LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: February 17th 2006 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for adzapper, elog, noweb, cponly, kronolith, xpdf, pdfkit, OTRS, gpdf, nfs-users-server, libcast, heimdal, poppler, kdegraphics, gnutls, cpuspeed, pam, postgresql, selinux-policy-targeted, ImageMagick, BomberClone, ghostscript, libpng, kdegraphics, and openssh. The distributors include Debian, Fedora, Gentoo, Mandriva, and SuSE.


Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/linsec


pgp Key Signing Observations: Overlooked Social and Technical Considerations
By: Atom Smasher

While there are several sources of technical information on using pgp in general, and key signing in particular, this article emphasizes social aspects of key signing that are too often ignored, misleading or incorrect in the technical literature. There are also technical issues pointed out where I believe other documentation to be lacking. It is important to acknowledge and address social aspects in a system such as pgp, because the weakest link in the system is the human that is using it. The algorithms, protocols and applications used as part of a pgp system are relatively difficult to compromise or 'break', but the human user can often be easily fooled. Since the human is the weak link in this chain, attention must be paid to actions and decisions of that human; users must be aware of the pitfalls and know how to avoid them.

AUDIENCE

This document is intended to be of use to those wishing to participate in the exchange of signatures on their OpenPGP keys. It is assumed that the reader has a basic understanding of pgp, what it's used for and how to use it. Those more experienced with pgp may wish to skip the sections they are familiar with, but it is suggested that even the basic information be reviewed.

OBSERVATIONS ON GENERATING AND MAINTAINING KEYS

When one first generates a key, it is important that it be done on a secure machine in a secure environment. One attack against pgp that is rarely mentioned allows Mallory to steal or even replace a pgp key before it is distributed. Mallory would need to compromise Bob's computer prior to Bob's creation of a key.

Mallory could then eavesdrop on Bob as he types the pgp passphrase for the first time, and steal the passphrase along with the secret key. In this case Bob's key is compromised before it even exists.

If at any time Mallory is able to break into Bob's computer, she can steal his private key and wait for him to type in his pgp passphrase. Mallory may use a virus or trojan to accomplish this. A screwdriver or bootable CD can compromise the private key. A spy camera or key-logger can compromise the passphrase. This would allow Mallory to read any message ever encrypted to Bob and sign any message or key with Bob's signature.

Aside from keeping his personal computer secure, Bob should save a copy of his private key in a secure, off-line, off-site location. This off-line and off-site backup keeps Bob's private key secure against loss from such things as disk crash or his computer being stolen by either common or government thieves. Depending on who is out to get him, he may consider it more secure to burn his private key onto a CD and store it in a bank safe, or print it onto paper and hide it inside a painting. As always, the most appropriate meaning of 'secure' is left to the needs and perceptions of the reader.

Note that it is often unnecessary to make a backup copy of a public key for two reasons: 1) if it is publicly available and can be retrieved from a keyserver and 2) the "gpgsplit" command has a "secret-to-public" option that can recover a public key from a private key. Note that gpgsplit may not recover accurate expiration dates and preferences if they were updated after the key was created.

One should never sign a key (or use pgp at all) on an untrusted computer or in an untrusted environment. Gather the information needed to sign a key and sign it when you get home. If your home computer and environment are not trusted, you have bigger problems to worry about.

Read Entire Article
http://www.linuxsecurity.com/content/view/121645/49/


LinuxSecurity.com Feature Extras:

EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New adzapper packages fix denial of service
  9th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121573
 
  Debian: New elog packages fix arbitrary code execution
  10th, February, 2006

Several security problems have been found in elog, an electonic logbook to manage notes. The Common Vulnerabilities and Exposures Project identifies the following problems...

http://www.linuxsecurity.com/content/view/121583
 
  Debian: New noweb packages fix insecure temporary file creation
  13th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121606
 
  Debian: New scponly packages fix potential root vulnerability
  13th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121607
 
  Debian: New kronolith packages fix cross-site scripting
  14th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121617
 
  Debian: New xpdf packages fix denial of service
  14th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121618
 
  Debian: New pdfkit.framework packages fix denial of service
  15th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121634
 
  Debian: New OTRS packages fix several vulnerabilities
  15th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121635
 
  Debian: New gpdf packages fix denial of service
  15th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121636
 
  Debian: New nfs-user-server packages fix arbitrary code execution
  15th, February, 2006

Marcus Meissner discovered that attackers can trigger a buffer overflow in the path handling code by creating or abusing existing symlinks, which may lead to the execution of arbitrary code.

This vulnerability isn't present in the kernel NFS server.

http://www.linuxsecurity.com/content/view/121643
 
  Debian: New libast packages fix arbitrary code execution
  15th, February, 2006

Johnny Mast discovered a buffer overflow in libast, the library of assorted spiffy things, that can lead to the execution of arbitary code. This library is used by eterm which is installed setgid uid which leads to a vulnerability to alter the utmp file.

http://www.linuxsecurity.com/content/view/121644
 
  Debian: New heimdal packages fix several vulnerabilities
  16th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121646
 
   Fedora
  Fedora Core 4 Update: poppler-0.4.5-1.1
  10th, February, 2006

Heap-based buffer overflow in Splash.cc in poppler, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.

http://www.linuxsecurity.com/content/view/121591
 
  Fedora Core 4 Update: xpdf-3.01-0.FC4.8
  10th, February, 2006

xpdf contains a heap based buffer overflow in the splash rasterizer engine that can crash kpdf or even execute arbitrary code. Users impacted by these issues, should update to this new package release.

http://www.linuxsecurity.com/content/view/121592
 
  Fedora Core 4 Update: kdegraphics-3.5.1-0.2.fc4
  10th, February, 2006

kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a heap based buffer overflow in the splash rasterizer engine that can crash kpdf or even execute arbitrary code. Users impacted by these issues, should update to this new package release.

http://www.linuxsecurity.com/content/view/121593
 
  Fedora Core 4 Update: gnutls-1.0.25-2.FC4
  10th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121596
 
  Fedora Core 4 Update: cpuspeed-1.2.1-1.24_FC4
  12th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121597
 
  Fedora Core 4 Update: pam_krb5-2.1.15-2
  14th, February, 2006

This update fixes several bugs which have been found since FC4 was released.

http://www.linuxsecurity.com/content/view/121627
 
  Fedora Core 4 Update: postgresql-8.0.7-1.FC4.1
  14th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121629
 
  Fedora Core 4 Update: selinux-policy-targeted-1.27.1-2.22
  14th, February, 2006

Zebra was still broken. Hopefully fixed by this update.

http://www.linuxsecurity.com/content/view/121630
 
  Fedora Core 4 Update: selinux-policy-strict-1.27.1-2.22
  14th, February, 2006

Zebra was still broken. Hopefully fixed by this update.

http://www.linuxsecurity.com/content/view/121631
 
   Gentoo
  Gentoo: Xpdf, Poppler Heap overflow
  12th, February, 2006

Xpdf and Poppler are vulnerable to a heap overflow that may be exploited to execute arbitrary code.

http://www.linuxsecurity.com/content/view/121598
 
  Gentoo: KPdf Heap based overflow
  12th, February, 2006

KPdf includes vulnerable Xpdf code to handle PDF files, making it vulnerable to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/121599
 
  Gentoo: ImageMagick Format string vulnerability
  13th, February, 2006

A vulnerability in ImageMagick allows attackers to crash the application and potentially execute arbitrary code.

http://www.linuxsecurity.com/content/view/121614
 
  Gentoo: KPdf Heap based overflow
  13th, February, 2006

KPdf includes vulnerable Xpdf code to handle PDF files, making it vulnerable to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/121615
 
  Gentoo: Sun JDK/JRE Applet privilege escalation
  14th, February, 2006

Sun's Java Development Kit (JDK) and Java Runtime Environment (JRE) do not adequately constrain applets from privilege escalation and arbitrary code execution.

http://www.linuxsecurity.com/content/view/121633
 
  Gentoo: libtasn1, GNU TLS Security flaw in DER decoding
  16th, February, 2006

A flaw in the parsing of Distinguished Encoding Rules (DER) has been discovered in libtasn1, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/121654
 
  Gentoo: BomberClone Remote execution of arbitrary code
  16th, February, 2006

BomberClone is vulnerable to a buffer overflow which may lead to remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/121655
 
   Mandriva
  Mandriva: Updated ghostscript packages fix various bugs
  10th, February, 2006

A number of bugs have been corrected with this latest ghostscript package including a fix when rendering imaged when converting PostScript to PDF with ps2pdf, a crash when generating PDF files with the pdfwrite device, several segfaults, a fix for vertical japanese text, and a number of other fixes.

http://www.linuxsecurity.com/content/view/121595
 
  Mandriva: Updated gnutls packages fix libtasn1 out-of-bounds access vulnerabilities
  14th, February, 2006

Evgeny Legerov discovered cases of possible out-of-bounds access in the DER decoding schemes of libtasn1, when provided with invalid input. This library is bundled with gnutls. The provided packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/121616
 
  Mandriva: Updated postgresql packages fix various bugs
  14th, February, 2006

Various bugs in the PostgreSQL 8.0.x branch have been corrected with the latest 8.0.7 maintenance release which is being provided for Mandriva Linux 2006 users.

http://www.linuxsecurity.com/content/view/121632
 
   Red Hat
  RedHat: Important: gnutls security update
  10th, February, 2006

Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121594
 
  RedHat: Important: xpdf security update
  13th, February, 2006

An updated xpdf package that fixes a buffer overflow security issue is now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121608
 
  RedHat: Moderate: libpng security update
  13th, February, 2006

Updated libpng packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121609
 
  RedHat: Important: kdegraphics security update
  13th, February, 2006

Updated kdegraphics packages that resolve a security issue in kpdf are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121610
 
  RedHat: Moderate: ImageMagick security update
  14th, February, 2006

Updated ImageMagick packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121628
 
   SuSE
  SuSE: kernel remote denial of service
  9th, February, 2006

The Linux kernel on SUSE Linux 10.0 has been updated to fix following security problems...

http://www.linuxsecurity.com/content/view/121580
 
  SuSE: binutils, kdelibs3, kdegraphics3, koffice, dia, lyx
  10th, February, 2006

A SUSE specific patch to the GNU linker 'ld' removes redundant RPATH and RUNPATH components when linking binaries. Due to a bug in this routine ld occasionally left empty RPATH components. When running a binary with empty RPATH components the dynamic linker tries to load shared libraries from the current directory.

http://www.linuxsecurity.com/content/view/121590
 
  SuSE: openssh (SUSE-SA:2006:008)
  14th, February, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121619
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.