Information Security News mailing list archives
Linux Advisory Watch - March 23rd 2001
From: vuln-newsletter-admins () linuxsecurity com
Date: Fri, 23 Mar 2001 14:17:20 -0500
+----------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | March 23rd, 2001 Volume 2, Number 12a | +----------------------------------------------------------------+ Editors: Dave Wreski Benjamin Thomas dave () linuxsecurity com ben () linuxsecurity com Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for slrn, cups, mutt, icecast, imap, sgml-tools, and licq. The vendors include Conectiva, Mandrake, and Trusix. Although this week has been slow, if you are using any of these distributions, please take the necessary time to patch your system. Are you sick and tired of having to apply system updates week after week? Why not use a distribution specifically for built for security, but still maintaining maximum usability and flexibility. Guardian Digital, Inc. (our parent company), has announced that EnGarde Secure Linux will be made publicly available March 30th, 2001. We invite you visit EnGarde's website for details. http://www.engardelinux.org HTML Version of Newsletter: http://www.linuxsecurity.com/vuln-newsletter.html +---------------------------------+ | Installing a new package: | ------------------------------// +---------------------------------+ # rpm -Uvh # dpkg -i Packages can be installed easily by using rpm (Red Hat Package Manager) or dpkg (Debian Package Manager). Most advisories issued by vendors are packaged in either an rpm or dpkg. Additional installation instructions can be found in the body of the Advisories. +---------------------------------+ | Checking Package Integrity: | -----------------------------// +---------------------------------+ The md5sum command is used to compute a 128-bit fingerprint that is strongly dependant upon the contents of the file to which it is applied. It can be used to compare against a previously-generated sum to determine whether the file has changed. It is commonly used to ensure the integrity of updated packages distributed by a vendor. # md5sum ebf0d4a0d236453f63a797ea20f0758b The string of numbers can then be compared against the MD5 checksum published by the packager. While it does not take into account the possibility that the same person that may have modified a package also may have modified the published checksum, it is especially useful for establishing a great deal of assurance in the integrity of a package before installing +---------------------------------+ | Conectiva | ----------------------------// +---------------------------------+ * Conectiva: 'cups' vulnerability March 19th, 2001 "cups" is one of the printing systems distributed with Conectiva Linux 6.0 (previous versions do not have this package). The previous announcement (#384, with the -6cl release) has packaging problems in the main package, cups-1.1.6-6cl As a result, the package will not be installed and the previous version (1.1.3) will remain on the system. An error message will also be displayed. ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ cups-1.1.6-7cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ cups-devel-1.1.6-7cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ cups-devel-static-1.1.6-7cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ cups-doc-1.1.6-7cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ cups-libs-1.1.6-7cl.i386.rpm Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-1224.html * Conectiva: 'slrn' buffer overflow March 19th, 2001 "slrn" is a text-mode news client. Previous versions have a buffer overflow vulnerability that could be exploited remotely via a carefully crafted news message. ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ slrn-0.9.6.3-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ slrn-pull-0.9.6.3-1cl.i386.rpm Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-1225.html * Conectiva: 'mutt' format string vulnerabilities March 19th, 2001 "mutt" is a very popular text-mode email client. Versions prior to 1.2.5 have some format string vulnerabilities that have now been fixed. ftp://atualizacoes.conectiva.com.br/5.1/i386/mutt-1.2.5-6cl.i386.rpm Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-1226.html * Conectiva: 'icecast' vulnerabilities March 19th, 2001 "icecast" is a server used to distribute audio streams to compatible clients such as winamp, mpg123, xmms and many others. Matt Messier (mmessier () prilnari com) and John Viega (viega () list org) have identified several buffer overflow and format strings problems in Icecast that could be remotely exploited. ftp://atualizacoes.conectiva.com.br/6.0/RPMS/icecast-1.3.9-2cl.i386.rpm Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-1227.html * Conectiva: 'imap' buffer overflows March 19th, 2001 "imap" is a package which contains POP3 and IMAP mail servers. Several buffer overflow vulnerabilities have been found in this package by their authors and by independent groups (www.bufferoverflow.org has published an exploit for one of these vulnerabilities). ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ imap-doc-2000c-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ imap-devel-2000c-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ imap-devel-static-2000c-1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ imap-2000c-1cl.i386.rpm Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-1228.html +---------------------------------+ | Mandrake | ----------------------------// +---------------------------------+ * Mandrake: 'licq' vulnerability March 20th, 2001 Versions of Licq prior to 1.0.3 have a vulnerability involving the way Licq parses received URLs. The received URLs are passed to the web browser without any sanity checking by using the system() function. Because of the lack of checks on the URL, remote attackers can pipe other commands with the sent URLs causing the client to unwillingly execute arbitrary commands. The URL parsing code has been fixed in the most recent 1.0.3 version. PLEASE SEE VENDOR ADVISORY FOR UPDATE Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-1232.html * Mandrake: UPDATE: 'sgml-tools' vulnerabilities March 20th, 2001 Insecure handling of temporary file permissions can lead to other users on a multi-user system being able to read the documents being converted. This is due to sgml-tools creating temporary files without any special permissions. The updated packages create a secure temporary directory first, which is readable only by the owner, and then create the temporary files in that secure directory. http://www.linux-mandrake.com/en/ftp.php3 Linux-Mandrake 7.1: 7.1/RPMS/sgml-tools-1.0.9-8.3mdk.i586.rpm 35e8e14047ac5710274e803bc7bd3e7c 7.1/SRPMS/sgml-tools-1.0.9-8.3mdk.src.rpm 02d2fa1b6a56a7c8dc2decfb9339d2a6 Linux-Mandrake 7.2: 7.2/RPMS/sgml-tools-1.0.9-8.1mdk.i586.rpm c5e48714e3da71f692e447eb942a368b 7.2/SRPMS/sgml-tools-1.0.9-8.1mdk.src.rpm c2242855d3be03b899a908944c48ac1d Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-1231.html * Mandrake: 'mutt' format string vulnerability March 19th, 2001 A format string vulnerability was present in the IMAP code in versions of the mutt email client previous to 1.2.5. This had the effect that a compromised or malicious IMAP server could possibly execute code on the local machine. http://www.linux-mandrake.com/en/ftp.php3 Linux-Mandrake 7.1: 7.1/RPMS/mutt-1.2.5i-5.2mdk.i586.rpm 8ca095ea77554edf26988b5e24f8fd91 7.1/SRPMS/mutt-1.2.5i-5.2mdk.src.rpm 2b1d687f54b6d214f29a807f6433130c Linux-Mandrake 7.2: 7.2/RPMS/mutt-1.2.5i-5.1mdk.i586.rpm d9dba0a7fc0fff1f1020bbb828b9e4f1 7.2/SRPMS/mutt-1.2.5i-5.1mdk.src.rpm bd6dcbafebf5c434bd6b0d4478bf487c Vendor Advisory: http://www.linuxsecurity.com/advisories/mandrake_advisory-1229.html +---------------------------------+ | Trustix | ----------------------------// +---------------------------------+ * Trustix: 'mutt' vulnerabilities March 20th, 2001 This release fixes at least one grave IMAP error which may lead to confusing display and other strangeness, and our instances of the "wuftpd format bug", which had (mostly) the effect that your IMAP server's operator could break into your computer with some work. ftp://ftp.trusix.net/pub/Trustix/updates/ Vendor Advisory: http://www.linuxsecurity.com/advisories/other_advisory-1230.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Linux Advisory Watch - March 23rd 2001 vuln-newsletter-admins (Mar 23)