LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 25th, 2014
Linux Advisory Watch: July 18th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: July 29th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for cacti, heimdal, webcalendar, ekg, phpbb2, setarch, openoffice, pvm, fetchmail, mozilla,devhelp, yelp, subversion, zlib, kdenetwork, perl, module-init-tools, mgetty, system-config-netboot, libsepol, gnbc-kernel, dlm-kernel, cman-kernel, util-linux, tar, gcc, libtool, audit, zlib, apr, pam_ldap, fetchmail, sandbox, Koptete, Clam, Ethereal, cpio, kdenetwork, httpd, and dhcpd. The distributors include Debian, Fedora, Gentoo, and Red Hat.


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design.

Network Intrusion Prevention Systems – When They’re Valuable, and When They’re Not and When They’re Not
By: Daniel Miessler

Anyone keeping track of the security vendor/technology hype knows that IPS has quickly replaced IDS as the "next big thing". Depending on who you are, you may chalk this up to yet another infosec fad, or you could be of the opinion that IPS is actually making good on the promises that IDS never lived up to. I think it can be both – depending on your situation.

What NIPS Isn’t

First and foremost, NIPS is not a tool for stopping elite crackers. That may be how it’s being marketed, but it’s crap. If you’re the type to fall for that sort of hype then you’re probably in a lot more danger than any given technology can help you with.

Whether or not IPS is worthless or a godsend to your organization hinges on a single question – "How good is your organization at staying patched?" This is the single question that organizations need to be asking themselves when considering network intrusion prevention technology.

The reason this question matters is because of the fact that NIPS only protects you against vulnerabilities that you can mitigate by applying patches and/or implementing other controls. If you are a relatively small organization with a highly technical administrative/security staff that keeps your systems constantly patched and locked down, a network IPS can’t offer you much of anything. Despite claims to the contrary, a network IPS system is about as good at stopping zero-day attacks as wordpad.exe.

Remember, stout security teams knows their systems. They read advisories daily and know what’s in the wild and what’s likely to be there soon. A team like this can more than likely patch their systems and/or mitigate the risk to their organization in other ways before a NIPS vendor can release a signature for their product. The benefit gained from someone blocking exploits at the perimeter at that point is virtually null. In short, anything that’s going to compromise a fully patched and locked down system is going to walk right through a NIPS as well.

Read Entire Article:
http://www.linuxsecurity.com/content/view/119888/49/

 

LinuxSecurity.com Feature Extras:

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New cacti packages fix several vulnerabilities
  21st, July, 2005

Several vulnerabilities have been discovered in cacti, a round-robin database (RRD) tool that helps create graphs from database information.

http://www.linuxsecurity.com/content/view/119838
 
  Debian: New webcalendar package fixes information disclosure
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119907
 
  Debian: New heimdal packages fix arbitrary code execution
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119908
 
  Debian: New ekg packages fix arbitrary code execution
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119915
 
  Debian: New phpbb2 packages fix cross-site scripting
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119916
 
   Fedora
  Fedora Core 4 Update: setarch-1.8-1.FC4
  21st, July, 2005

Bugfix package release.

http://www.linuxsecurity.com/content/view/119842
 
  Fedora Core 4 Update: openoffice.org-1.9.117-3.1.0.fc4
  21st, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119843
 
  Fedora Core 3 Update: pvm-3.4.5-5_FC3
  21st, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119844
 
  Fedora Core 4 Update: pvm-3.4.5-5_FC4
  21st, July, 2005

Updated package released.

http://www.linuxsecurity.com/content/view/119845
 
  Fedora Core 4 Update: fetchmail-6.2.5-7.fc4.1
  21st, July, 2005

A buffer overflow was discovered in fetchmail's POP3 client. A malicious server could cause fetchmail to execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2355 to this issue. All fetchmail users should upgrade to the updated package, which fixes this issue.

http://www.linuxsecurity.com/content/view/119846
 
  Fedora Core 3 Update: fetchmail-6.2.5-7.fc3.1
  21st, July, 2005

A buffer overflow was discovered in fetchmail's POP3 client. A malicious server could cause fetchmail to execute arbitrary code. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2355 to this issue. All fetchmail users should upgrade to the updated package, which fixes this issue.

http://www.linuxsecurity.com/content/view/119847
 
  Fedora Core 3 Update: mozilla-1.7.10-1.3.1
  22nd, July, 2005

Package repairs various vulnerabilities.

http://www.linuxsecurity.com/content/view/119853
 
  Fedora Core 3 Update: epiphany-1.4.4-4.3.5
  22nd, July, 2005

There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119854
 
  Fedora Core 3 Update: devhelp-0.9.2-2.3.5
  22nd, July, 2005

There were several security flaws found in the mozilla package, which devhelp depends on. Users of devhelp are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119855
 
  Fedora Core 4 Update: mozilla-1.7.10-1.5.1
  22nd, July, 2005

Package repairs various vulnerabilities.

http://www.linuxsecurity.com/content/view/119856
 
  Fedora Core 4 Update: epiphany-1.6.3-2
  22nd, July, 2005

There were several security flaws found in the mozilla package, which epiphany depends on. Users of epiphany are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119857
 
  Fedora Core 4 Update: devhelp-0.10-1.4.1
  22nd, July, 2005

There were several security flaws found in the mozilla package, which devhelp depends on. Users of devhelp are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119858
 
  Fedora Core 4 Update: yelp-2.10.0-1.4.1
  22nd, July, 2005

There were several security flaws found in the mozilla package, which yelp depends on. Users of yelp are advised to upgrade to this updated package which has been rebuilt against a version of mozilla not vulnerable to these flaws.

http://www.linuxsecurity.com/content/view/119859
 
  Fedora Core 4 Update: subversion-1.2.1-2.1
  22nd, July, 2005

This update contains the latest release of Subversion. Subversion 1.2 adds support for locking (reserved checkouts), and includes many bug fixes and improvements.

http://www.linuxsecurity.com/content/view/119866
 
  Fedora Core 4 Update: zlib-1.2.2.2-5.fc4
  22nd, July, 2005

Fix zlib buffer overflow.

http://www.linuxsecurity.com/content/view/119867
 
  Fedora Core 3 Update: zlib-1.2.1.2-3.fc3
  22nd, July, 2005

Fix zlib buffer overflow.

http://www.linuxsecurity.com/content/view/119868
 
  Fedora Core 4 Update: kdenetwork-3.4.1-0.fc4.2
  22nd, July, 2005

Multiple integer overflow flaws were found in the way Kopete processes Gadu-Gadu messages. A remote attacker could send a specially crafted Gadu-Gadu message which would cause Kopete to crash or possibly execute arbitrary code.

http://www.linuxsecurity.com/content/view/119869
 
  Fedora Core 3 Update: kdenetwork-3.3.1-3.2
  22nd, July, 2005

Multiple integer overflow flaws were found in the way Kopete processes Gadu-Gadu messages. A remote attacker could send a specially crafted Gadu-Gadu message which would cause Kopete to crash or possibly execute arbitrary code.

http://www.linuxsecurity.com/content/view/119870
 
  Fedora Core 3 Update: perl-5.8.5-14.FC3
  22nd, July, 2005

Paul Szabo discovered another vulnerability in the File::Path::rmtree function of perl, the popular scripting language. When a process is deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had write permissions in any subdirectory of that tree. Perl interpreter would cause a segmentation fault when environment changes during the runtime. Code in lib/FindBin contained a regression which caused problems with MRTG software package.

http://www.linuxsecurity.com/content/view/119871
 
  Fedora Core 4 Update: module-init-tools-3.1-4
  22nd, July, 2005

This fixes a crash in depmod when encountering certain misbuilt modules.

http://www.linuxsecurity.com/content/view/119872
 
  Fedora Core 3 Update: mgetty-1.1.31-3_FC3
  22nd, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119874
 
  Fedora Core 4 Update: system-config-netboot-0.1.22-1_FC4
  22nd, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119875
 
  Fedora Core 3 Update: system-config-netboot-0.1.22-1_FC3
  22nd, July, 2005

Update package.

http://www.linuxsecurity.com/content/view/119876
 
  Fedora Core 4 Update: setools-2.1.1-2
  24th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119880
 
  Fedora Core 4 Update: nfs-utils-1.0.7-10
  24th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119881
 
  Fedora Core 4 Update: libsepol-1.5.10-1.1
  25th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119889
 
  Fedora Core 4 Update: gnbd-kernel-2.6.11.2-20050420.133124.FC4.43
  25th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119894
 
  Fedora Core 4 Update: dlm-kernel-2.6.11.5-20050601.152643.FC4.10
  25th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119895
 
  Fedora Core 4 Update: cman-kernel-2.6.11.5-20050601.152643.FC4.9
  25th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119896
 
  Fedora Core 4 Update: GFS-kernel-2.6.11.8-20050601.152643.FC4.9
  25th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119897
 
  Fedora Core 4 Update: gnome-panel-2.10.1-10.2
  26th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119902
 
  Fedora Core 4 Update: system-config-printer-0.6.131.3-1
  26th, July, 2005

This release fixes an unwanted interaction with SELinux when writing configuration files, and adds preliminary support for a future HPLIP package.

http://www.linuxsecurity.com/content/view/119903
 
  Fedora Core 3 Update: util-linux-2.12a-24.4
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119920
 
  Fedora Core 4 Update: tar-1.15.1-7.FC4
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119921
 
  Fedora Core 3 Update: tar-1.14-5.FC3
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119922
 
  Fedora Core 4 Update: util-linux-2.12p-9.7
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119923
 
  Fedora Core 4 Update: gcc-4.0.1-4.fc4
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119924
 
  Fedora Core 4 Update: libtool-1.5.16.multilib2-2
  27th, July, 2005

This update needs to accompany gcc-4.0.1 update.

http://www.linuxsecurity.com/content/view/119925
 
  Fedora Core 3 Update: gcc-3.4.4-2.fc3
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119926
 
  Fedora Core 4 Update: system-config-bind-4.0.0-20_FC4
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119927
 
  Fedora Core 3 Update: system-config-bind-4.0.0-20
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119928
 
  Fedora Core 4 Update: mgetty-1.1.33-3_FC4
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119929
 
  Fedora Core 3 Update: mgetty-1.1.31-4_FC3
  27th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119930
 
  Fedora Core 4 Update: apr-0.9.6-3.1
  27th, July, 2005

This update includes an updated libtool script to synchronize with the gcc 4.0.1 update.

http://www.linuxsecurity.com/content/view/119931
 
  Fedora Core 4 Update: audit-0.9.19-2.FC4
  27th, July, 2005

This update quietens some error messages, fixes support for long file names, and allows 32 bit machines to search in logs created by 64 bit kernel.

http://www.linuxsecurity.com/content/view/119932
 
   Gentoo
  Gentoo: zlib Buffer overflow
  22nd, July, 2005

zlib is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119860
 
  Gentoo: Shorewall Security policy bypass
  22nd, July, 2005

A vulnerability in Shorewall allows clients authenticated by MAC address filtering to bypass all other security rules.

http://www.linuxsecurity.com/content/view/119861
 
  Gentoo: Mozilla Thunderbird Multiple vulnerabilities
  24th, July, 2005

Several vulnerabilities in Mozilla Thunderbird allow attacks ranging from execution of script code with elevated privileges to information leak.

http://www.linuxsecurity.com/content/view/119877
 
  Gentoo: pam_ldap and nss_ldap Plain text authentication
  24th, July, 2005

pam_ldap and nss_ldap fail to restart TLS when following a referral, possibly leading to credentials being sent in plain text.

http://www.linuxsecurity.com/content/view/119878
 
  Gentoo: fetchmail Buffer Overflow
  25th, July, 2005

fetchmail is susceptible to a buffer overflow resulting in a Denial of Service or arbitrary code execution.

http://www.linuxsecurity.com/content/view/119890
 
  Gentoo: sandbox Insecure temporary file handling
  25th, July, 2005

The sandbox utility may create temporary files in an insecure manner.

http://www.linuxsecurity.com/content/view/119891
 
  Gentoo: Kopete Vulnerability in included Gadu library
  25th, July, 2005

Kopete is vulnerable to several input validation vulnerabilities which may lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119892
 
  Gentoo: Mozilla Suite Multiple vulnerabilities
  26th, July, 2005

Several vulnerabilities in the Mozilla Suite allow attacks ranging from the execution of javascript code with elevated privileges to information leakage.

http://www.linuxsecurity.com/content/view/119904
 
  Gentoo: Clam AntiVirus Integer overflows
  26th, July, 2005

Clam AntiVirus is vulnerable to integer overflows when handling several file formats, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119905
 
  Gentoo: GNU Gadu, CenterICQ, Kadu, EKG, libgadu Remote code execution in Gadu library
  27th, July, 2005

GNU Gadu, CenterICQ, Kadu, EKG and libgadu are vulnerable to an integer overflow which could potentially lead to the execution of arbitrary code or a Denial of Service.

http://www.linuxsecurity.com/content/view/119909
 
  Gentoo: Ethereal Multiple vulnerabilities
  28th, July, 2005

Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination.

http://www.linuxsecurity.com/content/view/119934
 
   Red Hat
  RedHat: Important: firefox security update
  21st, July, 2005

An updated firefox package that fixes various security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119839
 
  RedHat: Low: cpio security update
  21st, July, 2005

An updated cpio package that fixes multiple issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119848
 
  RedHat: Important: zlib security update
  21st, July, 2005

Updated zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119849
 
  RedHat: Important: thunderbird security update
  21st, July, 2005

Updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119850
 
  RedHat: Critical: kdenetwork security update
  21st, July, 2005

Updated kdenetwork packages to correct a security flaw in Kopete are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119852
 
  RedHat: Important: mozilla security update
  22nd, July, 2005

Updated mozilla packages that fix various security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119862
 
  RedHat: Moderate: httpd security update
  25th, July, 2005

Updated Apache httpd packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119882
 
  RedHat: Important: fetchmail security update
  25th, July, 2005

Updated fetchmail packages that fix a security flaw are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119883
 
  RedHat: Moderate: dhcpcd security update
  27th, July, 2005

An updated dhcpcd package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119917
 
  RedHat: Moderate: kdelibs security update
  27th, July, 2005

Updated kdelibs packages are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119918
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
How Hackers Hid a Money-Mining Botnet in Amazons Cloud
Homeland Security gets into software security
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.