LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 24th, 2014
Linux Security Week: October 20th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: July 15th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Peter O'Hara   
Linux Advisory Watch This week, advisories were released for fuse, drupal, egroupware, ettercap, dhcpcd, ruby, squid, gzip, gedit, centericq, tiff, squirrelmail, kdegraphics, dlm-kernel, gnbd-kernel, cman-kernel, GFS-kernel, procps, libwnck, metacity, gaim, audit, libxml2, dhcp, lam, vixie-cron, krb5, net-snmp, selinux-policy-targeted, bind, rpm, openssh, pam, phpWebSite, phpGroupWare, Adobe Acrobat Reader, Ruby, MIT Kerberos 5, Bugzilla, pam_ldap, nss_ldap, Mozilla Firefox, krb5, cups. The distributors include Debian, Fedora, Gentoo, and Red Hat.
Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design.

Linux File & Directory Permissions Mistakes
By: Pax Dickinson

Greetings, gentle reader, and welcome to linuxsecurity.com and our new recurring series of articles on security related mistakes and how to avoid them. I'm your host, Pax Dickinson, and today we'll be reviewing basic Linux file and directory permissions and how to avoid some common pitfalls in their use, in this episode of Hacks From Pax.

One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

I've witnessed systems administrators whose response to a user complaining about being denied access to a given file is to chmod 777 the file (or entire directory tree) in question. This is an absolutely disastrous security practice, the administrator has just granted write access to the file to any user on the system. Any compromised service will allow an attacker to modify the file, which could result in further access depending on the file in question. For example, an attacker gaining write access to a script that is occasionally run by root can parlay this seemingly minor security hole into full root access for himself.

  • Never make files world-writable. Most files do not need to be world readable either.

  • You can search for world-writable files under your current directory by issuing the following command: find . -perm -2 -print

A related mistake is in the misuse of suid root binaries. These are programs which can be launched by a user but run with all the privileges of root. These programs are needed to perform tasks such as changing a user's password, since that requires a write to the system's password file which normally cannot be modified by anyone but root. A flaw that allows an attacker to gain a shell prompt in such a program can give an attacker root access to the system. These binaries should be carefully limited and must be kept up to date with appropriate security patches to minimize their risk. A common backdoor installed by successful attackers is a copy of /bin/sh set suid root. This can be run by any user on the system, without a password, and will result in full root access.

Read Complete Article:
http://www.linuxsecurity.com/content/view/119415/49/

 

LinuxSecurity.com Feature Extras:

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

The Tao of Network Security Monitoring: Beyond Intrusion Detection - To be honest, this was one of the best books that I've read on network security. Others books often dive so deeply into technical discussions, they fail to provide any relevance to network engineers/administrators working in a corporate environment. Budgets, deadlines, and flexibility are issues that we must all address. The Tao of Network Security Monitoring is presented in such a way that all of these are still relevant.

Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New ht packages fix arbitrary code execution
  8th, July, 2005

Several problems have been discovered in ht, a viewer, editor and analyser for various executables, that may lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119530
 
  Debian: New fuse packages fix information disclosure
  8th, July, 2005

Sven Tantau discovered a security problem in fuse, a filesystem in userspace, that can be exploited by malicious local users to disclose potentially sensitive information.

http://www.linuxsecurity.com/content/view/119532
 
  Debian: New drupal package fixes multiple vulnerabilities
  9th, July, 2005

Two input validation errors were discovered in drupal and its bundled xmlrpc module. These errors can lead to the execution of arbitrary commands on the web server running drupal.

http://www.linuxsecurity.com/content/view/119537
 
  Debian: New egroupware packages fix remote command execution
  10th, July, 2005

A vulnerability has been identified in the xmlrpc library included in the egroupware package. This vulnerability could lead to the execution of arbitrary commands on the server running egroupware.

http://www.linuxsecurity.com/content/view/119539
 
  Debian: New ettercap packages fix arbitrary code execution
  10th, July, 2005

A vulnerability was discovered in the ettercap package which could allow a remote attacker to execute arbitrary code on the system running ettercap.

http://www.linuxsecurity.com/content/view/119540
 
  Debian: New dhcpcd packages fix denial of service
  11th, July, 2005

dhcpcd, a DHCP client for automatically configuring IPv4 networking, can be tricked into reading past the end of the supplied DHCP buffer which could lead to the daemon crashing.

http://www.linuxsecurity.com/content/view/119543
 
  Debian: New ruby1.8 packages fix arbitrary command execution
  11th, July, 2005

A vulnerability has been discovered in ruby1.8 that could allow arbitrary command execution on a server running the ruby xmlrpc server.

http://www.linuxsecurity.com/content/view/119544
 
  Debian: New squid packages fix IP spoofing vulnerability
  11th, July, 2005

The upstream developers have discovered a bug in the DNS lookup code of Squid, the popular WWW proxy cache.

http://www.linuxsecurity.com/content/view/119550
 
  Debian: New gzip packages fix several vulnerabilities
  11th, July, 2005

Two problems have been discovered in gzip, the GNU compression utility.

http://www.linuxsecurity.com/content/view/119551
 
  Debian: New gedit packages fix denial of service
  12th, July, 2005

A format string vulnerability has been discovered in gedit, a light-weight text editor for GNOME, that may allow attackers to cause a denial of service (application crash) via a binary file with format string specifiers in the filename.

http://www.linuxsecurity.com/content/view/119565
 
  Debian: centericq 4.20.0
  13th, July, 2005

Eric Romang discovered that centericq, a text-mode multi-protocol instant messenger client, creates some temporary files with predictable filenames and is hence vulnerable to symlink attacks by local attackers.

http://www.linuxsecurity.com/content/view/119584
 
  Debian: New tiff packages fix arbitrary code execution
  13th, July, 2005

Frank Warmerdam discovered a stack-based buffer overflow in libtiff, the Tag Image File Format library for processing TIFF graphics files that can lead to the executionof arbitrary code via malformed TIFF files.

http://www.linuxsecurity.com/content/view/119585
 
  Debian: New squirrelmail packages fix several vulnerabilities
  13th, July, 2005

Several vulnerabilities have been discovered in Squirrelmail, a commonly used webmail system.

http://www.linuxsecurity.com/content/view/119594
 
  Debian: New packages fix remote command execution in phpgroupware
  13th, July, 2005

A vulnerability had been identified in the xmlrpc library included with phpgroupware, a web-based application including email, calendar and other groupware functionality. This vulnerability could lead to the execution of arbitrary commands on the server running phpgroupware.

http://www.linuxsecurity.com/content/view/119602
 
   Fedora
  Fedora Core 4 Update: kdegraphics-3.4.1-0.fc4.2
  11th, July, 2005

The new package fixes the rendering problem in kdvi.

http://www.linuxsecurity.com/content/view/119552
 
  Fedora Core 4 Update: dlm-kernel-2.6.11.5-20050601.152643.FC4.9
  11th, July, 2005

Update for latest FC4 kernel.

http://www.linuxsecurity.com/content/view/119554
 
  Fedora Core 4 Update: gnbd-kernel-2.6.11.2-20050420.133124.FC4.42
  11th, July, 2005

Updated for latest kernel.

http://www.linuxsecurity.com/content/view/119555
 
  Fedora Core 4 Update: cman-kernel-2.6.11.5-20050601.152643.FC4.8
  11th, July, 2005

Update for latest kernel.

http://www.linuxsecurity.com/content/view/119556
 
  Fedora Core 4 Update: GFS-kernel-2.6.11.8-20050601.152643.FC4.1
  11th, July, 2005

Update for latest kernel.

http://www.linuxsecurity.com/content/view/119557
 
  Fedora Core 4 Update: GFS-kernel-2.6.11.8-20050601.152643.FC4.1
  11th, July, 2005

Update for latest kernel.

http://www.linuxsecurity.com/content/view/119558
 
  Fedora Core 4 Update: procps-3.2.5-6.3
  11th, July, 2005

Package updated.

http://www.linuxsecurity.com/content/view/119559
 
  Fedora Core 3 Update: procps-3.2.3-5.3
  11th, July, 2005

Package updated.

http://www.linuxsecurity.com/content/view/119560
 
  Fedora Core 4 Update: libwnck-2.10.0-4.fc4
  11th, July, 2005

Package updated.

http://www.linuxsecurity.com/content/view/119561
 
  Fedora Core 4 Update: metacity-2.10.0-2.fc4
  11th, July, 2005

Package updated.

http://www.linuxsecurity.com/content/view/119562
 
  Fedora Core 4 Update: gaim-1.4.0-4.fc4
  11th, July, 2005

Package updated.

http://www.linuxsecurity.com/content/view/119563
 
  Fedora Core 3 Update: gaim-1.4.0-4.fc3
  11th, July, 2005

Package updated.

http://www.linuxsecurity.com/content/view/119564
 
  Fedora Core 4 Update: audit-0.9.15-1.FC4
  12th, July, 2005

This update adds interpretive mode for ausearch utility to make results easier to read, sighup support, big performance improvements, lots of bug fixes, more documentation in man pages, and more syslog information for failure conditions.

http://www.linuxsecurity.com/content/view/119570
 
  Fedora Core 4 Update: libxml2-2.6.20-1.FC4
  12th, July, 2005

This update fixes 162837 about XPath and XSLT problems with 2.6.19 as well as a number of bug fixes upstream, especially on W3C XML Schemas conformance.

http://www.linuxsecurity.com/content/view/119571
 
  Fedora Core 3 Update: dhcp-3.0.1-44_FC3
  12th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119572
 
  Fedora Core 4 Update: dhcp-3.0.2-14.FC4
  12th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119573
 
  Fedora Core 3 Update: lam-7.1.1-6.FC3
  12th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119576
 
  Fedora Core 4 Update: lam-7.1.1-6.FC4
  12th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119577
 
  Fedora Core 3 Update: vixie-cron-4.1-36.FC3
  12th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119579
 
  Fedora Core 4 Update: vixie-cron-4.1-36.FC4
  12th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119580
 
  Fedora Core 3 Update: krb5-1.3.6-7
  12th, July, 2005

A double-free flaw was found in the krb5_recvauth() routine which may be triggered by a remote unauthenticated attacker. Fedora Core 3 contains checks within glibc that detect double-free flaws. Therefore, on Fedora Core 3, successful exploitation of this issue can only lead to a denial of service (KDC crash).

http://www.linuxsecurity.com/content/view/119581
 
  Fedora Core 4 Update: krb5-1.4.1-5
  12th, July, 2005

A double-free flaw was found in the krb5_recvauth() routine which may be triggered by a remote unauthenticated attacker. Fedora Core 4 contains checks within glibc that detect double-free flaws. Therefore, on Fedora Core 4, successful exploitation of this issue can only lead to a denial of service (KDC crash).

http://www.linuxsecurity.com/content/view/119582
 
  Fedora Core 4 Update: net-snmp-5.2.1.2-fc4.1
  13th, July, 2005

A security vulnerability has been found in Net-SNMP releases that could allow a denial of service attack against Net-SNMP agent"s which have opened a stream based protocol (EG, TCP but not UDP; it should be noted that Net-SNMP does not by default open a TCP port).

http://www.linuxsecurity.com/content/view/119591
 
  Fedora Core 3 Update: net-snmp-5.2.1.2-FC3.1
  13th, July, 2005

Fixes DoS bug (#162908).

http://www.linuxsecurity.com/content/view/119592
 
  Fedora Core 4 Update: selinux-policy-targeted-1.25.1-9
  13th, July, 2005

Fix saslauthd.

http://www.linuxsecurity.com/content/view/119593
 
  Fedora Core 3 Update: bind-9.2.5-2
  13th, July, 2005

New package released.

http://www.linuxsecurity.com/content/view/119595
 
  Fedora Core 4 Update: bind-9.3.1-6.FC4
  13th, July, 2005

New package released.

http://www.linuxsecurity.com/content/view/119596
 
  Fedora Core 4 Update: rpm-4.4.1-22
  13th, July, 2005

This update corrects security problem CAN-2005-2096, a zlib fix.

http://www.linuxsecurity.com/content/view/119597
 
  Fedora Core 4 Update: openssh-4.1p1-3.1
  13th, July, 2005

This update rebases openssh to 4.1p1 upstream. This upstream release is only a bug fix release so the changes should be minimal. Also /etc/nologin processing has been changed so it is not done twice.

http://www.linuxsecurity.com/content/view/119599
 
  Fedora Core 4 Update: pam-0.79-9.1
  13th, July, 2005

This update fixes a regression in XAUTHORITY handling and updates auditing support. It requires audit-libs update due to changes in its API.

http://www.linuxsecurity.com/content/view/119600
 
   Gentoo
  Gentoo: phpWebSite Multiple vulnerabilities
  10th, July, 2005

phpWebSite is vulnerable to the remote execution of arbitrary PHP script code and to other, yet undisclosed, vulnerabilities.

http://www.linuxsecurity.com/content/view/119538
 
  Gentoo: phpGroupWare, eGroupWare PHP script injection vulnerability
  10th, July, 2005

phpGroupWare and eGroupWare include an XML-RPC implementation which allows remote attackers to execute arbitrary PHP script commands.

http://www.linuxsecurity.com/content/view/119541
 
  Gentoo: Adobe Acrobat Reader Buffer overflow vulnerability
  11th, July, 2005

Adobe Acrobat Reader is vulnerable to a buffer overflow that could lead to remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119548
 
  Gentoo: Ruby Arbitrary command execution through XML-RPC
  11th, July, 2005

A vulnerability in XMLRPC.iPIMethods allows remote attackers to execute arbitrary commands.

http://www.linuxsecurity.com/content/view/119549
 
  Gentoo: MIT Kerberos 5 Multiple vulnerabilities
  12th, July, 2005

MIT Kerberos 5 is vulnerable to a Denial of Service attack and remote execution of arbitrary code, possibly leading to the compromise of the entire Kerberos realm.

http://www.linuxsecurity.com/content/view/119578
 
  Gentoo: Bugzilla Unauthorized access and information
  13th, July, 2005

Multiple vulnerabilities in Bugzilla could allow remote users to modify bug flags or gain sensitive information.

http://www.linuxsecurity.com/content/view/119601
 
  Gentoo: pam_ldap and nss_ldap Plain text authentication
  14th, July, 2005

The pam_ldap and nss_ldap modules fail to restart TLS when following a referral, possibly leading to credentials being sent in plain text.

http://www.linuxsecurity.com/content/view/119604
 
  Gentoo: Mozilla Firefox Multiple Vulnerabilities
  15th, July, 2005

Several vulnerabilities in Mozilla Firefox allow attacks ranging from execution of script code with elevated privileges to information leak.

http://www.linuxsecurity.com/content/view/119617
 
   Red Hat
  RedHat: Critical: Adobe Acrobat Reader security update
  8th, July, 2005

Updated acroread packages that fix a security issue are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119535
 
  RedHat: Critical: krb5 security update
  12th, July, 2005

Updated krb5 packages which fix multiple security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119574
 
  RedHat: Important: krb5 security update
  12th, July, 2005

Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119575
 
  RedHat: cups security update
  14th, July, 2005

Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119613
 

 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Disaster as CryptoWall encrypts US firm's entire server installation
Now Everyone Wants to Sell You a Magical Anonymity Router. Choose Wisely
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.