LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 19th, 2014
Linux Security Week: September 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: May 20th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for kde, phpsysinfo, fonts-xorg, gaim, phpBB, mozilla suite, PostgreSQL, FreeRADIUS, ncpfs, kdelibs, cyrus-imapd, rsh, glibc, ia32el, and the Red Hat kernel. The distributors include Conectiva, Debian, Fedora, Gentoo, and Red Hat.


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design.
Buffer Overflow Basics
By: Suhas Desai

A buffer overflow occurs when a program or process tries to store more data in a temporary data storage area than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information can overflow into adjacent buffers, corrupting or overwriting the valid data held in them.

Buffer overflows are a fertile source of bugs and malicious attacks. They occur when a program attempts to write data past the end of a buffer. A buffer is a contiguous allocated chunk of memory, such as an array or pointer in C. Limitation of C and C++ is there are no automatic bounds checking on the buffer where user can write past a buffer as given in example.

Note: All examples are compiled on Linux platform having x86 configuration.

  int main () 

  {
  	int buffer [10];
  	buffer[20]=10;
  }

After execution of this program it won’t give errors but program attempts to write beyond the allocated memory for the buffer which results for unexpected output.

	void function (char *str) 

	{
		char buffer[16];
		strcpy(buffer,str);
	}
	
    int main()

	{

	char *str=�I am greater than 16 bytes�;
	function(str);

	}

This program is guaranteed to cause unexpected behavior, because a string (str) of 27 bytes has been copied to a location (buffer) that has been allocated for only 16 bytes. The extra bytes run past the buffer and overwrite the space allocated for the FP, return address and so on. This corrupts the process stack. The function used to copy the string is strcpy, which completes no checking of bounds. Using strncpy would have prevented this corruption of the stack.

 Example:

int main()

	{
		char buff[15]={0};
		printf(“Enter your name:�);
		scanf(buff,�%s�);
	}

In this example, program reads a string from the standard input but does not check strings length. If the string has more than 14 characters, then it causes a buffer overflow as scanf() tries to write the remaining character past buff’s end.

Note: One character is always reserved for a null terminator.

The result is most likely a segmentation fault that crashes the program. In certain conditions, the users will receive a shell’s prompt after the crash. Even if the shell has restricted privileges, they can examine the values of environment variables; list the current directory files to detect the network with the pig command.

Read Full Article


LinuxSecurity.com Feature Extras:

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

The Tao of Network Security Monitoring: Beyond Intrusion Detection - To be honest, this was one of the best books that I've read on network security. Others books often dive so deeply into technical discussions, they fail to provide any relevance to network engineers/administrators working in a corporate environment. Budgets, deadlines, and flexibility are issues that we must all address. The Tao of Network Security Monitoring is presented in such a way that all of these are still relevant.

Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Contectiva
  Conectiva: kde Fixes for multiple KDE security vulnerabilities
  17th, May, 2005

KDE[1] is a very popular graphical desktop environment available for GNU/Linux and other operating systems.

http://www.linuxsecurity.com/content/view/119126
 
   Debian
  Debian: New phpsysinfo packages fix cross site scripting
  18th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119140
 
   Fedora
  Fedora Core 3 Update: fonts-xorg-6.8.2-0.FC3.1
  16th, May, 2005

The fonts-xorg packages included in the initial release of Fedora Core 3 contain a number of minor glitches which have been fixed in this update release.

http://www.linuxsecurity.com/content/view/119123
 
  Fedora Core 3 Update: squid-2.5.STABLE9-1.FC3.6
  17th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119135
 
   Gentoo
  Gentoo: Gaim Denial of Service and buffer overflow vulnerabilties
  12th, May, 2005

Gaim contains two vulnerabilities, potentially resulting in the execution of arbitrary code or Denial of Service.

http://www.linuxsecurity.com/content/view/119107
 
  Gentoo: phpBB Cross-Site Scripting Vulnerability
  14th, May, 2005

phpBB is vulnerable to a cross-site scripting attack that could allow arbitrary scripting code execution.

http://www.linuxsecurity.com/content/view/119117
 
  Gentoo: Mozilla Suite, Mozilla Firefox Remote compromise
  15th, May, 2005

Several vulnerabilities in the Mozilla Suite and Firefox allow an attacker to conduct cross-site scripting attacks or to execute arbitrary code.

http://www.linuxsecurity.com/content/view/119118
 
  Gentoo: PostgreSQL Multiple vulnerabilities
  15th, May, 2005

PostgreSQL is vulnerable to Denial of Service attacks and possibly allows unprivileged users to gain administrator rights.

http://www.linuxsecurity.com/content/view/119119
 
  Gentoo: FreeRADIUS Buffer overflow and SQL injection vulnerability
  17th, May, 2005

The FreeRADIUS server is vulnerable to a buffer overflow and an SQL injection attack, possibly allowing the compromise of the system.

http://www.linuxsecurity.com/content/view/119129
 
   Red Hat
  RedHat: Moderate: ncpfs security update
  17th, May, 2005

An updated ncpfs package is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119130
 
  RedHat: Important: kdelibs security update
  17th, May, 2005

Updated kdelibs packages that fix a flaw in kimgio input validation are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119131
 
  RedHat: Moderate: cyrus-imapd security update
  17th, May, 2005

Updated cyrus-imapd packages that fix several buffer overflow security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119132
 
  RedHat: Low: rsh security update
  18th, May, 2005

Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team

http://www.linuxsecurity.com/content/view/119141
 
  RedHat: Low: openssh security update
  18th, May, 2005

Updated openssh packages that fix a potential security vulnerability and various other bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119142
 
  RedHat: Low: glibc security update
  18th, May, 2005

Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119143
 
  RedHat: Low: ia32el security update
  18th, May, 2005

An updated ia32el package that fixes several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119144
 
  RedHat: Updated kernel packages available for Red Hat
  18th, May, 2005

Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the fifth regular update.

http://www.linuxsecurity.com/content/view/119145
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Google to turn on encryption by default in next Android version
TOR users become FBI's No.1 hacking target after legal power grab
OWASP Releases Latest App Sec Guide
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.