[ISN] Linux Advisory Watch - March 17th 2006

InfoSec News isn at c4i.org
Mon Mar 20 03:45:48 EST 2006


+---------------------------------------------------------------------+
|  LinuxSecurity.com                               Weekly Newsletter  |
|  March 17th 2006                              Volume 7, Number 12a  |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave at linuxsecurity.com          ben at linuxsecurity.com

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week.  It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for zoph, bluez-hcidump, curl,
zoo, ffmpeg, GnuPG, freeciv, metamail, CBC, bomberclone, libextractor,
lurker, crossfire, webcalendar, xpvm, vlc, net-tools, tcsh, shadow-utils,
db, tar, flex, squirrelmail, zoo, php, python, kdegraphics, squid,
vixie-cron, the Red Hat kernel.  Distributors include Debian, Fedora,
Gentoo, Mandriva, Red Hat, and SuSE.

----

EnGarde Secure Linux: Why not give it a try?

EnGarde Secure Linux is a Linux server distribution that is geared
toward providing a open source platform that is highly secure by default
as well as easy to administer. EnGarde Secure Linux includes a select
group of open source packages configured to provide maximum security
for tasks such as serving dynamic websites, high availability mail
transport, network intrusion detection, and more. The Community
edition of EnGarde Secure Linux is completely free and open source,
and online security and application updates are also freely
available with GDSN registration.

http://www.engardelinux.org/modules/index/register.cgi

----

Preventing DDoS Attacks
By: Blessen Cherian

Introduction

In this article I am trying to explain what DDOS is and how it can
be prevented. DDOS happens due to lack of security awareness of the
network/server owners. On a daily basis we hear that a particular
machine is under DDOS attack or NOC has unplugged the machine due
to DDOS attack . So DDOS has become one of the common issues in
this electronics world. DDOS is like a disease which doesn't have
an anti-viral developed. So we should be carefull while dealing
with it. Never take it lightly. In this article i am trying to
explain the steps/measures which will help us defend from DDOS
attack, up to a certain extend.

What is a DDOS attack?

Simply said, DDOS is an advanced version of DOS attack. Like
DOS, DDOS also tries to deny the important services running on
a server by broadcasting packets to the destination server in a
way that the Destination server cannot handle it. The speciality
of the DDOS is that, it relays attacks not from a single network/
host like DOS. The DDOS attack will be launched from different
dynamic networks which has already been compromised.

Normally, DDOS consists of 3 parts . One is the Master ,Other
the slave and atlast the victim. The master is the attack
launcher ie the person/machine behind all this,sound's COOL
right. The slave is the network which is being compromised
by the Master and Victim is the target site/server. Master
informs the compromised machines, so called slaves to launch
attack on the victim's site/machine. Hence its also called
co-ordinated attack.

In my term, Master is said to be the Master Brain, Slave is
said to be the launch pad for the attack and Victim is the
target.

How do they Do it?

DDOS is done in 2 phases. In the first phase they try to
compromise weak machines in different networks around the
world. This phase is called Intrusion Phase. Its in the next
phase that they install DDOS tools and starts attacking the
victims machines/site. This Phase is called Distributed DoS
attacks phase.


Read Full Paper
http://www.linuxsecurity.com/content/view/121960/49/

----------------------

EnGarde Secure Community 3.0.4 Released

Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.4 (Version 3.0, Release 4). This release
includes several bug fixes and feature enhancements to the Guardian
Digital WebTool and the SELinux policy, and several new packages
available for installation.

http://www.linuxsecurity.com/content/view/121560/65/

---

Linux File & Directory Permissions Mistakes

One common mistake Linux administrators make is having file and
directory permissions that are far too liberal and allow access
beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this
article, so I'll assume you are familiar with the usage of such
tools as chmod, chown, and chgrp. If you'd like a refresher, one
is available right here on linuxsecurity.com.

http://www.linuxsecurity.com/content/view/119415/49/

---

Buffer Overflow Basics

A buffer overflow occurs when a program or process tries to
store more data in a temporary data storage area than it was
intended to hold. Since buffers are created to contain a finite
amount of data, the extra information can overflow into adjacent
buffers, corrupting or overwriting the valid data held in them.

http://www.linuxsecurity.com/content/view/119087/49/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New zoph packages fix SQL injection
  9th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121857


* Debian: New bluez-hcidump packages fix denial of service
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121875


* Debian: New curl packages fix potential security problem
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121876


* Debian: New zoo packages fix arbitrary code execution
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121877


* Debian: New ffmpeg packages fix arbitrary code execution
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121878


* Debian: New GnuPG packages fix broken signature check
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121891


* Debian: New freeciv packages fix denial of service
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121898


* Debian: New metamail packages fix arbitrary code execution
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121899


* Debian: New Crypt::CBC packages fix cryptographic weakness
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121900


* Debian: New GnuPG packages fix broken signature check
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121903


* Debian: New bomberclone packages fix arbitrary code execution
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121910


* Debian: New libextractor packages fix several vulnerabilities
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121912


* Debian: New lurker packages fix several vulnerabilities
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121914


* Debian: New Apache2::Request packages fix denial of service
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121915


* Debian: New crossfire packages fix arbitrary code execution
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121916


* Debian: New webcalendar packages fix several vulnerabilities
  15th, March, 2006

Several security related problems have been discovered in
webcalendar, a PHP based multi-user calendar. The Common
Vulnerabilities and Exposures project identifies the following
vulnerabilities.

http://www.linuxsecurity.com/content/view/121926


* Debian: New xpvm packages fix insecure temporary file
  16th, March, 2006

Eric Romang discoverd that xpvm, a graphical console and monitor for
PVM, creates a temporary file that allows local attackers to create
or overwrite arbitrary files with the privileges of the user running
xpvm.

http://www.linuxsecurity.com/content/view/121949


* Debian: New vlc packages fix arbitrary code execution
  16th, March, 2006

Simon Kilvington discovered that specially crafted PNG images can
trigger a heap overflow in libavcodec, the multimedia library of
ffmpeg, which may lead to the execution of arbitrary code. The vlc
media player links statically against libavcodec.

http://www.linuxsecurity.com/content/view/121951


+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

* Fedora Core 4 Update: net-tools-1.60-52.fc4.2
  10th, March, 2006

The update adds two new options for netstat; T stops trimming remote
and local addresses; Z shows selinux context, and fixes doublefree
bug in route and netstat.

http://www.linuxsecurity.com/content/view/121882


* Fedora Core 4 Update: tcsh-6.14-1.fc4.2
  11th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121894


* Fedora Core 4 Update: shadow-utils-4.0.12-8.FC4
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121909


* Fedora Core 4 Update: gnupg-1.4.2.2-1
  13th, March, 2006

Tavis Ormandy discovered a flaw in the way GnuPG verifies
cryptographically signed data with inline signatures. It is possible
for an attacker to add unsigned text to a signed message in such a
way so that when the signed text is extracted, the unsigned text is
extracted as well, appearing as if it had been signed.	The Common
Vulnerabilities and Exposures project assigned the name CVE-2006-0049
to this issue.

http://www.linuxsecurity.com/content/view/121911


* Fedora Core 4 Update: db4-4.3.27-5.fc4
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121922


+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

* Gentoo: GNU tar Buffer overflow
  10th, March, 2006

A malicious tar archive could trigger a Buffer overflow in GNU tar,
potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/121884


* Gentoo: flex Potential insecure code generation
  10th, March, 2006

flex might generate code with a buffer overflow, making applications
using such scanners vulnerable to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/121892


* Gentoo: GnuPG Incorrect signature verification
  10th, March, 2006

GnuPG may erroneously report a modified or unsigned message has a
valid digital signature.

http://www.linuxsecurity.com/content/view/121893


* Gentoo: SquirrelMail Cross-site scripting and IMAP command
injection
  12th, March, 2006

SquirrelMail is vulnerable to several cross-site scripting
vulnerabilities and IMAP command injection.

http://www.linuxsecurity.com/content/view/121895


* Gentoo: Cube Multiple vulnerabilities
  12th, March, 2006

Cube is vulnerable to a buffer overflow, invalid memory access and
remote client crashes, possibly leading to a Denial of Service or
remote code execution.

http://www.linuxsecurity.com/content/view/121897


* Gentoo: Freeciv Denial of Service
  16th, March, 2006

A memory allocation bug in Freeciv allows a remote attacker to
perform a Denial of Service attack.

http://www.linuxsecurity.com/content/view/121944


* Gentoo: zoo Buffer overflow
  16th, March, 2006

A buffer overflow in zoo may be exploited to execute arbitrary when
creating archives of specially crafted directories and files.

http://www.linuxsecurity.com/content/view/121945


+---------------------------------+
|  Distribution: Mandriva         | ----------------------------//
+---------------------------------+

* Mandriva: Updated php packages fix vulnerability
  9th, March, 2006

A flaw in the PHP gd extension in versions prior to 4.4.1 could allow
a remote attacker to bypass safe_mode and open_basedir restrictions
via unknown attack vectors.

http://www.linuxsecurity.com/content/view/121871


* Mandriva: Updated gnupg packages fix signature file verification
vulnerability
  14th, March, 2006

Another vulnerability, different from that fixed in MDKSA-2006:043
(CVE-2006-0455), was discovered in gnupg in the handling of signature
files.

http://www.linuxsecurity.com/content/view/121913


+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Moderate: python security update
  9th, March, 2006

Updated Python packages are now available to correct a security
issue. This update has been rated as having moderate security impact
by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121869


* RedHat: Important: kdegraphics security update
  9th, March, 2006

Updated kdegraphics packages that fully resolve a security issue in
kpdf are now available. This update has been rated as having
important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121870


* RedHat: Moderate: initscripts security update
  15th, March, 2006

Updated initscripts packages that fix a privilege escalation issue
and several bugs are now available. This update has been rated as
having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121930


* RedHat: Moderate: squid security update
  15th, March, 2006

Updated squid packages that fix a security vulnerability as well as
several bugs are now available. This update has been rated as having
moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121931


* RedHat: Low: vixie-cron security update
  15th, March, 2006

An updated vixie-cron package that fixes a bug and security issue is
now available. This update has been rated as having low security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121932


* RedHat: Updated kernel packages available for Red Hat
  15th, March, 2006

Updated kernel packages are now available as part of ongoing support
and maintenance of Red Hat Enterprise Linux version 3.	This is the
seventh regular update. This security advisory has been rated as
having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121933


* RedHat: Important: gnupg security update
  15th, March, 2006

An updated GnuPG package that fixes signature verification flaws as
well as minor bugs is now available. This update has been rated as
having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121934


* RedHat: Critical: flash-plugin security update
  15th, March, 2006

An updated Macromedia Flash Player package that fixes a security
issue is now available. This update has been rated as having
critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121943


+---------------------------------+
|  Distribution: SuSE             | ----------------------------//
+---------------------------------+

* SuSE: gpg signature checking problems
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121883

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request at linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------





More information about the ISN mailing list