LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 25th, 2014
Linux Advisory Watch: July 18th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: March 24th 2006 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week advisories were released for xpvm, vlc, xine-lib, wzdftpd, drupal, kpdf, libmail-audit-perl, ilohamail, kernel-patch-vserver, unzip, snmptrapfmt, firebird2, sendmail, evolution, kernel, xorg, avahi, beagle, curl, php-pear, xterm, scim-anthy, tzdata, logwatch, shadow-utils, cpio, libsepol, bind, Freeciv, zoo, bypass, rshd, metamail, cube, squirrelmail, flex, gnupg, pngcrush, libcurl, cairo, flash-player, and realplayer. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, and SuSE.


EnGarde Secure Linux: Why not give it a try?

EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.

http://www.engardelinux.org/modules/index/register.cgi


Linux Command Reference Manual: Linux File Structure
By: Suhas Desai

In the Linux file structure files are grouped according to purpose. Ex: commands, data files, documentation. Parts of a Unix directory tree are listed below. All directories are grouped under the root entry "/". That part of the directory tree is left out of the below diagram. See the FSSTND standard(Filesystem standard).

root - The home directory for the root user
home - Contains the user's home directories along with directories for services

ftp
HTTP
samba

bin - Commands needed during bootup that might be needed by normal users
sbin - Like bin but commands are not intended for normal users.
proc - This filesystem is not on a disk. It is a virtual filesystem that exists in the kernels imagination, which is memory.
usr - Contains all commands, libraries, man pages, games and static files for normal operation
bin - Almost all user commands. some commands are in /bin or /usr/local/bin.
sbin - System admin commands not needed on the root filesystem. e.g., most server programs.
include - Header files for the C programming language. Should be below /user/lib for consistency.
lib - Unchanging data files for programs and subsystems
local - The place for locally installed software and other files.
man - Manual pages
info - Info documents
doc - Documentation

X11R6 - The X windows system files. There is a directory similar to sr below this directory.
X386 - Like X11R6 but for X11 release 5
boot - Files used by the bootstrap loader, LILO. Kernel images are often kept here.
lib - Shared libraries needed by the programs on the root filesystem
modules - Loadable kernel modules, especially those needed to boot the system after disasters.
dev - Device files
etc - Configuration files specific to the machine.
sysconfig - Files that configure the linux system for devices.
var - Contains files that change for mail, news, printers log files, man pages, temp files
lib - Files that change while the system is running normally
local - Variable data for programs installed in /usr/local.
lock - Lock files. Used by a program to indicate it is using a particular device or file
log - Log files from programs such as login and syslog which logs all logins and logouts.
run - Files that contain information about the system that is valid until the system is next booted.
spool - Directories for mail, printer spools, news and other spooled work.
tmp - Temporary files that are large or need to exist for longer than they should in /tmp.
mnt - Mount points for temporary mounts by the system administrator.
tmp - Temporary files. Programs running after bootup should use /var/tmp.

Read Full Paper
http://www.linuxsecurity.com/images/stories/commandref.pdf


LinuxSecurity.com Feature Extras:

EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New xpvm packages fix insecure temporary file
  16th, March, 2006

Eric Romang discoverd that xpvm, a graphical console and monitor for PVM, creates a temporary file that allows local attackers to create or overwrite arbitrary files with the privileges of the user running xpvm.

http://www.linuxsecurity.com/content/view/121949
 
  Debian: New vlc packages fix arbitrary code execution
  16th, March, 2006

Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code. The vlc media player links statically against libavcodec.

http://www.linuxsecurity.com/content/view/121951
 
  Debian: New xine-lib packages fix arbitrary code execution
  16th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121957
 
  Debian: New wzdftpd packages fix arbitrary shell command execution
  16th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121959
 
  Debian: New drupal packages fix several vulnerabilities
  17th, March, 2006

The Drupal Security Team discovered several vulnerabilities in Drupal, a fully-featured content management and discussion engine. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-1225,CVE-2006-1226,CVE-2006-1227,CVE-2006-1228

http://www.linuxsecurity.com/content/view/121964
 
  Debian: New kpdf packages fix arbitrary code execution
  17th, March, 2006

Marcelo Ricardo Leitner noticed that the current patch in DSA 932 (CVE-2005-3627) for kpdf, the PDF viewer for KDE, does not fix all buffer overflows, still allowing an attacker to execute arbitrary code.

http://www.linuxsecurity.com/content/view/121966
 
  Debian: New libmail-audit-perl packages fix insecure temporary file use
  20th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121981
 
  Debian: New crossfire packages fix arbitrary code execution
  20th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121982
 
  Debian: New ilohamail packages fix cross-site scripting vulnerabilities
  20th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/121983
 
  Debian: New kernel-patch-vserver packages fix root exploit
  21st, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122004
 
  Debian: New unzip packages fix arbitrary code execution
  21st, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122005
 
  Debian: New snmptrapfmt packages fix insecure temporary file
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122031
 
  Debian: New firebird2 packages fix denial of service
  23rd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122058
 
  Debian: New sendmail packages fix arbitrary code execution
  23rd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122059
 
  Debian: New evolution packages fix arbitrary code execution
  23rd, March, 2006

Ulf H�rnhammar discovered several format string vulnerabilities in Evolution, a free groupware suite, that could lead to crashes of the application or the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122065
 
   Fedora
  Fedora Core 4 Update: GFS-kernel-2.6.11.8-20050601.152643.FC4.25
  16th, March, 2006

Rebuilt against the latest kernel (2.6.15-1.1833_FC4).

http://www.linuxsecurity.com/content/view/121954
 
  Fedora Core 5 Update: xorg-x11-server-1.0.1-9
  20th, March, 2006

Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team. Upon analysis, Alan Coopersmith, a member of the X.Org development team, noticed a couple of serious security issues in the findings. In particular, the Xorg server can be exploited for root privilege escalation by passing a path to malicious modules using the -modulepath command line argument. Also, the Xorg server can be exploited to overwrite any root writable file on the filesystem with the -logfile command line argument.

http://www.linuxsecurity.com/content/view/121985
 
  Fedora Core 5 Update: avahi-0.6.9-8.FC5
  20th, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122003
 
  Fedora Core 5 Update: beagle-0.2.3-4
  21st, March, 2006

Some of the wrapper scripts (including beagle-status) looked in the current directory for files with a specific name and ran that instead of the binary in the path. All such cases have been fixed in this release.

http://www.linuxsecurity.com/content/view/122022
 
  Fedora Core 5 Update: curl-7.15.1-3
  21st, March, 2006

This curl update fixes security vulnerability CVE-2006-1061 - curl can overflow a heap-based memory buffer if very long TFTP URL with valid host name is passed to curl. This update fixes instalation problems on multilib architectures, too.

http://www.linuxsecurity.com/content/view/122023
 
  Fedora Core 5 Update: sendmail-8.13.6-0.FC5.1
  22nd, March, 2006

A flaw in the handling of asynchronous signals. A remote attacker may be able to exploit a race condition to execute arbitrary code as root.

http://www.linuxsecurity.com/content/view/122043
 
  Fedora Core 4 Update: sendmail-8.13.6-0.FC4.1
  22nd, March, 2006

A flaw in the handling of asynchronous signals. A remote attacker may be able to exploit a race condition to execute arbitrary code as root.

http://www.linuxsecurity.com/content/view/122044
 
  Fedora Core 5 Update: php-pear-1.4.6-2.1
  22nd, March, 2006

This update includes the latest upstream version of the PEAR XML_RPC package (version 1.4.5), which fixes operation of the XML_RPC server component with PHP 5.1.2.

http://www.linuxsecurity.com/content/view/122045
 
  Fedora Core 4 Update: xterm-208-4.FC4
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122046
 
  Fedora Core 5 Update: scim-anthy-0.9.0-3.fc5
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122047
 
  Fedora Core 4 Update: tzdata-2006b-2.fc4
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122050
 
  Fedora Core 4 Update: logwatch-7.2.1-1.fc4
  22nd, March, 2006

This new version of logwatch package fixes problems with --splithosts option and contains a lot of services updates.

http://www.linuxsecurity.com/content/view/122051
 
  Fedora Core 5 Update: anthy-7500-1.fc5
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122052
 
  Fedora Core 5 Update: shadow-utils-4.0.14-5.FC5
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122053
 
  Fedora Core 5 Update: cpio-2.6-14.FC5
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122054
 
  Fedora Core 5 Update: libsepol-1.12.1-1.fc5
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122055
 
  Fedora Core 5 Update: bind-9.3.2-12.FC5
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122056
 
   Gentoo
  Gentoo: Freeciv Denial of Service
  16th, March, 2006

A memory allocation bug in Freeciv allows a remote attacker to perform a Denial of Service attack.

http://www.linuxsecurity.com/content/view/121944
 
  Gentoo: zoo Buffer overflow
  16th, March, 2006

A buffer overflow in zoo may be exploited to execute arbitrary when creating archives of specially crafted directories and files.

http://www.linuxsecurity.com/content/view/121945
 
  Gentoo: PEAR-Auth Potential authentication bypass
  17th, March, 2006

PEAR-Auth did not correctly verify data passed to the DB and LDAP containers, thus allowing to inject false credentials to bypass the authentication.

http://www.linuxsecurity.com/content/view/121970
 
  Gentoo: Heimdal rshd privilege escalation
  17th, March, 2006

An error in the rshd daemon of Heimdal could allow authenticated users to elevate privileges.

http://www.linuxsecurity.com/content/view/121971
 
  Gentoo: Crypt:CBC: Insecure initialization vector
  17th, March, 2006

Crypt::CBC uses an insecure initialization vector, potentially resulting in a weaker encryption.

http://www.linuxsecurity.com/content/view/121972
 
  Gentoo: Metamail Buffer overflow
  17th, March, 2006

A buffer overflow in Metamail could possibly be exploited to execute arbitrary code.

http://www.linuxsecurity.com/content/view/121973
 
  Gentoo: Cube Multiple vulnerabilities
  21st, March, 2006

Cube is vulnerable to a buffer overflow, invalid memory access and remote client crashes, possibly leading to a Denial of Service or remote code execution.

http://www.linuxsecurity.com/content/view/122012
 
  Gentoo: SquirrelMail Cross-site scripting and IMAP command injection
  21st, March, 2006

SquirrelMail is vulnerable to several cross-site scripting vulnerabilities and IMAP command injection.

http://www.linuxsecurity.com/content/view/122013
 
  Gentoo: GNU tar Buffer overflow
  21st, March, 2006

A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122014
 
  Gentoo: flex Potential insecure code generation
  21st, March, 2006

flex might generate code with a buffer overflow, making applications using such scanners vulnerable to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122015
 
  Gentoo: GnuPG Incorrect signature verification
  21st, March, 2006

GnuPG may erroneously report a modified or unsigned message has a valid digital signature.

http://www.linuxsecurity.com/content/view/122016
 
  Gentoo: PeerCast Buffer overflow
  21st, March, 2006

PeerCast is vulnerable to a buffer overflow that may lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122017
 
  Gentoo: Pngcrush Buffer overflow
  21st, March, 2006

Pngcrush is vulnerable to a buffer overflow which could potentially lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122018
 
  Gentoo: cURL/libcurl Buffer overflow in the handling
  21st, March, 2006

libcurl is affected by a buffer overflow in the handling of URLs for the TFTP protocol, which could be exploited to compromise a user's system.

http://www.linuxsecurity.com/content/view/122029
 
  Gentoo: Macromedia Flash Player Arbitrary code execution
  21st, March, 2006

Multiple vulnerabilities have been identified that allows arbitrary code execution on a user's system via the handling of malicious SWF files.

http://www.linuxsecurity.com/content/view/122030
 
  Gentoo: Sendmail Race condition in the handling of asynchronous signals
  22nd, March, 2006

Sendmail is vulnerable to a race condition which could lead to the execution of arbitrary code with sendmail privileges.

http://www.linuxsecurity.com/content/view/122041
 
  Gentoo: PHP Format string and XSS vulnerabilities
  22nd, March, 2006

Multiple vulnerabilities in PHP allow remote attackers to inject arbitrary HTTP headers, perform cross site scripting or in some cases execute arbitrary code.

http://www.linuxsecurity.com/content/view/122042
 
   Mandriva
  Mandriva: Updated xorg-x11 packages to address local root vuln
  20th, March, 2006

Versions of Xorg 6.9.0 and greater have a bug in xf86Init.c, which allows non-root users to use the -modulepath, -logfile and -configure options. This allows loading of arbitrary modules which will execute as the root user, as well as a local DoS by overwriting system files. Updated packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/122001
 
  Mandriva: Updated cairo packages to address Evolution DoS vulnerability
  20th, March, 2006

GNOME Evolution allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.

http://www.linuxsecurity.com/content/view/122002
 
  Mandriva: Updated sendmail packages fix remote vulnerability
  22nd, March, 2006

A race condition was reported in sendmail in how it handles asynchronous signals. This could allow a remote attacker to be able to execute arbitrary code with the privileges of the user running sendmail.

http://www.linuxsecurity.com/content/view/122048
 
  Mandriva: Updated kernel packages fix multiple vulnerabilities
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122049
 
   Red Hat
  RedHat: Critical: sendmail security update
  22nd, March, 2006

Updated sendmail packages to fix a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/122035
 
  RedHat: Critical: sendmail security update
  22nd, March, 2006

Updated sendmail packages to fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/122036
 
  RedHat: Critical: RealPlayer security update
  23rd, March, 2006

An updated RealPlayer package that fixes a buffer overflow bug is now available for Red Hat Enterprise Linux Extras 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/122057
 
   SuSE
  SuSE: flash-player buffer overflow
  21st, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122006
 
  SuSE: xorg-x11-server local privilege
  21st, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122007
 
  SuSE: sendmail remote code execution
  22nd, March, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122037
 
  SuSE: RealPlayer security problems
  23rd, March, 2006

This update fixes the following security problems in Realplayer: CVE-2006-0323, CVE-2005-2922.

http://www.linuxsecurity.com/content/view/122060
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Four fake Google haxbots hit YOUR WEBSITE every day
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
The Barnaby Jack Few Knew: Celebrated Hacker Saw Spotlight as 'Necessary Evil'
What I Learned from Edward Snowden at the Hacker Conference
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.