LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 29th, 2014
Linux Security Week: August 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: August 5th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for gaim, gopher, pdns, apt- catcher, ethereal, im-sdk, selinux-policy-targeted, gamin, pam, netpbm, mkinitrd, kde, arts, NetworkManager, labraw, ckermit, httpd, gphoto, coreutils, iiimf, yum, gimp, redhead, zlib, fetchmail, sandbox prsotext, proftpd, nbsmtp, dump, and SquirrelMail. The distributors include Debian, Fedora, Gentoo, and Red Hat.


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design.

Network Intrusion Prevention Systems – When They’re Valuable, and When They’re Not and When They’re Not, Part II
By: Daniel Miessler

The true benefit of network IPS lies in what it can do for companies that can’t keep their systems patched. This may sound negative, but it’s almost as if the request for NIPS technology is analogous to the requestor admitting that they cannot stay on top of system administration.

For anyone willing to make this admission, however, the benefits of network IPS are quite significant. Consider a medium to large sized company where upper management doesn’t see the need for additional (see enough) systems and/or security administrators. (This shouldn’t require much imagination, by the way).

In an environment like this, vulnerabilities are likely to go unpatched for weeks, months, or even years – even in the Internet- facing areas. Many things can lead to machines not getting patched in these sorts of companies – developers claiming that the main bread-winning app will break if the patches are applied, administrator fear of being the cause of downtime, apathy, stupidity – take your pick.

The point is, a strategically-placed network IPS – say in front of the Internet-facing environment – can do something absolutely magical for an systems/security staff -- it can buy them time. Consider a site passing a ton of traffic into their DMZ via multiple protocols to dozens or hundreds of machines, and let’s say several of the applications being interfaced with have known vulnerabilities. If the person in charge knows that they lack the ability to patch all the vulnerable systems (inexcusable, I agree), then the NIPS system can effectively serve as a multi-patch gateway.

If the NIPS product has a signature for 34 of the 42 exploits that could potentially root 180 machines, then putting a network IPS at the bottleneck becomes an alternative to 1. getting cracked, and 2. patching. Make no mistake, though – patching is the better solution, but I recognize that there are sometimes circumstances that prevent good admins from doing their jobs. There are also situations where someone who knows the risks lacks the funding to bring admins aboard that can help them keep their systems in top shape. For either of these cases, network IPS seems like an acceptable evil.

Read Entire Article:
http://www.linuxsecurity.com/content/view/119888/49/

 

LinuxSecurity.com Feature Extras:

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New gaim packages fix denial of service
  29th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119944
 
  Debian: New gopher packages fix insecure temporary file creation
  29th, July, 2005

Update package.

http://www.linuxsecurity.com/content/view/119954
 
  Debian: New pdns packages fix denial of service
  1st, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119988
 
  Debian: New apt-cacher package fixes arbitrary command execution
  3rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120011
 
   Fedora
  Fedora Core 3 Update: ethereal-0.10.12-1.FC3.1
  28th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119939
 
  Fedora Core 3 Update: im-sdk-12.1-10.FC3.1
  28th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119940
 
  Fedora Core 4 Update: selinux-policy-targeted-1.25.3-6
  28th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119941
 
  Fedora Core 3 Update: gamin-0.1.1-3.FC3
  29th, July, 2005

This should fix the problem where monitoring desktop files works initially but sometimes fails after a while. This is a safe update from 0.1.1-1.FC3

http://www.linuxsecurity.com/content/view/119955
 
  Fedora Core 4 Update: gamin-0.1.1-3.FC4
  29th, July, 2005

This should fix the problem where monitoring desktop files works initially but sometimes fails after a while. This is a safe update from 0.1.1-1.FC4

http://www.linuxsecurity.com/content/view/119956
 
  Fedora Core 4 Update: pam-0.79-9.4
  29th, July, 2005

This update fixes a regression of pam_userdb against FC3 pam and links to shared audit library as audit-libs-devel is now fixed.

http://www.linuxsecurity.com/content/view/119957
 
  Fedora Core 4 Update: netpbm-10.28-1.FC4.1
  29th, July, 2005

Update package.

http://www.linuxsecurity.com/content/view/119958
 
  Fedora Core 3 Update: netpbm-10.28-1.FC3.1
  29th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119959
 
  Fedora Core 4 Update: ethereal-0.10.12-1.FC4.1
  29th, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119960
 
  Fedora Core 3 Update: mkinitrd-4.1.18.1-1
  29th, July, 2005

This update should fix the issue a number of people saw after the recent kernel update where various modules would fail to load during boot, making systems unbootable. After updating this package, remove, and reinstall the recent kernel update, and the initrd will be recreated correctly.

http://www.linuxsecurity.com/content/view/119961
 
  Fedora Core 4 Update: kdeaddons-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119963
 
  Fedora Core 4 Update: kdesdk-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119964
 
  Fedora Core 4 Update: kdepim-3.4.2-0.fc4.2
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119965
 
  Fedora Core 4 Update: kdemultimedia-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119966
 
  Fedora Core 4 Update: kdelibs-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119967
 
  Fedora Core 4 Update: kdewebdev-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119968
 
  Fedora Core 4 Update: kdebase-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119969
 
  Fedora Core 4 Update: kdevelop-3.2.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119970
 
  Fedora Core 4 Update: kdeutils-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119971
 
  Fedora Core 4 Update: kdenetwork-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119972
 
  Fedora Core 4 Update: kde-i18n-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119973
 
  Fedora Core 4 Update: kdegraphics-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119974
 
  Fedora Core 4 Update: kdegames-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119975
 
  Fedora Core 4 Update: kdeedu-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119976
 
  Fedora Core 4 Update: kdebindings-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119977
 
  Fedora Core 4 Update: kdeartwork-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119978
 
  Fedora Core 4 Update: kdeadmin-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119979
 
  Fedora Core 4 Update: kdeaccessibility-3.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119980
 
  Fedora Core 4 Update: arts-1.4.2-0.fc4.1
  29th, July, 2005

KDE 3.4.2 update

http://www.linuxsecurity.com/content/view/119981
 
  Fedora Core 4 Update: NetworkManager-0.4-20.FC4.1
  29th, July, 2005

Network Manager passes logging messages straight to syslog as the format string.

http://www.linuxsecurity.com/content/view/119982
 
  Fedora Core 4 Update: libraw1394-1.2.0-1.fc4
  31st, July, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119986
 
  Fedora Core 4 Update: selinux-policy-targeted-1.25.3-9
  1st, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119994
 
  Fedora Core 4 Update: ckermit-8.0.211-2.FC4
  1st, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119995
 
  Fedora Core 4 Update: httpd-2.0.54-10.1
  2nd, August, 2005

This update security fixes for CVE CAN-2005-2088 and CVE CAN-2005-1268, along with some minor bug fixes.

http://www.linuxsecurity.com/content/view/120003
 
  Fedora Core 4 Update: kdegames-3.4.2-0.fc4.2
  2nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120004
 
  Fedora Core 3 Update: httpd-2.0.53-3.2
  2nd, August, 2005

This update includes version 2.0.53 of the Apache HTTP server, and also adds security fixes for CVE CAN-2005-2088 and CVE CAN-2005-1268.

http://www.linuxsecurity.com/content/view/120005
 
  Fedora Core 4 Update: gphoto2-2.1.6-1.1
  2nd, August, 2005

Updated to new release.

http://www.linuxsecurity.com/content/view/120006
 
  Fedora Core 4 Update: coreutils-5.2.1-48.1
  2nd, August, 2005

This updated package fixes "who -r" and "who -b".

http://www.linuxsecurity.com/content/view/120007
 
  Fedora Core 4 Update: iiimf-12.2-4.fc4.2
  2nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120008
 
  Fedora Core 3 Update: yum-2.2.2-0.fc3
  2nd, August, 2005

This update fixes a few minor problems.

http://www.linuxsecurity.com/content/view/120010
 
  Fedora Core 3 Update: ethereal-0.10.12-1.FC3.2
  3rd, August, 2005

To reduce the risk of future vulnerabilities in Ethereal, the ethereal and tethereal programs in this update have been compiled as Position Independant Executables (PIE).

http://www.linuxsecurity.com/content/view/120018
 
  Fedora Core 4 Update: ethereal-0.10.12-1.FC4.2
  3rd, August, 2005

To reduce the risk of future vulnerabilities in Ethereal, the ethereal and tethereal programs in this update have been compiled as Position Independant Executables (PIE).

http://www.linuxsecurity.com/content/view/120019
 
  Fedora Core 3 Update: gimp-2.2.8-0.fc3.2
  3rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120020
 
  Fedora Core 4 Update: gimp-2.2.8-0.fc4.2
  3rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120021
 
  Fedora Core 4 Update: readahead-1.1-1.16_FC4
  3rd, August, 2005

This update should fix a inverted case where readahead would be triggered on boxes that have less than 384MB of memory, and would not occur if the box had more than 384MB of memory.

http://www.linuxsecurity.com/content/view/120023
 
   Gentoo
  Gentoo: Ethereal Multiple vulnerabilities
  28th, July, 2005

Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination.

http://www.linuxsecurity.com/content/view/119934
 
  Gentoo: Shorewall Security policy bypass
  29th, July, 2005

A vulnerability in Shorewall allows clients authenticated by MAC address filtering to bypass all other security rules.

http://www.linuxsecurity.com/content/view/119945
 
  Gentoo: zlib Buffer overflow
  29th, July, 2005

zlib is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119946
 
  Gentoo: fetchmail Buffer Overflow
  29th, July, 2005

fetchmail is susceptible to a buffer overflow resulting in a Denial of Service or arbitrary code execution.

http://www.linuxsecurity.com/content/view/119947
 
  Gentoo: Kopete Vulnerability in included Gadu library
  29th, July, 2005

Kopete is vulnerable to several input validation vulnerabilities which may lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119948
 
  Gentoo: Mozilla Suite Multiple vulnerabilities
  29th, July, 2005

Several vulnerabilities in the Mozilla Suite allow attacks ranging from the execution of javascript code with elevated privileges to inormation leakage.

http://www.linuxsecurity.com/content/view/119949
 
  Gentoo: Clam AntiVirus Integer overflows
  29th, July, 2005

Clam AntiVirus is vulnerable to integer overflows when handling several file formats, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119950
 
  Gentoo: sandbox Insecure temporary file handling
  29th, July, 2005

The sandbox utility may create temporary files in an insecure manner.

http://www.linuxsecurity.com/content/view/119951
 
  Gentoo: AMD64 x86 emulation base libraries Buffer overflow
  30th, July, 2005

The x86 emulation base libraries for AMD64 contain a vulnerable version of zlib which could potentially lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119983
 
  Gentoo: pstotext Remote execution of arbitrary code
  31st, July, 2005

pstotext contains a vulnerability which can potentially result in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119984
 
  Gentoo: Compress:Zlib: Buffer overflow
  1st, August, 2005

Compress::Zlib is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119987
 
  Gentoo: ProFTPD Format string vulnerabilities
  1st, August, 2005

Under specific circumstances, ProFTPD is vulnerable to format string vulnerabilities, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119996
 
  Gentoo: ProFTPD Format string vulnerabilities
  1st, August, 2005

Under specific circumstances, ProFTPD is vulnerable to format string vulnerabilities, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119997
 
  Gentoo: nbSMTP Format string vulnerability
  2nd, August, 2005

nbSMTP is vulnerable to a format string vulnerability which may result in remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120002
 
   Red Hat
  RedHat: Low: dump security update
  3rd, August, 2005

Updated dump packages that address two security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120016
 
  RedHat: Moderate: SquirrelMail security update
  3rd, August, 2005

An updated squirrelmail package that fixes two security issues is now available. This update has been rated as having moderate security impact by the Red Hat Security Response T am.

http://www.linuxsecurity.com/content/view/120017
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
How Cops and Hackers Could Abuse Californias New Phone Kill-Switch Law
Why Russian hackers are beating us
DQ Breach? HQ Says No, But Would it Know?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.