LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 18th, 2014
Linux Advisory Watch: July 13th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: October 21st 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for Ruby, hylafax, Mozilla, module-assistant, Lynx, phpMyAdmin, AbiWord, netpbm, gdb, xloadimage, and openldap. The distributors include Debian, Gentoo, and Red Hat.


EnGarde Secure Linux 3.0 - Download Now!

  • Linux 2.6 kernel featuring SELinux Mandatory Access Control
  • Guardian Digital Secure Network features free access to all system and security updates (to be available shortly through an updated release)
  • Support for new hardware, including 64-bit AMD architecture
  • Web-based management of all functions, including the ability to build a complete web presence with FTP, DNS, HTTP, SMTP and more.
  • Apache v2.0, BIND v9.3, MySQL v5.0(beta)
  • Completely new WebTool, featuring easier navigation and greater ability to manage the complete system
  • Integrated firewall with ability to manage individual firewall rules, control port forwarding, and creation of IP blacklists
  • Built-in UPS configuration provides ability to manage an entire network of battery-backup devices
  • RSS feed provides ability to display current news and immediate access to system and security updates
  • Real-time access to system and service log information

LEARN MORE:
http://www.guardiandigital.com/products/software/community/esl.html


Local User Security
Dave Wreski

Getting access to a local user account is one of the first things that system intruders attempt while on their way to exploiting the root account. With lax local security, they can then "upgrade" their normal user access to root access using a variety of bugs and poorly setup local services. If you make sure your local security is tight, then the intruder will have another hurdle to jump.

Local users can also cause a lot of havoc with your system even (especially) if they really are who they say they are. Providing accounts to people you don't know or for whom you have no contact information is a very bad idea.

You should make sure you provide user accounts with only the minimal requirements for the task they need to do. If you provide your son (age 10) with an account, you might want him to only have access to a word processor or drawing program, but be unable to delete data that is not his.

Several good rules of thumb when allowing other people legitimate access to your Linux machine:

  • Give them the minimal amount of privileges they need.
  • Be aware when/where they login from, or should be logging in from.
  • Make sure you remove inactive accounts, which you can determine by using the 'last' command and/or checking log files for any activity by the user.
  • The use of the same userid on all computers and networks is advisable to ease account maintenance, and permits easier analysis of log data.
  • The creation of group user-id's should be absolutely prohibited. User accounts also provide accountability, and this is not possible with group accounts.

Many local user accounts that are used in security compromises have not been used in months or years. Since no one is using them they, provide the ideal attack vehicle.

Read more from the Linux Security Howto:
http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/


LinuxSecurity.com Feature Extras:

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New Ruby 1.8 packages fix safety bypass
  13th, October, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120589
 
  Debian: New hylafax packages fix insecure temporary files
  13th, October, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120590
 
  Debian: New Mozilla packages fix several vulnerabilities
  20th, October, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120623
 
  Debian: New module-assistant package fixes insecure temporary file
  20th, October, 2005

Updated package.

http://www.linuxsecurity.com/content/view/120624
 
   Gentoo
  Gentoo: KOffice, KWord RTF import buffer overflow
  14th, October, 2005

KOffice and KWord are vulnerable to a buffer overflow in the RTF importer, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120596
 
  Gentoo: SPE Insecure file permissions
  15th, October, 2005

SPE files are installed with world-writeable permissions, potentially leading to privilege escalation.

http://www.linuxsecurity.com/content/view/120600
 
  Gentoo: Perl, Qt-UnixODBC, CMake RUNPATH issues
  17th, October, 2005

Multiple packages suffer from RUNPATH issues that may allow users in the "portage" group to escalate privileges.

http://www.linuxsecurity.com/content/view/120605
 
  Gentoo: Lynx Buffer overflow in NNTP processing
  17th, October, 2005

Lynx contains a buffer overflow that may be exploited to execute arbitrary code.

http://www.linuxsecurity.com/content/view/120607
 
  Gentoo: phpMyAdmin Local file inclusion vulnerability
  17th, October, 2005

phpMyAdmin contains a local file inclusion vulnerability that may lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120608
 
  Gentoo: AbiWord New RTF import buffer overflows
  20th, October, 2005

AbiWord is vulnerable to an additional set of buffer overflows during RTF import, making it vulnerable to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120625
 
  Gentoo: Netpbm Buffer overflow in pnmtopng
  20th, October, 2005

The pnmtopng utility, part of the Netpbm tools, contains a vulnerability which can potentially result in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/120626
 
   Red Hat
  RedHat: Moderate: openldap and nss_ldap security update
  17th, October, 2005

Updated openldap and nss_ldap packages that correct a potential password disclosure issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120602
 
  RedHat: Moderate: openldap and nss_ldap security update
  17th, October, 2005

Updated openldap and nss_ldap packages that correct a potential password disclosure issue and possible authentication vulnerability are now available.

http://www.linuxsecurity.com/content/view/120603
 
  RedHat: Critical: lynx security update
  17th, October, 2005

An updated lynx package that corrects a security flaw is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120604
 
  RedHat: Moderate: netpbm security update
  18th, October, 2005

Updated netpbm packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120613
 
  RedHat: Low: gdb security update
  18th, October, 2005

An updated gdb package that fixes minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/120614
 
  RedHat: Low: xloadimage security update
  18th, October, 2005

A new xloadimage package that fixes bugs in handling malformed tiff and pbm/pnm/ppm images, and in handling metacharacters in file names is now available.

http://www.linuxsecurity.com/content/view/120615
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Router hacking competition announced for Defcon
EFF wants hackers to help build an open, secure router
Hackers Could Take Control of Your Car. This Device Can Stop Them
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.