LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 18th, 2014
Linux Advisory Watch: July 13th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: August 26th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were releaed for bluez-utils, thunderbird, mysql, epiphany, system-config-netboot, kdbg, doxygen, kdeedu, ncpfs, gaim, system-config-bind, tar, vnc, metacity, cups, pygtk, slocate, myodbc, xpdf, libgal2, dhcpv, diskdumputils, kdebase, cvs, hwdata, eject, pcre, kismet, wikiwiki, apache, tor, netpbm, vim, and elm. The distributors include Debian, Fedora, Gentoo, and Red Hat.


Master of Science in Information Security - Earn your Master of Science in Information Security online from Norwich University. Designated a "Center of Excellence", the program offers a solid education in the management of information assurance, and the unique case study method melds theory into practice. Using today's e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

Introduction: IP Spoofing
By: Suhas A Desai

An article on "Security Problems in the TCP/IP Protocol Suite" by S.M.Bellovin in 1989 initially explored IP Spoofing attacks . He described how Robert Morris, creator of the now infamous Internet Worm, figured out how TCP created sequence numbers and forged a TCP packet sequence.

This TCP packet included the destination address of his victim and using as IP spoofing attack Morris was able to obtain root access to his targeted system without a User ID or password.

Introduction:

IP spoofing is a technique used to gain unauthorized access to computers, whereby the attacker sends messages to a computer with a forging IP address indicating that the message is coming from a trusted host. There are a few variations on the types of attacks that using IP spoofing.

1.non-blind spoofing

This attack takes place when the attacker is on the same subnet as the target that could see sequence and acknowledgement of packets. The threat of this type of spoofing is session hijacking and an attacker could bypass any authentication measures taken place to build the connection. This is accomplished by corrupting the DataStream of an established connection, then re-establishing it based on correct sequence and acknowledgement numbers with the attack machine.

2.Blind spoofing

This attack may take place from outside where sequence and acknowledgement numbers are unreachable. Attackers usually send several packets to the target machine in order to sample sequence numbers, which is doable in older days. Today, most OSs implement random sequence number generation, making it difficult to predict them accurately. If, however, the sequence number was compromised, data could be sent to the target.

READ ENTIRE ARTICLE:
http://www.linuxsecurity.com/content/view/120225/49/


LinuxSecurity.com Feature Extras:

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New bluez-utils packages fix arbitrary command execution
  23rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120184
 
  Debian: New Mozilla Thunderbird packages fix several vulnerabilities
  23rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120185
 
  Debian: New mysql packages fix insecure temporary file
  24th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120196
 
   Fedora
  Fedora Core 4 Update: epiphany-1.6.5-1
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120132
 
  Fedora Core 4 Update: system-config-netboot-0.1.26-1_FC4
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120133
 
  Fedora Core 3 Update: kdbg-2.0.0-0.fc3.1
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120134
 
  Fedora Core 4 Update: doxygen-1.4.4-0.fc4.1
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120135
 
  Fedora Core 4 Update: kdbg-2.0.0-0.fc4.1
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120136
 
  Fedora Core 4 Update: kdeedu-3.4.2-0.fc4.2
  18th, August, 2005

Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The script must be manually invoked.

http://www.linuxsecurity.com/content/view/120137
 
  Fedora Core 3 Update: ncpfs-2.2.4-4.FC3.1
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120138
 
  Fedora Core 3 Update: gaim-1.5.0-1.fc3
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120139
 
  Fedora Core 4 Update: gaim-1.5.0-1.fc4
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120140
 
  Fedora Core 3 Update: system-config-bind-4.0.0-30
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120141
 
  Fedora Core 4 Update: system-config-bind-4.0.0-30_FC4
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120142
 
  Fedora Core 3 Update: pcre-4.5-3.1
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120143
 
  Fedora Core 4 Update: tar-1.15.1-8.FC4
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120144
 
  Fedora Core 4 Update: gstreamer-plugins-0.8.8-9
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120145
 
  Fedora Core 4 Update: vnc-4.1.1-10.1
  18th, August, 2005

This package disables the render patch, which was causing problems when using the loadable X module.

http://www.linuxsecurity.com/content/view/120146
 
  Fedora Core 3 Update: netpbm-10.28-1.FC3.2
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120147
 
  Fedora Core 4 Update: metacity-2.10.3-1
  18th, August, 2005

This update of metacity fixes the behavior of minimized transient dialogs for some applications.

http://www.linuxsecurity.com/content/view/120148
 
  Fedora Core 4 Update: cups-1.1.23-15.1
  18th, August, 2005

These updated packages fix a problem handling PDF files that could have security implications.

http://www.linuxsecurity.com/content/view/120149
 
  Fedora Core 3 Update: cups-1.1.22-0.rc1.8.6
  18th, August, 2005

These updated packages fix a problem handling PDF files that could have security implications.

http://www.linuxsecurity.com/content/view/120150
 
  Fedora Core 4 Update: pygtk2-2.6.2-0.fc4.1
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120151
 
  Fedora Core 4 Update: shadow-utils-4.0.7-10.FC4
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120152
 
  Fedora Core 4 Update: netpbm-10.28-1.FC4.2
  18th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120153
 
  Fedora Core 4 Update: slocate-2.7-22.fc4.1
  22nd, August, 2005

A carefully prepared directory structure could stop the updatedb file system scan, resulting in an incomplete slocate database. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2499 to this issue.

http://www.linuxsecurity.com/content/view/120166
 
  Fedora Core 3 Update: slocate-2.7-12.fc3.1
  22nd, August, 2005

A carefully prepared directory structure could stop the updatedb file system scan, resulting in an incomplete slocate database. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2499 to this issue.

http://www.linuxsecurity.com/content/view/120167
 
  Fedora Core 4 Update: MyODBC-2.50.39-25.FC4.1
  22nd, August, 2005

Fix a problem with extra rows inserted because of mistaken pre-execution of a query. See also http://bugs.mysql.com/bug.php?id=4264

http://www.linuxsecurity.com/content/view/120168
 
  Fedora Core 3 Update: MyODBC-2.50.39-25.FC3.1
  22nd, August, 2005

Fix a problem with extra rows inserted because of mistaken pre-execution of a query. See also http://bugs.mysql.com/bug.php?id=4264

http://www.linuxsecurity.com/content/view/120169
 
  Fedora Core 3 Update: doxygen-1.4.4-0.fc3.1
  22nd, August, 2005

update to 1.4.4

http://www.linuxsecurity.com/content/view/120170
 
  Fedora Core 4 Update: xpdf-3.01-0.FC4.1
  22nd, August, 2005

update to 3.01

http://www.linuxsecurity.com/content/view/120171
 
  Fedora Core 3 Update: xpdf-3.01-0.FC3.1
  22nd, August, 2005

update to 3.01

http://www.linuxsecurity.com/content/view/120172
 
  Fedora Core 4 Update: libgal2-2.4.3-1.fc4
  22nd, August, 2005

Fix for crash when selecting type of server in Evolution's account editor

http://www.linuxsecurity.com/content/view/120173
 
  Fedora Core 3 Update:
  22nd, August, 2005

It probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4. This snapshot worked on my personal server for the past week, so hopefully it will be good for everyone else too.

http://www.linuxsecurity.com/content/view/120174
 
  Fedora Core 4 Update:
  22nd, August, 2005

It probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4.

http://www.linuxsecurity.com/content/view/120175
 
  Fedora Core 3 Update: dhcpv6-0.10-14_FC3
  22nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120176
 
  Fedora Core 4 Update: dhcpv6-0.10-14_FC4
  22nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120177
 
  Fedora Core 3 Update: system-config-netboot-0.1.30-1_FC3
  22nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120178
 
  Fedora Core 4 Update: system-config-netboot-0.1.30-1_FC4
  22nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120179
 
  Fedora Core 4 Update: diskdumputils-1.1.9-2
  22nd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120180
 
  Fedora Core 3 Update: kdebase-3.4.2-0.fc3.3
  23rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120189
 
  Fedora Core 4 Update: bind-9.3.1-10_FC4
  23rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120190
 
  Fedora Core 4 Update: cvs-1.11.19-9
  23rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120191
 
  Fedora Core 3 Update: cvs-1.11.17-7.FC3
  23rd, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120192
 
  Fedora Core 3 Update: hwdata-0.146.1-1
  23rd, August, 2005

This fixes a bug where some MegaRAID controllers were incorrectly mapped to the megaraid_mbox driver.

http://www.linuxsecurity.com/content/view/120193
 
  Fedora Core 3 Update: eject-2.1.1-0.fc3.2
  24th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120202
 
  Fedora Core 4 Update: eject-2.1.1-0.fc4.1
  24th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120203
 
  Fedora Core 3 Update: pcre-4.5-3.1.1.fc3
  24th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120204
 
  Fedora Core 4 Update: pcre-5.0-4.1.fc4
  24th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120205
 
  Fedora Core 3 Update: epiphany-1.4.9-0
  24th, August, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120206
 
   Gentoo
  Gentoo: Kismet Multiple vulnerabilities
  19th, August, 2005

Kismet is vulnerable to multiple issues potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120160
 
  Gentoo: Adobe Reader Buffer Overflow
  19th, August, 2005

Adobe Reader is vulnerable to a buffer overflow which could potentially lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120161
 
  Gentoo: Evolution Format string vulnerabilities
  23rd, August, 2005

Evolution is vulnerable to format string vulnerabilities which may result in remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120183
 
  Gentoo: PEAR XML-RPC, phpxmlrpc New PHP script injection
  24th, August, 2005

The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to execute arbitrary PHP script commands.

http://www.linuxsecurity.com/content/view/120197
 
  Gentoo: TikiWiki, eGroupWare Arbitrary command execution
  24th, August, 2005

TikiWiki and eGroupWare both include PHP XML-RPC code vulnerable to arbitrary command execution.

http://www.linuxsecurity.com/content/view/120207
 
  Gentoo: Apache 2.0 Denial of Service vulnerability
  25th, August, 2005

A bug in Apache may allow a remote attacker to perform a Denial of Service attack.

http://www.linuxsecurity.com/content/view/120208
 
  Gentoo: Tor Information disclosure
  25th, August, 2005

A flaw in Tor leads to the disclosure of information and the loss of anonymity, integrity and confidentiality.

http://www.linuxsecurity.com/content/view/120209
 
   Red Hat
  RedHat: Low: netpbm security update
  22nd, August, 2005

Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120163
 
  RedHat: Low: vim security update
  22nd, August, 2005

Updated vim packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120164
 
  RedHat: Low: slocate security update
  22nd, August, 2005

An updated slocate package that fixes a denial of service issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120165
 
  RedHat: Critical: elm security update
  23rd, August, 2005

An updated elm package is now available that fixes a buffer overflow issue for Red Hat Enterprise Linux 2.1 AS and AW. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120194
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
How Hackers Hid a Money-Mining Botnet in Amazonís Cloud
Homeland Security gets into software security
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.