LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: March 17th 2006 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for zoph, bluez-hcidump, curl, zoo, ffmpeg, GnuPG, freeciv, metamail, CBC, bomberclone, libextractor, lurker, crossfire, webcalendar, xpvm, vlc, net-tools, tcsh, shadow-utils, db, tar, flex, squirrelmail, zoo, php, python, kdegraphics, squid, vixie-cron, the Red Hat kernel. Distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, and SuSE.


EnGarde Secure Linux: Why not give it a try?

EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.

http://www.engardelinux.org/modules/index/register.cgi


Preventing DDoS Attacks
By: Blessen Cherian

Introduction

In this article I am trying to explain what DDOS is and how it can be prevented. DDOS happens due to lack of security awareness of the network/server owners. On a daily basis we hear that a particular machine is under DDOS attack or NOC has unplugged the machine due to DDOS attack . So DDOS has become one of the common issues in this electronics world. DDOS is like a disease which doesn't have an anti-viral developed. So we should be carefull while dealing with it. Never take it lightly. In this article i am trying to explain the steps/measures which will help us defend from DDOS attack, up to a certain extend.

What is a DDOS attack?

Simply said, DDOS is an advanced version of DOS attack. Like DOS, DDOS also tries to deny the important services running on a server by broadcasting packets to the destination server in a way that the Destination server cannot handle it. The speciality of the DDOS is that, it relays attacks not from a single network/ host like DOS. The DDOS attack will be launched from different dynamic networks which has already been compromised.

Normally, DDOS consists of 3 parts . One is the Master ,Other the slave and atlast the victim. The master is the attack launcher ie the person/machine behind all this,sound's COOL right. The slave is the network which is being compromised by the Master and Victim is the target site/server. Master informs the compromised machines, so called slaves to launch attack on the victim's site/machine. Hence its also called co-ordinated attack.

In my term, Master is said to be the Master Brain, Slave is said to be the launch pad for the attack and Victim is the target.

How do they Do it?

DDOS is done in 2 phases. In the first phase they try to compromise weak machines in different networks around the world. This phase is called Intrusion Phase. Its in the next phase that they install DDOS tools and starts attacking the victims machines/site. This Phase is called Distributed DoS attacks phase.

Read Full Paper
http://www.linuxsecurity.com/content/view/121960/49/


LinuxSecurity.com Feature Extras:

EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New zoph packages fix SQL injection
  9th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121857
 
  Debian: New bluez-hcidump packages fix denial of service
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121875
 
  Debian: New curl packages fix potential security problem
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121876
 
  Debian: New zoo packages fix arbitrary code execution
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121877
 
  Debian: New ffmpeg packages fix arbitrary code execution
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121878
 
  Debian: New GnuPG packages fix broken signature check
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121891
 
  Debian: New freeciv packages fix denial of service
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121898
 
  Debian: New metamail packages fix arbitrary code execution
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121899
 
  Debian: New Crypt::CBC packages fix cryptographic weakness
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121900
 
  Debian: New GnuPG packages fix broken signature check
  13th, March, 2006

http://www.linuxsecurity.com/content/view/121903
 
  Debian: New bomberclone packages fix arbitrary code execution
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121910
 
  Debian: New libextractor packages fix several vulnerabilities
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121912
 
  Debian: New lurker packages fix several vulnerabilities
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121914
 
  Debian: New Apache2::Request packages fix denial of service
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121915
 
  Debian: New crossfire packages fix arbitrary code execution
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121916
 
  Debian: New webcalendar packages fix several vulnerabilities
  15th, March, 2006

Several security related problems have been discovered in webcalendar, a PHP based multi-user calendar. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:

http://www.linuxsecurity.com/content/view/121926
 
  Debian: New xpvm packages fix insecure temporary file
  16th, March, 2006

Eric Romang discoverd that xpvm, a graphical console and monitor for PVM, creates a temporary file that allows local attackers to create or overwrite arbitrary files with the privileges of the user running xpvm.

http://www.linuxsecurity.com/content/view/121949
 
  Debian: New vlc packages fix arbitrary code execution
  16th, March, 2006

Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code. The vlc media player links statically against libavcodec.

http://www.linuxsecurity.com/content/view/121951
 
   Fedora
  Fedora Core 4 Update: net-tools-1.60-52.fc4.2
  10th, March, 2006

The update adds two new options for netstat; T stops trimming remote and local addresses; Z shows selinux context, and fixes doublefree bug in route and netstat.

http://www.linuxsecurity.com/content/view/121882
 
  Fedora Core 4 Update: tcsh-6.14-1.fc4.2
  11th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121894
 
  Fedora Core 4 Update: shadow-utils-4.0.12-8.FC4
  13th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121909
 
  Fedora Core 4 Update: gnupg-1.4.2.2-1
  13th, March, 2006

Tavis Ormandy discovered a flaw in the way GnuPG verifies cryptographically signed data with inline signatures. It is possible for an attacker to add unsigned text to a signed message in such a way so that when the signed text is extracted, the unsigned text is extracted as well, appearing as if it had been signed. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0049 to this issue.

http://www.linuxsecurity.com/content/view/121911
 
  Fedora Core 4 Update: db4-4.3.27-5.fc4
  14th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121922
 
   Gentoo
  Gentoo: GNU tar Buffer overflow
  10th, March, 2006

A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/121884
 
  Gentoo: flex Potential insecure code generation
  10th, March, 2006

flex might generate code with a buffer overflow, making applications using such scanners vulnerable to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/121892
 
  Gentoo: GnuPG Incorrect signature verification
  10th, March, 2006

GnuPG may erroneously report a modified or unsigned message has a valid digital signature.

http://www.linuxsecurity.com/content/view/121893
 
  Gentoo: SquirrelMail Cross-site scripting and IMAP command injection
  12th, March, 2006

SquirrelMail is vulnerable to several cross-site scripting vulnerabilities and IMAP command injection.

http://www.linuxsecurity.com/content/view/121895
 
  Gentoo: Cube Multiple vulnerabilities
  12th, March, 2006

Cube is vulnerable to a buffer overflow, invalid memory access and remote client crashes, possibly leading to a Denial of Service or remote code execution.

http://www.linuxsecurity.com/content/view/121897
 
  Gentoo: Freeciv Denial of Service
  16th, March, 2006

A memory allocation bug in Freeciv allows a remote attacker to perform a Denial of Service attack.

http://www.linuxsecurity.com/content/view/121944
 
  Gentoo: zoo Buffer overflow
  16th, March, 2006

A buffer overflow in zoo may be exploited to execute arbitrary when creating archives of specially crafted directories and files.

http://www.linuxsecurity.com/content/view/121945
 
   Mandriva
  Mandriva: Updated php packages fix vulnerability
  9th, March, 2006

A flaw in the PHP gd extension in versions prior to 4.4.1 could allow a remote attacker to bypass safe_mode and open_basedir restrictions via unknown attack vectors.

http://www.linuxsecurity.com/content/view/121871
 
  Mandriva: Updated gnupg packages fix signature file verification vulnerability
  14th, March, 2006

Another vulnerability, different from that fixed in MDKSA-2006:043 (CVE-2006-0455), was discovered in gnupg in the handling of signature files.

http://www.linuxsecurity.com/content/view/121913
 
   Red Hat
  RedHat: Moderate: python security update
  9th, March, 2006

Updated Python packages are now available to correct a security issue. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121869
 
  RedHat: Important: kdegraphics security update
  9th, March, 2006

Updated kdegraphics packages that fully resolve a security issue in kpdf are now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121870
 
  RedHat: Moderate: initscripts security update
  15th, March, 2006

Updated initscripts packages that fix a privilege escalation issue and several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121930
 
  RedHat: Moderate: squid security update
  15th, March, 2006

Updated squid packages that fix a security vulnerability as well as several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121931
 
  RedHat: Low: vixie-cron security update
  15th, March, 2006

An updated vixie-cron package that fixes a bug and security issue is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121932
 
  RedHat: Updated kernel packages available for Red Hat
  15th, March, 2006

Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the seventh regular update. This security advisory has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121933
 
  RedHat: Important: gnupg security update
  15th, March, 2006

An updated GnuPG package that fixes signature verification flaws as well as minor bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121934
 
  RedHat: Critical: flash-plugin security update
  15th, March, 2006

An updated Macromedia Flash Player package that fixes a security issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/121943
 
   SuSE
  SuSE: gpg signature checking problems
  10th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121883
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
USB is now UEC (use with extreme caution)
iPhone Encryption and the Return of the Crypto Wars
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.