EnGarde Secure Linux: Why not give it a try?
EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
Linux Command Reference Manual: Linux File Structure
By: Suhas Desai
root - The home directory for the root user
home - Contains the user's home directories along with directories for servicesftp
HTTP
sambabin - Commands needed during bootup that might be needed by normal users
sbin - Like bin but commands are not intended for normal users.
proc - This filesystem is not on a disk. It is a virtual filesystem that exists in the kernels imagination, which is memory.
usr - Contains all commands, libraries, man pages, games and static files for normal operation
bin - Almost all user commands. some commands are in /bin or /usr/local/bin.
sbin - System admin commands not needed on the root filesystem. e.g., most server programs.
include - Header files for the C programming language. Should be below /user/lib for consistency.
lib - Unchanging data files for programs and subsystems
local - The place for locally installed software and other files.
man - Manual pages
info - Info documents
doc - Documentation
X11R6 - The X windows system files. There is a directory similar to sr below this directory.
X386 - Like X11R6 but for X11 release 5
boot - Files used by the bootstrap loader, LILO. Kernel images are often kept here.
lib - Shared libraries needed by the programs on the root filesystem
modules - Loadable kernel modules, especially those needed to boot the system after disasters.
dev - Device files
etc - Configuration files specific to the machine.
sysconfig - Files that configure the linux system for devices.
var - Contains files that change for mail, news, printers log files, man pages, temp files
lib - Files that change while the system is running normally
local - Variable data for programs installed in /usr/local.
lock - Lock files. Used by a program to indicate it is using a particular device or file
log - Log files from programs such as login and syslog which logs all logins and logouts.
run - Files that contain information about the system that is valid until the system is next booted.
spool - Directories for mail, printer spools, news and other spooled work.
tmp - Temporary files that are large or need to exist for longer than they should in /tmp.
mnt - Mount points for temporary mounts by the system administrator.
tmp - Temporary files. Programs running after bootup should use /var/tmp.
Read Full Paper
/images/stories/commandref.pdf
LinuxSecurity.com Feature Extras:
EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New xpvm packages fix insecure temporary file | ||
| 16th, March, 2006
Eric Romang discoverd that xpvm, a graphical console and monitor for PVM, creates a temporary file that allows local attackers to create or overwrite arbitrary files with the privileges of the user running xpvm. advisories/debian/debian-new-xpvm-packages-fix-insecure-temporary-file |
||
| Debian: New vlc packages fix arbitrary code execution | ||
| 16th, March, 2006
Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code. The vlc media player links statically against libavcodec. advisories/debian/debian-new-vlc-packages-fix-arbitrary-code-execution-42085 |
||
| Debian: New xine-lib packages fix arbitrary code execution | ||
| 16th, March, 2006
Updated package. advisories/debian/debian-new-xine-lib-packages-fix-arbitrary-code-execution-5517 |
||
| Debian: New wzdftpd packages fix arbitrary shell command execution | ||
| 16th, March, 2006
Updated package. advisories/debian/debian-new-wzdftpd-packages-fix-arbitrary-shell-command-execution |
||
| Debian: New drupal packages fix several vulnerabilities | ||
| 17th, March, 2006
The Drupal Security Team discovered several vulnerabilities in Drupal, a fully-featured content management and discussion engine. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-1225,CVE-2006-1226,CVE-2006-1227,CVE-2006-1228 advisories/debian/debian-new-drupal-packages-fix-several-vulnerabilities-8732 |
||
| Debian: New kpdf packages fix arbitrary code execution | ||
| 17th, March, 2006
Marcelo Ricardo Leitner noticed that the current patch in DSA 932 (CVE-2005-3627) for kpdf, the PDF viewer for KDE, does not fix all buffer overflows, still allowing an attacker to execute arbitrary code. advisories/debian/debian-new-kpdf-packages-fix-arbitrary-code-execution-63438 |
||
| Debian: New libmail-audit-perl packages fix insecure temporary file use | ||
| 20th, March, 2006
Updated package. advisories/debian/debian-new-libmail-audit-perl-packages-fix-insecure-temporary-file-use-88604 |
||
| Debian: New crossfire packages fix arbitrary code execution | ||
| 20th, March, 2006
Updated package. advisories/debian/debian-new-crossfire-packages-fix-arbitrary-code-execution-36360 |
||
| Debian: New ilohamail packages fix cross-site scripting vulnerabilities | ||
| 20th, March, 2006
Updated package. advisories/debian/debian-new-ilohamail-packages-fix-cross-site-scripting-vulnerabilities |
||
| Debian: New kernel-patch-vserver packages fix root exploit | ||
| 21st, March, 2006
Updated package. advisories/debian/debian-new-kernel-patch-vserver-packages-fix-root-exploit |
||
| Debian: New unzip packages fix arbitrary code execution | ||
| 21st, March, 2006
Updated package. advisories/debian/debian-new-unzip-packages-fix-arbitrary-code-execution |
||
| Debian: New snmptrapfmt packages fix insecure temporary file | ||
| 22nd, March, 2006
Updated package. advisories/debian/debian-new-snmptrapfmt-packages-fix-insecure-temporary-file |
||
| Debian: New firebird2 packages fix denial of service | ||
| 23rd, March, 2006
Updated package. advisories/debian/debian-new-firebird2-packages-fix-denial-of-service |
||
| Debian: New sendmail packages fix arbitrary code execution | ||
| 23rd, March, 2006
Updated package. advisories/debian/debian-new-sendmail-packages-fix-arbitrary-code-execution |
||
| Debian: New evolution packages fix arbitrary code execution | ||
| 23rd, March, 2006
Ulf H�rnhammar discovered several format string vulnerabilities in Evolution, a free groupware suite, that could lead to crashes of the application or the execution of arbitrary code. advisories/debian/debian-new-evolution-packages-fix-arbitrary-code-execution-229 |
||
| Fedora | ||
| Fedora Core 4 Update: GFS-kernel-2.6.11.8-20050601.152643.FC4.25 | ||
| 16th, March, 2006
Rebuilt against the latest kernel (2.6.15-1.1833_FC4). advisories/fedora/fedora-core-4-update-gfs-kernel-26118-20050601152643fc425-15-17-00-121954 |
||
| Fedora Core 5 Update: xorg-x11-server-1.0.1-9 | ||
| 20th, March, 2006
Coverity scanned the X.Org source code for problems and reported their findings to the X.Org development team. Upon analysis, Alan Coopersmith, a member of the X.Org development team, noticed a couple of serious security issues in the findings. In particular, the Xorg server can be exploited for root privilege escalation by passing a path to malicious modules using the -modulepath command line argument. Also, the Xorg server can be exploited to overwrite any root writable file on the filesystem with the -logfile command line argument. advisories/fedora/fedora-core-5-update-xorg-x11-server-101-9-10-57-00-121985 |
||
| Fedora Core 5 Update: avahi-0.6.9-8.FC5 | ||
| 20th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-avahi-069-8fc5-22-39-00-122003 |
||
| Fedora Core 5 Update: beagle-0.2.3-4 | ||
| 21st, March, 2006
Some of the wrapper scripts (including beagle-status) looked in the current directory for files with a specific name and ran that instead of the binary in the path. All such cases have been fixed in this release. advisories/fedora/fedora-core-5-update-beagle-023-4-11-42-00-122022 |
||
| Fedora Core 5 Update: curl-7.15.1-3 | ||
| 21st, March, 2006
This curl update fixes security vulnerability CVE-2006-1061 - curl can overflow a heap-based memory buffer if very long TFTP URL with valid host name is passed to curl. This update fixes instalation problems on multilib architectures, too. advisories/fedora/fedora-core-5-update-curl-7151-3-11-43-00-122023 |
||
| Fedora Core 5 Update: sendmail-8.13.6-0.FC5.1 | ||
| 22nd, March, 2006
A flaw in the handling of asynchronous signals. A remote attacker may be able to exploit a race condition to execute arbitrary code as root. advisories/fedora/fedora-core-5-update-sendmail-8136-0fc51-9292-15-04-00-122233 |
||
| Fedora Core 4 Update: sendmail-8.13.6-0.FC4.1 | ||
| 22nd, March, 2006
A flaw in the handling of asynchronous signals. A remote attacker may be able to exploit a race condition to execute arbitrary code as root. advisories/fedora/fedora-core-4-update-sendmail-8136-0fc41-44909-15-04-00-122232 |
||
| Fedora Core 5 Update: php-pear-1.4.6-2.1 | ||
| 22nd, March, 2006
This update includes the latest upstream version of the PEAR XML_RPC package (version 1.4.5), which fixes operation of the XML_RPC server component with PHP 5.1.2. advisories/fedora/fedora-core-5-update-php-pear-146-21-19-24-00-122045 |
||
| Fedora Core 4 Update: xterm-208-4.FC4 | ||
| 22nd, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-xterm-208-4fc4-19-34-00-122046 |
||
| Fedora Core 5 Update: scim-anthy-0.9.0-3.fc5 | ||
| 22nd, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-scim-anthy-090-3fc5-19-44-00-122047 |
||
| Fedora Core 4 Update: tzdata-2006b-2.fc4 | ||
| 22nd, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-tzdata-2006b-2fc4-19-52-00-122050 |
||
| Fedora Core 4 Update: logwatch-7.2.1-1.fc4 | ||
| 22nd, March, 2006
This new version of logwatch package fixes problems with --splithosts option and contains a lot of services updates. advisories/fedora/fedora-core-4-update-logwatch-721-1fc4-20-00-00-122051 |
||
| Fedora Core 5 Update: anthy-7500-1.fc5 | ||
| 22nd, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-anthy-7500-1fc5-20-09-00-122052 |
||
| Fedora Core 5 Update: shadow-utils-4.0.14-5.FC5 | ||
| 22nd, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-shadow-utils-4014-5fc5-20-17-00-122053 |
||
| Fedora Core 5 Update: cpio-2.6-14.FC5 | ||
| 22nd, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-cpio-26-14fc5-20-39-00-122054 |
||
| Fedora Core 5 Update: libsepol-1.12.1-1.fc5 | ||
| 22nd, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-libsepol-1121-1fc5-21-12-00-122055 |
||
| Fedora Core 5 Update: bind-9.3.2-12.FC5 | ||
| 22nd, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-bind-932-12fc5-21-43-00-122056 |
||
| Gentoo | ||
| Gentoo: Freeciv Denial of Service | ||
| 16th, March, 2006
A memory allocation bug in Freeciv allows a remote attacker to perform a Denial of Service attack. |
||
| Gentoo: zoo Buffer overflow | ||
| 16th, March, 2006
A buffer overflow in zoo may be exploited to execute arbitrary when creating archives of specially crafted directories and files. |
||
| Gentoo: PEAR-Auth Potential authentication bypass | ||
| 17th, March, 2006
PEAR-Auth did not correctly verify data passed to the DB and LDAP containers, thus allowing to inject false credentials to bypass the authentication. |
||
| Gentoo: Heimdal rshd privilege escalation | ||
| 17th, March, 2006
An error in the rshd daemon of Heimdal could allow authenticated users to elevate privileges. |
||
| Gentoo: Crypt:CBC: Insecure initialization vector | ||
| 17th, March, 2006
Crypt::CBC uses an insecure initialization vector, potentially resulting in a weaker encryption. |
||
| Gentoo: Metamail Buffer overflow | ||
| 17th, March, 2006
A buffer overflow in Metamail could possibly be exploited to execute arbitrary code. |
||
| Gentoo: Cube Multiple vulnerabilities | ||
| 21st, March, 2006
Cube is vulnerable to a buffer overflow, invalid memory access and remote client crashes, possibly leading to a Denial of Service or remote code execution. |
||
| Gentoo: SquirrelMail Cross-site scripting and IMAP command injection | ||
| 21st, March, 2006
SquirrelMail is vulnerable to several cross-site scripting vulnerabilities and IMAP command injection. |
||
| Gentoo: GNU tar Buffer overflow | ||
| 21st, March, 2006
A malicious tar archive could trigger a Buffer overflow in GNU tar, potentially resulting in the execution of arbitrary code. |
||
| Gentoo: flex Potential insecure code generation | ||
| 21st, March, 2006
flex might generate code with a buffer overflow, making applications using such scanners vulnerable to the execution of arbitrary code. |
||
| Gentoo: GnuPG Incorrect signature verification | ||
| 21st, March, 2006
GnuPG may erroneously report a modified or unsigned message has a valid digital signature. |
||
| Gentoo: PeerCast Buffer overflow | ||
| 21st, March, 2006
PeerCast is vulnerable to a buffer overflow that may lead to the execution of arbitrary code. |
||
| Gentoo: Pngcrush Buffer overflow | ||
| 21st, March, 2006
Pngcrush is vulnerable to a buffer overflow which could potentially lead to the execution of arbitrary code. |
||
| Gentoo: cURL/libcurl Buffer overflow in the handling | ||
| 21st, March, 2006
libcurl is affected by a buffer overflow in the handling of URLs for the TFTP protocol, which could be exploited to compromise a user's system. |
||
| Gentoo: Macromedia Flash Player Arbitrary code execution | ||
| 21st, March, 2006
Multiple vulnerabilities have been identified that allows arbitrary code execution on a user's system via the handling of malicious SWF files. |
||
| Gentoo: Sendmail Race condition in the handling of asynchronous signals | ||
| 22nd, March, 2006
Sendmail is vulnerable to a race condition which could lead to the execution of arbitrary code with sendmail privileges. |
||
| Gentoo: PHP Format string and XSS vulnerabilities | ||
| 22nd, March, 2006
Multiple vulnerabilities in PHP allow remote attackers to inject arbitrary HTTP headers, perform cross site scripting or in some cases execute arbitrary code. |
||
| Mandriva | ||
| Mandriva: Updated xorg-x11 packages to address local root vuln | ||
| 20th, March, 2006
Versions of Xorg 6.9.0 and greater have a bug in xf86Init.c, which allows non-root users to use the -modulepath, -logfile and -configure options. This allows loading of arbitrary modules which will execute as the root user, as well as a local DoS by overwriting system files. Updated packages have been patched to correct these issues. |
||
| Mandriva: Updated cairo packages to address Evolution DoS vulnerability | ||
| 20th, March, 2006
GNOME Evolution allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment. |
||
| Mandriva: Updated sendmail packages fix remote vulnerability | ||
| 22nd, March, 2006
A race condition was reported in sendmail in how it handles asynchronous signals. This could allow a remote attacker to be able to execute arbitrary code with the privileges of the user running sendmail. |
||
| Mandriva: Updated kernel packages fix multiple vulnerabilities | ||
| 22nd, March, 2006
Updated package. |
||
| Red Hat | ||
| RedHat: Critical: sendmail security update | ||
| 22nd, March, 2006
Updated sendmail packages to fix a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-sendmail-security-update-3177 |
||
| RedHat: Critical: sendmail security update | ||
| 22nd, March, 2006
Updated sendmail packages to fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-sendmail-security-update-3177 |
||
| RedHat: Critical: RealPlayer security update | ||
| 23rd, March, 2006
An updated RealPlayer package that fixes a buffer overflow bug is now available for Red Hat Enterprise Linux Extras 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-realplayer-security-update-56018 |
||
| SuSE | ||
| SuSE: flash-player buffer overflow | ||
| 21st, March, 2006
Updated package. |
||
| SuSE: xorg-x11-server local privilege | ||
| 21st, March, 2006
Updated package. |
||
| SuSE: sendmail remote code execution | ||
| 22nd, March, 2006
Updated package. |
||
| SuSE: RealPlayer security problems | ||
| 23rd, March, 2006
This update fixes the following security problems in Realplayer: CVE-2006-0323, CVE-2005-2922. |
||
