LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: July 22nd 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Pax Dickinson   
Linux Advisory Watch This week, advisories were released for krb5, heimdal, phpgadmin, ekg, heartbeat, affix, zlib, cacti, java, diskdumputils, radvd, bind, kdelibs, freeradius, firefox, thunderbird, ypserv, mysql, setarch, openoffice, pvm, fetchmail, mozilla, epiphany, devhelp, yelp, php, ruby, acroread, phpgroupware, dhcpd, mediawiki, cpio, shorewall, and kdenetwork. The distributors include Debian, Fedora, Gentoo, and Red Hat.


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design.

Network Server Monitoring With Nmap
By: Pax Dickinson

Portscanning, for the uninitiated, involves sending connection requests to a remote host to determine what ports are open for connections and possibly what services they are exporting. Portscanning is the first step a hacker will take when attempting to penetrate your system, so you should be preemptively scanning your own servers and networks to discover vulnerabilities before someone unfriendly gets there first.

Any open ports that are unnecessary for proper system operation should be closed. Every open port is a possible access point for an unauthorized user, and every service accepting connections from the world could have a vulnerability. Even if you are diligent about applying patches, any unnecessarily running service is still a window an attacker could possibly climb through.

One way of viewing open ports on your Linux system is with the netstat command. Issue the command netstat --inet -a to view both your established connections and open listening network ports. This command reads from your /etc/services file to determine the service name for a given port number, so seeing *:www under the Local Address heading indicates your server's port 80 is open and listening, not that there is necessarily a webserver running on that port. You should check the list and ensure that the servers listening are indeed desired, and if they are not, they should be disabled. For example, this output shows me that my system is accepting connections on the ports for www, ssh, smtp and https.

Read Complete Article:
http://www.linuxsecurity.com/content/view/119808/49/

 

LinuxSecurity.com Feature Extras:

Pull The Plug Revisited: An Interview Five Years Later - Five years after our original interview with Brian Gemberling, founder of PullthePlug.org, we catch up with Daniel Alvarez and the rest of the site's administrative management. Its structured management and focus on the community will ensure many years of continued success. You're asking, what is pull the plug? Read more to find out...

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New krb5 packages fix multiple vulnerabilities
  17th, July, 2005

Daniel Wachdorf reported two problems in the MIT krb5 distribution used for network authentication.

http://www.linuxsecurity.com/content/view/119798
 
  Debian: New heimdal packages fix arbitrary code execution
  18th, July, 2005

A buffer overflow has been discovered in the telnet server from Heimdal, a free implementation of Kerberos 5, that could lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119802
 
  Debian: New phppgadmin packages fix directory traversal vulnerability
  18th, July, 2005

A vulnerability has been discovered in phppgadmin, a set of PHP scripts to administrate PostgreSQL over the WWW, that can lead to disclose sensitive information. Successful exploitation requires that "magic_quotes_gpc" is disabled.

http://www.linuxsecurity.com/content/view/119804
 
  Debian: New ekg packages fix several vulnerabilities
  18th, July, 2005

Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program.

http://www.linuxsecurity.com/content/view/119812
 
  Debian: New heartbeat packages fix insecure temporary files
  19th, July, 2005

Eric Romang discovered several insecure temporary file creations in heartbeat, the subsystem for High-Availability Linux.

http://www.linuxsecurity.com/content/view/119816
 
  Debian: New affix packages fix arbitrary command and code execution
  19th, July, 2005

Kevin Finisterre discovered two problems in the Bluetooth FTP client from affix, user space utilities for the Affix Bluetooth protocol stack.

http://www.linuxsecurity.com/content/view/119817
 
  Debian: New zlib packages fix buffer overflow
  20th, July, 2005

Flaw in the way zlib, a library used for file compression and decompression, handles invalid input. This flaw can cause programs which use zlib to crash when opening an invalid file.

http://www.linuxsecurity.com/content/view/119837
 
  Debian: New cacti packages fix several vulnerabilities
  21st, July, 2005

Several vulnerabilities have been discovered in cacti, a round-robin database (RRD) tool that helps create graphs from database information.

http://www.linuxsecurity.com/content/view/119838
 
   Fedora
  Fedora Core 4 Update: java-1.4.2-gcj-compat-1.4.2.0-40jpp_31rh.FC4.1
  18th, July, 2005

Cope with impending libgcj and eclipse-ecj updates and provide aot-compile-rpm.

http://www.linuxsecurity.com/content/view/119809
 
  Fedora Core 3 Update: diskdumputils-1.1.7-3
  18th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119810
 
  Fedora Core 4 Update: diskdumputils-1.1.7-4
  18th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119811
 
  Fedora Core 4 Update: radvd-0.8-1.FC4
  18th, July, 2005

New package released.

http://www.linuxsecurity.com/content/view/119814
 
  Fedora Core 3 Update: radvd-0.8-1.FC3
  18th, July, 2005

New package released.

http://www.linuxsecurity.com/content/view/119815
 
  Fedora Core 4 Update: bind-9.3.1-8.FC4
  19th, July, 2005

Fix named.init script bugs.

http://www.linuxsecurity.com/content/view/119820
 
  Fedora Core 3 Update: bind-9.2.5-3
  19th, July, 2005

Fix named.init script bugs.

http://www.linuxsecurity.com/content/view/119821
 
  Fedora Core 3 Update: radvd-0.8-2.FC3
  19th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119822
 
  Fedora Core 4 Update: radvd-0.8-2.FC4
  19th, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119823
 
  Fedora Core 3 Update: kdelibs-3.3.1-2.14.FC3
  19th, July, 2005

A flaw was discovered affecting Kate, the KDE advanced text editor, and Kwrite. Depending on system settings it may be possible for a local user to read the backup files created by Kate or Kwrite.

http://www.linuxsecurity.com/content/view/119824
 
  Fedora Core 4 Update: freeradius-1.0.4-1.FC4.1
  20th, July, 2005

Fixes missing ldap plugin.

http://www.linuxsecurity.com/content/view/119828
 
  Fedora Core 3 Update: firefox-1.0.6-1.1.fc3
  20th, July, 2005

Fix various security related bugs.

http://www.linuxsecurity.com/content/view/119831
 
  Fedora Core 3 Update: thunderbird-1.0.6-1.1.fc3
  20th, July, 2005

Fix various security related bugs.

http://www.linuxsecurity.com/content/view/119832
 
  Fedora Core 4 Update: firefox-1.0.6-1.1.fc4
  20th, July, 2005

Fix various security related bugs.

http://www.linuxsecurity.com/content/view/119833
 
  Fedora Core 4 Update: thunderbird-1.0.6-1.1.fc4
  20th, July, 2005

Fix various security related bugs.

http://www.linuxsecurity.com/content/view/119834
 
  Fedora Core 4 Update: ypserv-2.13-7
  20th, July, 2005

Fix crash with ypxfr caused by failing to zero out data.

http://www.linuxsecurity.com/content/view/119836
 
  Fedora Core 4 Update: mysql-4.1.12-2.FC4.1
  20th, July, 2005

Update to MySQL 4.1.12 (includes a low-impact security fix, see bz#158689). Repair some issues in openssl support. Re-enable the old ISAM table type.

http://www.linuxsecurity.com/content/view/119835
 
  Fedora Core 4 Update: setarch-1.8-1.FC4
  21st, July, 2005

Bugfix package release.

http://www.linuxsecurity.com/content/view/119842
 
  Fedora Core 4 Update: openoffice.org-1.9.117-3.1.0.fc4
  21st, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119843
 
  Fedora Core 3 Update: pvm-3.4.5-5_FC3
  21st, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119844
 
  Fedora Core 4 Update: pvm-3.4.5-5_FC4
  21st, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119845
 
  Fedora Core 4 Update: fetchmail-6.2.5-7.fc4.1
  21st, July, 2005

A buffer overflow was discovered in fetchmail's POP3 client. A malicious server could cause fetchmail to execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2355 to this issue. All fetchmail users should upgrade to the updated package, which fixes this issue.

http://www.linuxsecurity.com/content/view/119846
 
  Fedora Core 3 Update: fetchmail-6.2.5-7.fc3.1
  21st, July, 2005

A buffer overflow was discovered in fetchmail's POP3 client. A malicious server could cause fetchmail to execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2355 to this issue. All fetchmail users should upgrade to the updated package, which fixes this issue.

http://www.linuxsecurity.com/content/view/119847
 
  Fedora Core 3 Update: mozilla-1.7.10-1.3.1
  22nd, July, 2005

Package repairs various vulnerabilities.

http://www.linuxsecurity.com/content/view/119853
 
  Fedora Core 3 Update: epiphany-1.4.4-4.3.5
  22nd, July, 2005

There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119854
 
  Fedora Core 3 Update: devhelp-0.9.2-2.3.5
  22nd, July, 2005

There were several security flaws found in the mozilla package, which devhelp depends on. Users of devhelp are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119855
 
  Fedora Core 4 Update: mozilla-1.7.10-1.5.1
  22nd, July, 2005

Package repairs various vulnerabilities.

http://www.linuxsecurity.com/content/view/119856
 
  Fedora Core 4 Update: epiphany-1.6.3-2
  22nd, July, 2005

There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119857
 
  Fedora Core 4 Update: devhelp-0.10-1.4.1
  22nd, July, 2005

There were several security flaws found in the mozilla package, which devhelp depends on. Users of devhelp are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119858
 
  Fedora Core 4 Update: yelp-2.10.0-1.4.1
  22nd, July, 2005

There were several security flaws found in the mozilla package, which yelp depends on. Users of yelp are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119859
 
   Gentoo
  Gentoo: Mozilla Firefox Multiple Vulnerabilities
  15th, July, 2005

Several vulnerabilities in Mozilla Firefox allow attacks ranging from execution of script code with elevated privileges to information leak.

http://www.linuxsecurity.com/content/view/119617
 
  Gentoo: PHP Script injection through XML-RPC
  15th, July, 2005

PHP includes an XML-RPC implementation which allows remote attackers to execute arbitrary PHP script commands.

http://www.linuxsecurity.com/content/view/119622
 
  Gentoo: Ruby Arbitrary command execution through XML-RPC
  15th, July, 2005

A vulnerability in XMLRPC.iPIMethods allows remote attackers to execute arbitrary commands.

http://www.linuxsecurity.com/content/view/119628
 
  Gentoo: Adobe Acrobat Reader Buffer overflow vulnerability
  15th, July, 2005

Adobe Acrobat Reader is vulnerable to a buffer overflow that could lead to remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119629
 
  Gentoo: phpGroupWare, eGroupWare PHP script injection vulnerability
  15th, July, 2005

phpGroupWare and eGroupWare include an XML-RPC implementation which allows remote attackers to execute arbitrary PHP script commands.

http://www.linuxsecurity.com/content/view/119630
 
  Gentoo: dhcpcd Denial of Service vulnerability
  15th, July, 2005

A vulnerability in dhcpcd may cause the dhcpcd daemon to crash.

http://www.linuxsecurity.com/content/view/119632
 
  Gentoo: Mozilla Thunderbird Multiple Vulnerabilities
  18th, July, 2005

Several vulnerabilities in Mozilla Thunderbird allow attacks ranging from execution of script code with elevated privileges to information leak.

http://www.linuxsecurity.com/content/view/119803
 
  Gentoo: Mozilla Thunderbird Multiple vulnerabilities
  19th, July, 2005

Several vulnerabilities in Mozilla Thunderbird allow attacks ranging from execution of script code with elevated privileges to information leaks.

http://www.linuxsecurity.com/content/view/119825
 
  Gentoo: MediaWiki Cross-site scripting vulnerability
  20th, July, 2005

MediaWiki is vulnerable to a cross-site scripting attack that could allow arbitrary JavaScript code execution.

http://www.linuxsecurity.com/content/view/119826
 
  Gentoo: zlib Buffer overflow
  22nd, July, 2005

zlib is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119860
 
  Gentoo: Shorewall Security policy bypass
  22nd, July, 2005

A vulnerability in Shorewall allows clients authenticated by MAC address filtering to bypass all other security rules.

http://www.linuxsecurity.com/content/view/119861
 
   Red Hat
  RedHat: Important: firefox security update
  21st, July, 2005

An updated firefox package that fixes various security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119839
 
  RedHat: Low: cpio security update
  21st, July, 2005

An updated cpio package that fixes multiple issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119848
 
  RedHat: Important: zlib security update
  21st, July, 2005

Updated zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119849
 
  RedHat: Important: thunderbird security update
  21st, July, 2005

Updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119850
 
  RedHat: Critical: kdenetwork security update
  21st, July, 2005

Updated kdenetwork packages to correct a security flaw in Kopete are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119852
 
  RedHat: Important: mozilla security update
  22nd, July, 2005

Updated mozilla packages that fix various security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119862
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Releases Open Source Tool for Testing Web App Security Scanners
Most Targeted Attacks Exploit Privileged Accounts
NotCompable sets new standards for mobile botnet sophistication
Hands on with Caine Linux: Pentesting and UEFI compatible
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.