[ISN] Linux Advisory Watch - April 30th 2004

InfoSec News isn at c4i.org
Mon May 3 03:21:06 EDT 2004

|  LinuxSecurity.com                        Linux Advisory Watch |
|  April 30th, 2004                         Volume 5, Number 18a |

  Editors:     Dave Wreski                Benjamin Thomas
               dave at linuxsecurity.com     ben at linuxsecurity.com

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each

This week, advisories were released for eterm, mc, the Linux kernel,
ssmtp, LCDproc, xine, samba, and sysklogd. The distributors include
Debian, Guardian Digital's EnGarde Linux, Fedora, Gentoo, Mandrake, Red
Hat, and Slackware.


>> FREE GUIDE-128-bit encryption <<

Thawte is one of the few companies that offers 128 bit supercerts. A
Supercert will allow you to extend the highest allowed 128 bit encryption
to all your clients even if they use browsers that are limited to 40 bit

Download a guide to learn more:


Wireless Security

Over the years security and network administrators have been reluctant to
adopt wireless networking technologies in corporate environments.  Will it
provide an easy path of entry into the LAN?  Will internal servers be
accessible from the outside? Sometimes is necessary to implement wireless
networks in an office building because of special circumstances, or
pressures from management to adopt the latest technology. Installing a
wireless network may be inevitable, if so how should it be approached?

As with all security projects, a wireless security policy should be
created.  This should define the purpose and scope of the wireless
network, who is going to be using it, how it should be used, etc.  Also,
an analysis of newly introduced threats should be formalized.  This will
enable the network to be designed in a matter that minimizes risk.

The wireless network should be treated as an untrusted network.
Precautions such as placing a firewall between the wireless network and
internal LAN, requiring strong authentication, and conducting regular
vulnerability assessments.  When connecting to the trusted LAN over a
wireless network, a VPN should be used.  If not, it is advisable to only
stick to secure protocols such as SSH & SSL.

Wireless access points should be regularly audited and configured in the
most secure manner.  Passwords and WEP keys should be as defined in the
Wireless Security Policy.  Also, it is important to periodically check for
rogue wireless access points by warwalking. Access points are ideally
placed in the center of buildings.  This reduces the available signal
strength to outsiders.

Because the wireless workstations are on an untrusted network, it is
imperative that they are kept secure.  This can be done by using
host-based firewalls, IDS, keeping patches up-to-date, and configuration
scanning.  Hosts should be regularly scanned and monitored. By taking
these precautions it is possible to implement wireless networking without
significantly increasing risks to an organization's information security.

Until next time, cheers!
Benjamin D. Thomas
ben at linuxsecurity.com


Guardian Digital Launches Next Generation Internet
Defense & Detection System

Guardian Digital has announced the first fully open source system designed
to provide both intrusion detection and prevention functions. Guardian
Digital Internet Defense & Detection System (IDDS) leverages best-in-class
open source applications to protect networks and hosts using a unique
multi-layered approach coupled with the security expertise and ongoing
security vigilance provided by Guardian Digital.



Interview with Siem Korteweg: System Configuration Collector

In this interview we learn how the System Configuration Collector (SCC)
project began, how the software works, why Siem chose to make it open
source, and information on future developments.



>> Internet Productivity Suite:  Open Source Security <<
Trust Internet Productivity Suite's open source architecture to give you
the best security and productivity applications available. Collaborating
with thousands of developers, Guardian Digital security engineers
implement the most technologically advanced ideas and methods into their


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

|  Distribution: Debian           | ----------------------------//

 4/28/2004 - kernel
   2.4.16 Multiple vulnerabilities

   Several serious problems have been discovered in the Linux kernel.
   This update takes care of Linux 2.4.16 for the ARM (and a few
   other) architectures.

 4/29/2004 - eterm
   Missing Input Sanitising

   H.D. Moore discovered several terminal emulator security issues

 4/29/2004 - mc
   Several Vulnerabilities

   Jacub Jelinek discovered several vulnerabilities in the Midnight
   Commander, a powerful file manager for GNU/Linux systems.

|  Distribution: EnGarde          | ----------------------------//

 4/28/2004 - 'kernel' Several security and bug fixes
   Several Vulnerabilities

   This update fixes numerous vulnerabilities in the Linux Kernel.

 4/28/2004 - kernel
   Multiple vulnerabilities

   This patch resolves a number of kernel vulnerabilities, uncluding
   ones involving the various journaling filesystems.

|  Distribution: Fedora           | ----------------------------//

 4/23/2004 - kernel
   Multiple vulnerabilities

   This patch fixes a large variety of vulnerabilities in the 2.4.22
   kernel, including some related to journaling filesystems.

|  Distribution: Gentoo           | ----------------------------//

 4/28/2004 - ipsec-tools and iputils Denial of service vulnerability
   Multiple vulnerabilities

   Attackers may be able to craft an ISAKMP header of sufficient
   length to consume all available system resources, causing a Denial
   of Service.  Further discussion of advisory at bottom.

 4/28/2004 - ssmtp
   Multiple vulnerabilities

   Multiple format string vulnerabilities may allow an attacker to
   run arbitrary code with ssmtp's privileges.

 4/28/2004 - LCDproc
   Multiple vulnerabilities

   Multiple remote vulnerabilities have been found in the LCDd
   server, allowing execution of arbitrary code with the rights of
   the LCDd user.

 4/28/2004 - xine
   Multiple vulnerabilities

   Several vulnerabilities have been found in xine-ui and xine-lib,
   potentially allowing an attacker to overwrite files with the
   rights of the user.

 4/29/2004 - samba
   Multiple Vulnerabilities

   There is a bug in smbfs which may allow local users to gain root
   via a setuid file on a mounted Samba share. Also, there is a
   tmpfile symlink vulnerability in the smbprint script distributed
   with Samba.

|  Distribution: Mandrake         | ----------------------------//

 4/28/2004 - kernel
   Multiple vulnerabilities

   This patch resolves a large number of kernel vulnerabilities at
   various levels of seriousness.

 4/29/2004 - sysklogd

   Steve Grubb discovered a bug in sysklogd where it allocates an
   insufficient amount of memory which causes sysklogd to write to
   unallocated memory.

|  Distribution: Openwall         | ----------------------------//

 4/23/2004 - kernel
   Privilege escalation vulnerability

   Upgrade to 2.4.26 to fix a local root vulnerability.

|  Distribution: Red Hat          | ----------------------------//

 4/23/2004 - kernel
   Privilege escalation vulnerabilities

   Updated kernel packages that fix two privilege escalation
   vulnerabilities are now available.

|  Distribution: Slackware        | ----------------------------//

 4/28/2004 - kernel
   Security Issues

   New kernel packages are available for Slackware 9.1 and -current
   to fix security issues

Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.

More information about the ISN mailing list