LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: April 15th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week packages were released for axel, gftp, wireless-tools, glibc, selinux-policy-targeted, kernel, autofs, GnomeVFS, phpMyAdmin, shorewall, gtk, shareutils, gdk-buf, kdegraphics, dhcp, and gaim. The distributors include Debian, Fedora, Gentoo, Mandrake, Red Hat, and SuSE.


FREE ANTI-SPAM EVALUATION: Roaring Penguin Software - At last! An anti-spam solution that lets you stop spam on YOUR terms by giving you full control over its setup and administration. CanIt-PRO provides you with as much (or as little!) administrative and end-user control as you want. Try a free 20-day evaluation and test it out yourself. Click to find out more!

Introduction: Buffer Overflow Vulnerabilities
By: Erica R. Thomas

Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Buffer overflow vulnerabilities are one of the most common vulnerabilities. These kinds of vulnerabilities are perfect for remote access attacks because they give the attacker a great opportunity to launch and execute their attack code on the target computer. Broadly speaking, a buffer overflow attack occurs when the attacker intentionally enters more data than a program was written to handle. The data runs over and overflows the section of memory that was set aside to accept it. The extra data overwrites on top on another portion of memory that was meant to hold something else, like part of the program's instructions. This allows an attacker to overwrite data that controls the program and can takeover control of the program to execute the attacker's code instead of the program. Peikari and Chuvakin point out that, "buffer overflows result from an inherent weakness in the C++ programming language." (Peikari and Chuvakin, 2004) The problem is that C++ and other programming languages (those derived from C++), do not automatically perform bounds-checking when passing data. When variables are passed, extra characters could be written past the variable's end. The overflow consequence could result in the program crashing or allowing the attacker to execute their own code on the target system.

In order to make sense of how a buffer is overflowed, one must understand what a buffer is. A program contains code that accesses variables stored in various locations in memory. When a program is executed, a specific amount of memory is assigned for each variable. The amount of memory is determined by the type of data the variable is anticipated to hold. The memory set aside is used to store information that the program needs for its execution. According to Peikari and Chuvakin , "The program stores the value of a variable in this memory space, then pulls the value back out of memory when it's needed." (Peikari and Chuvakin, 2004) A buffer is this virtual space.

Read Full Article:
http://www.linuxsecurity.com/content/view/118881/49/

 

LinuxSecurity.com Feature Extras:

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

The Tao of Network Security Monitoring: Beyond Intrusion Detection - To be honest, this was one of the best books that I've read on network security. Others books often dive so deeply into technical discussions, they fail to provide any relevance to network engineers/administrators working in a corporate environment. Budgets, deadlines, and flexibility are issues that we must all address. The Tao of Network Security Monitoring is presented in such a way that all of these are still relevant.

Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


  Debian: New axel packages fix arbitrary code execution
  13th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118866
 
  Fedora Core 3 Update: gftp-2.0.18-0.FC3
  7th, April, 2005

Updated package

http://www.linuxsecurity.com/content/view/118824
 
  Fedora Core 2 Update: gftp-2.0.18-0.FC2
  7th, April, 2005

Updated package

http://www.linuxsecurity.com/content/view/118825
 
  Fedora Core 3 Update: wireless-tools-27-1.2.0.fc3
  7th, April, 2005

Please see below for changes.

http://www.linuxsecurity.com/content/view/118827
 
  Fedora Core 3 Update: glibc-2.3.5-0.fc3.1
  7th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118836
 
  Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.94
  8th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118839
 
  Fedora Core 3 Update: kernel-2.6.11-1.14_FC3
  11th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118851
 
  Fedora Core 3 Update: selinux-policy-targeted-1.17.30-2.96
  11th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118852
 
  Fedora Core 3 Update: autofs-4.1.3-114
  12th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118862
 
  Fedora Core 3 Update: gcc-3.4.3-22.fc3
  12th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118864
 
  Fedora Core 3 Update: gcc4-4.0.0-0.41.fc3
  12th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/118865
 
  Gentoo: GnomeVFS, libcdaudio CDDB response overflow
  8th, April, 2005

The GnomeVFS and libcdaudio libraries contain a buffer overflow that can be triggered by a large CDDB response, potentially allowing the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/118837
 
  Gentoo: Smarty Template vulnerability
  10th, April, 2005

New ways of bypassing Smarty's "Template security" were found and fixed in Smarty. Users making use of that feature are encouraged to upgrade to version 2.6.9. The updated sections appear below.

http://www.linuxsecurity.com/content/view/118843
 
  Gentoo: phpMyAdmin Cross-site scripting vulnerability
  11th, April, 2005

phpMyAdmin is vulnerable to a cross-site scripting attack.

http://www.linuxsecurity.com/content/view/118850
 
  Gentoo: Axel Vulnerability in HTTP redirection handling
  12th, April, 2005

A buffer overflow vulnerability has been found in Axel which could lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/118863
 
  Mandrake: Updated shorewall packages
  7th, April, 2005

The shorewall package is being updated to provide appropriate bogons information and other minor fixes.

http://www.linuxsecurity.com/content/view/118823
 
  Mandrake: Updated gtk+2.0 packages fix
  7th, April, 2005

A bug was discovered in the way that gtk+2.0 processes BMP images which could allow for a specially crafted BMP to cause a Denial of Service attack on applications linked against gtk+2.0. The updated packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/118832
 
  Mandrake: Updated sharutils packages
  7th, April, 2005

Shaun Colley discovered a buffer overflow in shar that was triggered by output files (using -o) with names longer than 49 characters which could be exploited to run arbitrary attacker-specified code.

http://www.linuxsecurity.com/content/view/118833
 
  Mandrake: Updated gdk-pixbuf packages
  7th, April, 2005

A bug was discovered in the way that gdk-pixbuf processes BMP images which could allow for a specially crafted BMP to cause a Denial of Service attack on applications linked against gdk-pixbuf. The updated packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/118834
 
  RedHat: Moderate: kdegraphics security update
  12th, April, 2005

Updated kdegraphics packages that resolve multiple security issues in kfax are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team

http://www.linuxsecurity.com/content/view/118856
 
  RedHat: Moderate: dhcp security update
  12th, April, 2005

An updated dhcp package that fixes a string format issue is now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118857
 
  RedHat: Important: gaim security update
  12th, April, 2005

An updated gaim package that fixes multiple denial of service issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/118858
 
  SuSE: various KDE security problems
  11th, April, 2005

Several vulnerabilities have been identified and fixed in the KDE desktop environment.

http://www.linuxsecurity.com/content/view/118849
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Ottawa Linux Symposium: May get by with a little help from its friends
Black Hat 2014: How to crack just about everything
NSA Playset, 911 hacked and war cats: A wild ride at DEF CON 22
More Details of Onion/Critroni Crypto Ransomware Emerge
Is there Another NSA Leaker? Updated
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.