LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: April 1st 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for ethereal, kernel, netkit-telnet, mc, mailreader, samba, mozilla, lsof, thunderbird, epiphany, devhelp, spamassassin, slypheed, krb5, xorg, telnet, foomatic, squid, ImageMagick, gdk, mpg321, ipsec-tools, htdig, grip, mysql, XFree86, and MySQL. The distributors include Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, and SuSE.


FREE ANTI-SPAM EVALUATION: Roaring Penguin Software - At last! An anti-spam solution that lets you stop spam on YOUR terms by giving you full control over its setup and administration. CanIt-PRO provides you with as much (or as little!) administrative and end-user control as you want. Try a free 20-day evaluation and test it out yourself. Click to find out more!

Information Security Techniques

When addressing matters of information confidentiality, integrity, and availability, there are four perspectives that can be taken when introducing security controls. A control can be a protection, detection, response, or assurance mechanism. It is not uncommon for a single control to provide information security on multiple levels.

Protection
A protection mechanism is used to prevent security incidents from occurring. Examples of protection mechanisms include: firewall rules, access control lists, encrypting packets that transverse over a network, passwords, biometrics, etc.

Detection
It is an information security mechanism that detects when an incident is occurring, and allows a business to adjust its course of action. Detection mechanisms include: intrusion detection systems, virus/spam scanners, vulnerability scanning, quotas, logging alerts, etc. Detection mechanisms often lead into response mechanisms, and are often the same as or similar to assurance mechanisms.

Response
A response mechanism addresses the consequences of a security incident and helps the organization return to a normal state. Response mechanisms can either be in the form of technical security controls (e.g. intrusion prevention system), policy (e.g. requiring a computer emergency response team), or procedures developed for all persons to follow during an incident.

Assurance
Assurance mechanisms give management or third parties the ability to verify the effectiveness of the security controls in place. It may include logging, auditing, and reporting capabilities. Assurance is important to help justify further expenditure on information security projects.

Until next time, cheers!
Benjamin D. Thomas

 

LinuxSecurity.com Feature Extras:

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

The Tao of Network Security Monitoring: Beyond Intrusion Detection - To be honest, this was one of the best books that I've read on network security. Others books often dive so deeply into technical discussions, they fail to provide any relevance to network engineers/administrators working in a corporate environment. Budgets, deadlines, and flexibility are issues that we must all address. The Tao of Network Security Monitoring is presented in such a way that all of these are still relevant.

Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Contectiva
  Conectiva: ethereal Fixes for security vulnerabilities in ethereal
  28th, March, 2005

Ethereal[1] is a powerful network traffic analyzer with a graphical user interface (GUI).

http://www.linuxsecurity.com/content/view/118712
 
  Conectiva: kernel Kernel fixes
  31st, March, 2005

The Linux kernel is responsible for handling the basic functions of the GNU/Linux operating system.

http://www.linuxsecurity.com/content/view/118764
 
   Debian
  Debian: New netkit-telnet packages fix arbitrary code execution
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118726
 
  Debian: New mc packages fix buffer overflow
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118728
 
  Debian: New netkit-telnet-ssl packages fix arbitrary code execution
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118729
 
  Debian: New mailreader packages fix cross-site scripting vulnerability
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118746
 
  Debian: New samba packages fix arbitrary code execution
  31st, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118763
 
   Fedora
  Fedora Core 2 Update: mozilla-1.7.6-1.2.2
  25th, March, 2005

A buffer overflow bug was found in the way Mozilla processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim.

http://www.linuxsecurity.com/content/view/118704
 
  Fedora Core 3 Update: lsof-4.72-2.2
  24th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118697
 
  Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.90
  24th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118698
 
  Fedora Core 3 Update: thunderbird-1.0.2-1.3.2
  24th, March, 2005

There was an issue with a patch being incorrectly applied which caused the Advanced Preferences panel to fail to load.

http://www.linuxsecurity.com/content/view/118699
 
  Fedora Core 2 Update: epiphany-1.2.10-0.2.1
  25th, March, 2005

There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/118705
 
  Fedora Core 2 Update: devhelp-0.9.1-0.2.5
  25th, March, 2005

There were several security flaws found in the mozilla package, which devhelp depends on. Users of devhelp are advised to upgrade to this updated package which has been rebuilt against a later version of mozilla which is not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/118706
 
  Fedora Core 2 Update: kernel-2.6.10-1.771_FC2
  28th, March, 2005

Updated Package.

http://www.linuxsecurity.com/content/view/118717
 
  Fedora Core 3 Update: squirrelmail-1.4.4-1.FC3
  28th, March, 2005

Multiple issues in squirrelmail (CAN-2005-0104) Upgrade to 1.4.4

http://www.linuxsecurity.com/content/view/118719
 
  Fedora Core 2 Update: squirrelmail-1.4.4-1.FC2
  28th, March, 2005

Multiple issues in squirrelmail (CAN-2005-0104) Upgrade to 1.4.4

http://www.linuxsecurity.com/content/view/118720
 
  Fedora Core 3 Update: spamassassin-3.0.2-0.fc3
  28th, March, 2005

http://wiki.apache.org/spamassassin/changes302 Upstream bug fixes.

http://www.linuxsecurity.com/content/view/118721
 
  Fedora Core 2 Update: mozilla-1.7.6-1.2.5
  29th, March, 2005

This update supercedes the previous 1.7.6-1.2.2 which mistakenly had dependencies on FC3.

http://www.linuxsecurity.com/content/view/118731
 
  Fedora Core 2 Update: sylpheed-1.0.4-0.fc2
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118732
 
  Fedora Core 3 Update: sylpheed-1.0.4-0.fc3
  29th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118733
 
  Fedora Core 2 Update: krb5-1.3.6-4
  29th, March, 2005

Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available.

http://www.linuxsecurity.com/content/view/118735
 
  Fedora Core 3 Update: krb5-1.3.6-5
  29th, March, 2005

Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available.

http://www.linuxsecurity.com/content/view/118736
 
  Fedora Core 3 Update: xorg-x11-6.8.2-1.FC3.13
  29th, March, 2005

An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images.

http://www.linuxsecurity.com/content/view/118739
 
  Fedora Core 2 Update: xorg-x11-6.7.0-14
  29th, March, 2005

An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library.

http://www.linuxsecurity.com/content/view/118740
 
  Fedora Core 3 Update: system-config-services-0.8.21-0.fc3.1
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118748
 
  Fedora Core 3 Update: telnet-0.17-32.FC3.2
  30th, March, 2005

Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues.

http://www.linuxsecurity.com/content/view/118749
 
  Fedora Core 3 Update: foomatic-3.0.2-13.3
  30th, March, 2005

This is an update to a newer version.

http://www.linuxsecurity.com/content/view/118750
 
  Fedora Core 2 Update: squid-2.5.STABLE9-1.FC2.2
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118751
 
  Fedora Core 3 Update: squid-2.5.STABLE9-1.FC3.4
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118752
 
  Fedora Core 2 Update: telnet-0.17-28.FC2.1
  30th, March, 2005

Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues.

http://www.linuxsecurity.com/content/view/118753
 
  Fedora Core 2 Update: ImageMagick-6.2.0.7-2.fc2
  30th, March, 2005

Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image.

http://www.linuxsecurity.com/content/view/118754
 
  Fedora Core 3 Update: ImageMagick-6.2.0.7-2.fc3
  30th, March, 2005

Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image.

http://www.linuxsecurity.com/content/view/118755
 
  Fedora Core 2 Update: gdk-pixbuf-0.22.0-12.fc2
  30th, March, 2005

David Costanzo found a bug in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue.

http://www.linuxsecurity.com/content/view/118756
 
  Fedora Core 3 Update: gdk-pixbuf-0.22.0-16.fc3
  30th, March, 2005

David Costanzo found a bug in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue.

http://www.linuxsecurity.com/content/view/118757
 
  Fedora Core 2 Update: gtk2-2.4.14-2.fc2
  30th, March, 2005

David Costanzo found a bug in the way GTK+ processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against GTK+. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue.

http://www.linuxsecurity.com/content/view/118758
 
  Fedora Core 3 Update: gtk2-2.4.14-3.fc3
  30th, March, 2005

David Costanzo found a bug in the way GTK+ processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack in applications linked against GTK+. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0891 to this issue.

http://www.linuxsecurity.com/content/view/118759
 
  Fedora Core 3 Update: initscripts-7.93.7-1
  30th, March, 2005

This update fixes various bugs, including several IPSEC bugs.

http://www.linuxsecurity.com/content/view/118761
 
  Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.93
  30th, March, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118762
 
   Gentoo
  Gentoo: mpg321 Format string vulnerability
  28th, March, 2005

A flaw in the processing of ID3 tags in mpg321 could potentially lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/118711
 
   Mandrake
  Mandrake: Updated krb5 packages fix
  29th, March, 2005

Two buffer overflow issues were discovered in the way telnet clients handle messages from a server. Because of these issues, an attacker may be able to execute arbitray code on the victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Kerberos package contains a telnet client and is patched to deal with these issues.

http://www.linuxsecurity.com/content/view/118743
 
  Mandrake: Updated ipsec-tools packages
  31st, March, 2005

A bug was discovered in the way that the racoon daemon handled incoming ISAKMP requests. It is possible that an attacker could crash the racoon daemon by sending a specially crafted ISAKMP packet. The updated packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/118767
 
  Mandrake: Updated libexif packages fix
  31st, March, 2005

A buffer overflow was discovered in the way libexif parses EXIF tags. An attacker could exploit this by creating a special EXIF image file which could cause image viewers linked against libexif to crash. The updated packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/118768
 
  Mandrake: Updated htdig packages fix
  31st, March, 2005

A cross-site scripting vulnerability in ht://dig was discovered by Michael Krax. The updated packages have been patched to correct this issue.

http://www.linuxsecurity.com/content/view/118769
 
   Red Hat
  RedHat: Moderate: grip security update
  28th, March, 2005

A new grip package is available that fixes a remote buffer overflow. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118714
 
  RedHat: Important: telnet security update
  28th, March, 2005

Updated telnet packages that fix two buffer overflow vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118715
 
  RedHat: Important: mysql security update
  28th, March, 2005

Updated mysql packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118716
 
  RedHat: Important: krb5 security update
  30th, March, 2005

Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118744
 
  RedHat: Moderate: XFree86 security update
  30th, March, 2005

Updated XFree86 packages that fix a libXpm integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118745
 
   SuSE
  SuSE: several kernel security problems
  24th, March, 2005

The Linux kernel is the core component of the Linux system. Several vulnerabilities were reported in the last few weeks which is fixed by this update.

http://www.linuxsecurity.com/content/view/118695
 
  SuSE: MySQL vulnerabilities
  24th, March, 2005

MySQL is an Open Source database server, commonly used together with web services provided by PHP scripts or similar.

http://www.linuxsecurity.com/content/view/118696
 
  SuSE: ipsec-tools remote denial of service
  31st, March, 2005

Racoon is a ISAKMP key management daemon used in IPsec setups.

http://www.linuxsecurity.com/content/view/118765
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Ottawa Linux Symposium: May get by with a little help from its friends
Black Hat 2014: How to crack just about everything
NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22
More Details of Onion/Critroni Crypto Ransomware Emerge
Is there Another NSA Leaker? Updated
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.