Information Security News mailing list archives
Linux Advisory Watch, Nov 10th 2000
From: vuln-newsletter-admins () linuxsecurity com
Date: Fri, 10 Nov 2000 11:07:42 -0500
+----------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | November 10th, 2000 Volume 1, Number 28a | +----------------------------------------------------------------+ Editors: Dave Wreski Benjamin Thomas dave () linuxsecurity com ben () linuxsecurity com This week, advisories were released for netscape, xfce, global, top, tcpdump, usermode, and dump. The vendors include FreeBSD, RedHat, and Trustix. If you have FreeBSD systems, we recommend that you update immediately. I am beginning to wonder if the Linux vendors were caught up in the election. Five of the seven advisories this week were from FreeBSD. If you have not been keeping up with advisories, it may be a good idea to go back a few weeks and make sure your system has been properly patched. Older advisories can be found at http://www.linuxsecurity.com/advisories/index.html -- OpenDoc Publishing -- Our sponsor this week is OpenDoc Publishing. Their 480-page comprehensive security book, Securing and Optimizing Linux, takes a hands-on approach to installing, optimizing, configuring, and securing Red Hat Linux. Topics include sendmail 8.10.1, OpenSSL, ApacheSSL, OpenSSH and much more! Includes Red Hat 6.2 and Red Hat 6.2 PowerTools edition. http://www.linuxsecurity.com/sponsors/opendocs.html Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. HTML Version: http://www.linuxsecurity.com/vuln-newsletter.html +---------------------------------+ | Installing a new package: | ------------------------------// +---------------------------------+ # rpm -Uvh # dpkg -i Packages can be installed easily by using rpm (Red Hat Package Manager) or dpkg (Debian Package Manager). Most advisories issued by vendors are packaged in either an rpm or dpkg. Additional installation instructions can be found in the body of the Advisories. +---------------------------------+ | Checking Package Integrity: | -----------------------------// +---------------------------------+ The md5sum command is used to compute a 128-bit fingerprint that is strongly dependant upon the contents of the file to which it is applied. It can be used to compare against a previously-generated sum to determine whether the file has changed. It is commonly used to ensure the integrity of updated packages distributed by a vendor. # md5sum ebf0d4a0d236453f63a797ea20f0758b The string of numbers can then be compared against the MD5 checksum published by the packager. While it does not take into account the possibility that the same person that may have modified a package also may have modified the published checksum, it is especially useful for establishing a great deal of assurance in the integrity of a package before installing +---------------------------------+ | FreeBSD Advisories | ----------------------------// +---------------------------------+ * FreeBSD: 'xfce' ports vulnerability November 7th, 2000 Local users can monitor and control the contents of the X display running xfce, as well as input devices such as mice and keyboards. Updated Package: xfce-3.12.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/x11-wm/ Vendor Advisory: -> http://www.linuxsecurity.com/advisories/freebsd_advisory-854.html * FreeBSD: 'netscape' ports vulnerability November 7th, 2000 Remote attackers can execute arbitrary code on the local system by convincing users to visit a malicious website. Versions of netscape prior to 4.76 allow a client-side exploit through a buffer overflow in html code. A malicious website operator can cause arbitrary code to be executed by the user running the netscape client. Updated Package: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/www/ Vendor Advisory: -> http://www.linuxsecurity.com/advisories/freebsd_advisory-855.html * FreeBSD: 'tcpdump' vulnerability November 6th, 2000 Remote users can cause the local tcpdump process to crash, and (under FreeBSD 4.0-RELEASE, 4.1-RELEASE, 4.1.1-RELEASE and 4.1.1-STABLE prior to the correction date) may be able to cause arbitrary code to be executed as the user running tcpdump, usually root. Updated Package: tcpdump-4.x.patch.v1.1 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00:61/ Vendor Advisory: -> http://www.linuxsecurity.com/advisories/freebsd_advisory-851.html * FreeBSD: 'global' root compromise November 6th, 2000 If the 'htags -f' command is used to generate a CGI script which is then installed under a webserver, then remote users may execute arbitrary commands on the local system as the user which runs the CGI script. If you have not chosen to install the global port/package, or you have not used the 'htags -f' command to produce a CGI script, then your system is not vulnerable to this problem. Updated Package: global-4.0.1.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/devel/ Vendor Advisory: -> http://www.linuxsecurity.com/advisories/freebsd_advisory-853.html * FreeBSD: 'top' vulnerability November 6th, 2000 Local users can read privileged data from kernel memory which may provide information allowing them to further increase their local or remote system access privileges. Updated Package: top.patch.v1.1 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00:62/ Vendor Advisory: -> http://www.linuxsecurity.com/advisories/freebsd_advisory-852.html +---------------------------------+ | RedHat Advisories | ----------------------------// +---------------------------------+ * RedHat: 'usermode' format-string vulnerability November 9th, 2000 The usermode package contains a binary (/usr/bin/userhelper), which is used to control access to programs which are to be executed as root. Because programs invoked by userhelper are not actually running setuid-root, security measures built into recent versions of glibc are not active. Red Hat Linux 6.2: alpha: ftp://updates.redhat.com/6.2/alpha/usermode-1.37-1.6.alpha.rpm MD5 Checksum: 978af994a09fcbc4bf1cb2fa2723bfe7 ftp://updates.redhat.com/6.2/alpha/SysVinit-2.78-5.alpha.rpm MD5 Checksum: 546bf7949c5be73b9f28b1819bfbd7c6 sparc: ftp://updates.redhat.com/6.2/sparc/usermode-1.37-1.6.sparc.rpm MD5 Checksum: ba94a59a3a8195346735f202f28af3f8 ftp://updates.redhat.com/6.2/sparc/SysVinit-2.78-5.sparc.rpm MD5 Checksum: 4dfeacb8db12af4b2666f2792e1027c1 i386: ftp://updates.redhat.com/6.2/i386/usermode-1.37-1.6.i386.rpm MD5 Checksum: e8fe2db6f95348a93a373673b1c87443 ftp://updates.redhat.com/6.2/i386/SysVinit-2.78-5.i386.rpm MD5 Checksum: ca5b97a1abb47b64d71ef69ab96fcb8a Red Hat Linux 7.0: i386: ftp://updates.redhat.com/7.0/i386/usermode-1.37-2.i386.rpm MD5 Checksum: c32888b6f362b04f8a3805d4465c042a Vendor Advisory: -> http://www.linuxsecurity.com/advisories/redhat_advisory-856.html +---------------------------------+ | Trustix Advisories | ----------------------------// +---------------------------------+ * Trustix: 'dump' vulnerability November 4th, 2000 All released versions of Trustix Secure Linux contain a version of dump that is known to have a local root exploit. People with untrusted local users should upgrade as soon as possible. Package Name: dump-0.4b19-2tr.i586.rpm ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/ MD5 Checksum: fd266c1a6a8a5d2ab9b65fc0f9affc32 Pacakge Name: rmt-0.4b19-2tr.i586.rpm ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/ MD5 Checksum: a1429d8d752e0cbff0154b0c3ff90b0c Vendor Advisory: -> http://www.linuxsecurity.com/advisories/other_advisory-850.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Linux Advisory Watch, Nov 10th 2000 vuln-newsletter-admins (Nov 11)