numbers with the attack machine.

    2.Blind spoofing

    This attack may take place from outside where sequence and acknowledgement numbers are unreachable. Attackers usually send several packets to the target machine in order to sample sequence numbers, which is doable in older days. Today, most OSs implement random sequence number generation, making it difficult to predict them accurately. If, however, the sequence number was compromised, data could be sent to the target.

    READ ENTIRE ARTICLE:
    http://www.linuxsecurity.com/content/view/120225/49/


    LinuxSecurity.com Feature Extras:

    Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

    Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

    Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

     

    Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it. with "subscribe" as the subject.

    Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


      Debian
     Debian: New bluez-utils packages fix arbitrary command execution
     23rd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120184
     
     Debian: New Mozilla Thunderbird packages fix several vulnerabilities
     23rd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120185
     
     Debian: New mysql packages fix insecure temporary file
     24th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120196
     
      Fedora
     Fedora Core 4 Update: epiphany-1.6.5-1
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120132
     
     Fedora Core 4 Update: system-config-netboot-0.1.26-1_FC4
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120133
     
     Fedora Core 3 Update: kdbg-2.0.0-0.fc3.1
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120134
     
     Fedora Core 4 Update: doxygen-1.4.4-0.fc4.1
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120135
     
     Fedora Core 4 Update: kdbg-2.0.0-0.fc4.1
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120136
     
     Fedora Core 4 Update: kdeedu-3.4.2-0.fc4.2
     18th, August, 2005

    Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The script must be manually invoked.

    http://www.linuxsecurity.com/content/view/120137
     
     Fedora Core 3 Update: ncpfs-2.2.4-4.FC3.1
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120138
     
     Fedora Core 3 Update: gaim-1.5.0-1.fc3
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120139
     
     Fedora Core 4 Update: gaim-1.5.0-1.fc4
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120140
     
     Fedora Core 3 Update: system-config-bind-4.0.0-30
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120141
     
     Fedora Core 4 Update: system-config-bind-4.0.0-30_FC4
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120142
     
     Fedora Core 3 Update: pcre-4.5-3.1
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120143
     
     Fedora Core 4 Update: tar-1.15.1-8.FC4
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120144
     
     Fedora Core 4 Update: gstreamer-plugins-0.8.8-9
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120145
     
     Fedora Core 4 Update: vnc-4.1.1-10.1
     18th, August, 2005

    This package disables the render patch, which was causing problems when using the loadable X module.

    http://www.linuxsecurity.com/content/view/120146
     
     Fedora Core 3 Update: netpbm-10.28-1.FC3.2
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120147
     
     Fedora Core 4 Update: metacity-2.10.3-1
     18th, August, 2005

    This update of metacity fixes the behavior of minimized transient dialogs for some applications.

    http://www.linuxsecurity.com/content/view/120148
     
     Fedora Core 4 Update: cups-1.1.23-15.1
     18th, August, 2005

    These updated packages fix a problem handling PDF files that could have security implications.

    http://www.linuxsecurity.com/content/view/120149
     
     Fedora Core 3 Update: cups-1.1.22-0.rc1.8.6
     18th, August, 2005

    These updated packages fix a problem handling PDF files that could have security implications.

    http://www.linuxsecurity.com/content/view/120150
     
     Fedora Core 4 Update: pygtk2-2.6.2-0.fc4.1
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120151
     
     Fedora Core 4 Update: shadow-utils-4.0.7-10.FC4
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120152
     
     Fedora Core 4 Update: netpbm-10.28-1.FC4.2
     18th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120153
     
     Fedora Core 4 Update: slocate-2.7-22.fc4.1
     22nd, August, 2005

    A carefully prepared directory structure could stop the updatedb file system scan, resulting in an incomplete slocate database. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2499 to this issue.

    http://www.linuxsecurity.com/content/view/120166
     
     Fedora Core 3 Update: slocate-2.7-12.fc3.1
     22nd, August, 2005

    A carefully prepared directory structure could stop the updatedb file system scan, resulting in an incomplete slocate database. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2499 to this issue.

    http://www.linuxsecurity.com/content/view/120167
     
     Fedora Core 4 Update: MyODBC-2.50.39-25.FC4.1
     22nd, August, 2005

    Fix a problem with extra rows inserted because of mistaken pre-execution of a query. See also http://bugs.mysql.com/bug.php?id=4264

    http://www.linuxsecurity.com/content/view/120168
     
     Fedora Core 3 Update: MyODBC-2.50.39-25.FC3.1
     22nd, August, 2005

    Fix a problem with extra rows inserted because of mistaken pre-execution of a query. See also http://bugs.mysql.com/bug.php?id=4264

    http://www.linuxsecurity.com/content/view/120169
     
     Fedora Core 3 Update: doxygen-1.4.4-0.fc3.1
     22nd, August, 2005

    update to 1.4.4

    http://www.linuxsecurity.com/content/view/120170
     
     Fedora Core 4 Update: xpdf-3.01-0.FC4.1
     22nd, August, 2005

    update to 3.01

    http://www.linuxsecurity.com/content/view/120171
     
     Fedora Core 3 Update: xpdf-3.01-0.FC3.1
     22nd, August, 2005

    update to 3.01

    http://www.linuxsecurity.com/content/view/120172
     
     Fedora Core 4 Update: libgal2-2.4.3-1.fc4
     22nd, August, 2005

    Fix for crash when selecting type of server in Evolution's account editor

    http://www.linuxsecurity.com/content/view/120173
     
     Fedora Core 3 Update:
     22nd, August, 2005

    It probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4. This snapshot worked on my personal server for the past week, so hopefully it will be good for everyone else too.

    http://www.linuxsecurity.com/content/view/120174
     
     Fedora Core 4 Update:
     22nd, August, 2005

    It probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4.

    http://www.linuxsecurity.com/content/view/120175
     
     Fedora Core 3 Update: dhcpv6-0.10-14_FC3
     22nd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120176
     
     Fedora Core 4 Update: dhcpv6-0.10-14_FC4
     22nd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120177
     
     Fedora Core 3 Update: system-config-netboot-0.1.30-1_FC3
     22nd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120178
     
     Fedora Core 4 Update: system-config-netboot-0.1.30-1_FC4
     22nd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120179
     
     Fedora Core 4 Update: diskdumputils-1.1.9-2
     22nd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120180
     
     Fedora Core 3 Update: kdebase-3.4.2-0.fc3.3
     23rd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120189
     
     Fedora Core 4 Update: bind-9.3.1-10_FC4
     23rd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120190
     
     Fedora Core 4 Update: cvs-1.11.19-9
     23rd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120191
     
     Fedora Core 3 Update: cvs-1.11.17-7.FC3
     23rd, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120192
     
     Fedora Core 3 Update: hwdata-0.146.1-1
     23rd, August, 2005

    This fixes a bug where some MegaRAID controllers were incorrectly mapped to the megaraid_mbox driver.

    http://www.linuxsecurity.com/content/view/120193
     
     Fedora Core 3 Update: eject-2.1.1-0.fc3.2
     24th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120202
     
     Fedora Core 4 Update: eject-2.1.1-0.fc4.1
     24th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120203
     
     Fedora Core 3 Update: pcre-4.5-3.1.1.fc3
     24th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120204
     
     Fedora Core 4 Update: pcre-5.0-4.1.fc4
     24th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120205
     
     Fedora Core 3 Update: epiphany-1.4.9-0
     24th, August, 2005

    Updated package.

    http://www.linuxsecurity.com/content/view/120206
     
      Gentoo
     Gentoo: Kismet Multiple vulnerabilities
     19th, August, 2005

    Kismet is vulnerable to multiple issues potentially resulting in the execution of arbitrary code.

    http://www.linuxsecurity.com/content/view/120160
     
     Gentoo: Adobe Reader Buffer Overflow
     19th, August, 2005

    Adobe Reader is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.

    http://www.linuxsecurity.com/content/view/120161
     
     Gentoo: Evolution Format string vulnerabilities
     23rd, August, 2005

    Evolution is vulnerable to format string vulnerabilities which may result in remote execution of arbitrary code.

    http://www.linuxsecurity.com/content/view/120183
     
     Gentoo: PEAR XML-RPC, phpxmlrpc New PHP script injection
     24th, August, 2005

    The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to execute arbitrary PHP script commands.

    http://www.linuxsecurity.com/content/view/120197
     
     Gentoo: TikiWiki, eGroupWare Arbitrary command execution
     24th, August, 2005

    TikiWiki and eGroupWare both include PHP XML-RPC code vulnerable to arbitrary command execution.

    http://www.linuxsecurity.com/content/view/120207
     
     Gentoo: Apache 2.0 Denial of Service vulnerability
     25th, August, 2005

    A bug in Apache may allow a remote attacker to perform a Denial of Service attack.

    http://www.linuxsecurity.com/content/view/120208
     
     Gentoo: Tor Information disclosure
     25th, August, 2005

    A flaw in Tor leads to the disclosure of information and the loss of anonymity, integrity and confidentiality.

    http://www.linuxsecurity.com/content/view/120209
     
      Red Hat
     RedHat: Low: netpbm security update
     22nd, August, 2005

    Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

    http://www.linuxsecurity.com/content/view/120163
     
     RedHat: Low: vim security update
     22nd, August, 2005

    Updated vim packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

    http://www.linuxsecurity.com/content/view/120164
     
     RedHat: Low: slocate security update
     22nd, August, 2005

    An updated slocate package that fixes a denial of service issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

    http://www.linuxsecurity.com/content/view/120165
     
     RedHat: Critical: elm security update
     23rd, August, 2005

    An updated elm package is now available that fixes a buffer overflow issue for Red Hat Enterprise Linux 2.1 AS and AW. This update has been rated as having critical security impact by the Red Hat Security Response Team.

    http://www.linuxsecurity.com/content/view/120194
     
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.