Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Advisory Watch - May 9th 2003

From: InfoSec News <isn () c4i org>
Date: Mon, 12 May 2003 03:30:35 -0500 (CDT)
+----------------------------------------------------------------+
|  LinuxSecurity.com                        Linux Advisory Watch |
|  May 9th, 2002                            Volume 4, Number 18a |
+----------------------------------------------------------------+

  Editors:     Dave Wreski                Benjamin Thomas
               dave () linuxsecurity com     ben () linuxsecurity com

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilitiaes that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.

This week, advisories were released for samba, file, tcpsec, krb5, vnc,
snort, epic4, balsa, leksbot, libgtop, fuzz, openssh, MySQL, and
mod_auth_any.  The distributors include SCO, Conectiva, Connectiva,
Debian, Gentoo, and RedHat.

Have you noticed any changes with this week's newsletter? It probably will
not take you long to realize that something is different. First, rather
than sorting security advisories by package, we are now sorting by
distribution. The purpose of that is to allow you to more easily find
information about your desired distribution. Second, the description
information provided with each advisory is shorter and probably more
informative. For example, rather than giving extreme detail on some
vulnerabilities and little to none on others, we are now making an effort
to provide a consistent level of detail for all advisories listed.
Hopefully, these changes will allow this newsletter to be more helpful to
you.

In addition, each week we will include commentary on particularly
significant advisories, security news, opinion, tips, research, and
anything else that may be interesting to readers.

Do you have any suggestions? We are currently in the first phase of a
three-part reconstruction effort to improve the quality of our
newsletters. Our goal is to provide a single place for security advisory
information that can be accessed quickly. How can we make your job easier?
What would you like to see in our newsletters? Do you welcome this change?
Do you have any other suggestions on how we can improve?

We look forward to hearing from you!
news () linuxsecurity com


SECURE YOUR SERVERS WITH 128-BIT SSL ENCRYPTION

Guarantee transmitted data integrity, secure all communication sessions
and more with SSL encryption from Thawte- a leading global certificate
provider. Learn more in our FREE GUIDE--click here to get

Find out more!
http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=thawte17


At the RealWorld Linux Expo in Toronto, Guardian Digital launched the next
generation of the Community edition of EnGarde Secure Linux - the
secure and easy to manage system for building a complete Internet
presence while protecting your information assets.

Download the FREE trial today!
http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=freetrial


--------------------------------------------------------------------

* Comprehensive SPAM Protection! - Guardian Digital's Secure Mail Suite is
unparalleled in security, ease of management, and features. Open source
technology constantly adapts to new threats. Email firewall, simplified
administration, automatically updated.

 --> http://guardiandigital.com/cgi-bin/ad_redirect.pl?id=mailnews2

--------------------------------------------------------------------

Days of the Honeynet: Attacks, Tools, Incidents - Among other benefits,
running a honeynet makes one acutely aware about "what is going on" out
there. While placing a network IDS outside one's firewall might also
provide a similar flood of alerts, a honeypot provides a unique
prospective on what will be going on when a related server is compromised
used by the intruders.

http://www.linuxsecurity.com/feature_stories/feature_story-141.html


+---------------------------------+
|  Distribution: SCO              | ----------------------------//
+---------------------------------+

 5/7/2003 - samba
   multiple vulnerabilities

   This updates fixes multiple vulnerabilities in samba.
   http://www.linuxsecurity.com/advisories/caldera_advisory-3240.html

 5/7/2003 - file
   buffer overflow vulnerability

   The file command is vulnerable to a buffer overflow when given a
   maliciously crafted binary to examine.
   http://www.linuxsecurity.com/advisories/caldera_advisory-3241.html

 5/7/2003 - tcpsec
   SYN+FIN packet discarding vulnerability

   Allowing TCP packets with both the SYN and FIN bits set
   significantly improve an attacker's chances of circumventing a
   firewall.
   http://www.linuxsecurity.com/advisories/caldera_advisory-3242.html


+---------------------------------+
|  Distribution: Conectiva        | ----------------------------//
+---------------------------------+

 5/5/2003 - krb5
   Multiple vulnerabilities

   Cryptographic weakness, buffer overrun and underrun, faulty length
   checks, and integer signedness vulnerabilities have been fixed.
   http://www.linuxsecurity.com/advisories/connectiva_advisory-3232.html

 5/5/2003 - vnc
   Multiple vulnerabilities

   Cryptographic weakness, buffer overrun and underrun, faulty length
   checks, and integer signedness vulnerabilities have been fixed.
   http://www.linuxsecurity.com/advisories/connectiva_advisory-3233.html


+---------------------------------+
|  Distribution: Connectiva       | ----------------------------//
+---------------------------------+

 5/7/2003 - snort
   integer overflow vulnerability

   There is a remotely exploitable integer overflow vulnerability in
   Snort.
   http://www.linuxsecurity.com/advisories/connectiva_advisory-3243.html


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

 5/5/2003 - epic4
   buffer overflow vulnerability

   A malicious server could craft special reply strings, triggering
   the client to write beyond buffer boundaries.
   http://www.linuxsecurity.com/advisories/debian_advisory-3231.html

 5/6/2003 - balsa
   off-by-one vulnerabilities

   Byrial Jensen discovered a couple of off-by-one buffer overflow in
   the IMAP code of Mutt.
   http://www.linuxsecurity.com/advisories/debian_advisory-3235.html

 5/6/2003 - leksbot
   improper setuid-root execution

   Due to a packaging error, the program /usr/bin/KATAXWR was
   inadvertently installed setuid root.
   http://www.linuxsecurity.com/advisories/debian_advisory-3236.html

 5/7/2003 - libgtop
   Remote buffer overflow vulnerability

   Due to a packaging error, the program /usr/bin/KATAXWR was
   inadvertently installed setuid root.
   http://www.linuxsecurity.com/advisories/debian_advisory-3244.html

 5/7/2003 - fuzz
   Local privilege escalation vulnerability

   Due to a packaging error, the program /usr/bin/KATAXWR was
   inadvertently installed setuid root.
   http://www.linuxsecurity.com/advisories/debian_advisory-3245.html


+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

 5/2/2003 - openssh
   Information disclosure vulnerability

   Due to a packaging error, the program /usr/bin/KATAXWR was
   inadvertently installed setuid root.
   http://www.linuxsecurity.com/advisories/gentoo_advisory-3226.html


+---------------------------------+
|  Distribution: RedHat           | ----------------------------//
+---------------------------------+

 5/2/2003 - MySQL
   Multiple vulnerabilities

   Due to a packaging error, the program /usr/bin/KATAXWR was
   inadvertently installed setuid root.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3227.html

 5/2/2003 - mod_auth_any
   Arbitrary command execution vulnerability

   Due to a packaging error, the program /usr/bin/KATAXWR was
   inadvertently installed setuid root.
   http://www.linuxsecurity.com/advisories/redhat_advisory-3228.html


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: