EnGarde Secure Linux: Why not give it a try?
EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
Linux Command Reference Manual: Linux File Formats
By: Suhas Desai
/etc/crontab
The syntax of each line in this file is: minute, hour, day of month, Month, day of week, (user name), command
/etc/fstab
Columns are: device file to mount, directory to mount on, filesystem type, options, backup frequency, and fsck pass number (To specify the order in which filesystems should be checked on boot; 0 means no check.) The noauto option stops this mount from being done automatically on boot.
/etc/hosts
Sets up host address information for local use. The format is: IPaddress name1 name2.
/etc/inittab
Sets the init configuration. An entry in the inittab file has the following format: id: runlevels: action: process
/etc/passwd
The file has one line per username, and is divided into seven colonde limited fields:
- Username.
- Password, in an encrypted form.
- Numeric user id.
- Numeric group id.
- Full name or other description of account. This is called gecos.
- The user's home directory.
- The user's login shell (program to run at login).
/usr/X11R6/lib/X11/XF86Config
The main XFree86 configuration file.
Read Full Paper
/images/stories/commandref.pdf
LinuxSecurity.com Feature Extras:
EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New firebird2 packages fix denial of service | ||
| 23rd, March, 2006
Updated package. advisories/debian/debian-new-firebird2-packages-fix-denial-of-service |
||
| Debian: New sendmail packages fix arbitrary code execution | ||
| 23rd, March, 2006
Updated package. advisories/debian/debian-new-sendmail-packages-fix-arbitrary-code-execution |
||
| Debian: New evolution packages fix arbitrary code execution | ||
| 23rd, March, 2006
Ulf H�rnhammar discovered several format string vulnerabilities in Evolution, a free groupware suite, that could lead to crashes of the application or the execution of arbitrary code. advisories/debian/debian-new-evolution-packages-fix-arbitrary-code-execution-229 |
||
| Debian: New Linux kernel 2.6.8 packages fix several vulnerabilities | ||
| 23rd, March, 2006
Updated package. advisories/debian/debian-new-linux-kernel-268-packages-fix-several-vulnerabilities-40262 |
||
| Debian: New kpdf packages fix several vulnerabilities | ||
| 24th, March, 2006
Derek Noonburg has fixed several potential vulnerabilities in xpdf, the Portable Document Format (PDF) suite, which is also present in koffice, the KDE Office Suite. advisories/debian/debian-new-kpdf-packages-fix-several-vulnerabilities |
||
| Debian: New Linux kernel 2.4.27 packages fix several vulnerabilities | ||
| 24th, March, 2006
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The CVE ids are as follows: CVE-2004-0887 CVE-2004-1058 CVE-2004-2607 CVE-2005-0449 CVE-2005-1761 CVE-2005-2457 CVE-2005-2555 CVE-2005-2709 CVE-2005-2973 CVE-2005-3257 CVE-2005-3783 CVE-2005-3806 CVE-2005-3848 CVE-2005-3857 CVE-2005-3858 CVE-2005-4618 advisories/debian/debian-new-linux-kernel-2427-packages-fix-several-vulnerabilities-881 |
||
| Debian: New flex packages fix insecure code generation | ||
| 27th, March, 2006
Updated package. advisories/debian/debian-new-flex-packages-fix-insecure-code-generation |
||
| Debian: New netpbm-free packages fix arbitrary command execution | ||
| 28th, March, 2006
Max Vozeler from the Debian Audit Project discovered that pstopnm, a converter from Postscript to the PBM, PGM and PNM formats, launches Ghostscript in an insecure manner, which might lead to the execution of arbitrary shell commands, when converting specially crafted Postscript files. advisories/debian/debian-new-netpbm-free-packages-fix-arbitrary-command-execution |
||
| Fedora | ||
| Fedora Core 5 Update: file-4.17-2.fc5 | ||
| 23rd, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-file-417-2fc5-16-03-00-122071 |
||
| Fedora Core 5 Update: man-1.6c-2.fc5 | ||
| 24th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-man-16c-2fc5-16-43-00-122089 |
||
| Fedora Core 5 Update: db4-4.3.29-3.fc5 | ||
| 24th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-db4-4329-3fc5-16-44-00-122090 |
||
| Fedora Core 5 Update: gok-1.0.7-1 | ||
| 24th, March, 2006
A new gok package has been built that fixes several bugs, and adds support for the zh_HK language. advisories/fedora/fedora-core-5-update-gok-107-1-16-44-00-122091 |
||
| Fedora Core 5 Update: gedit-2.14.1-1 | ||
| 24th, March, 2006
A new version of the gedit package has been built that fixes a problem with tab drag-and-drop when multiple gedit windows are open. advisories/fedora/fedora-core-5-update-gedit-2141-1-16-45-00-122092 |
||
| Fedora Core 5 Update: epiphany-2.14.0-1 | ||
| 24th, March, 2006
A new epiphany package has been built that brings the epipany version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. advisories/fedora/fedora-core-5-update-epiphany-2140-1-16-45-00-122093 |
||
| Fedora Core 5 Update: evolution-connector-2.6.0-1 | ||
| 24th, March, 2006
A new evolution-connector package has been built that brings the version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. advisories/fedora/fedora-core-5-update-evolution-connector-260-1-16-46-00-122094 |
||
| Fedora Core 5 Update: evolution-data-server-1.6.0-1 | ||
| 24th, March, 2006
A new evolution-data-server package has been built that brings the version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. advisories/fedora/fedora-core-5-update-evolution-data-server-160-1-16-47-00-122095 |
||
| Fedora Core 5 Update: gnome-power-manager-2.14.0-1 | ||
| 24th, March, 2006
A new gnome-power-manager package has been built that brings the version in Fedora Core 5 in sync with the version that was released for Gnome 2.14. advisories/fedora/fedora-core-5-update-gnome-power-manager-2140-1-16-48-00-122096 |
||
| Fedora Core 5 Update: pyorbit-2.14.0-1 | ||
| 24th, March, 2006
A new pyorbit package has been built that brings the version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. advisories/fedora/fedora-core-5-update-pyorbit-2140-1-16-48-00-122097 |
||
| Fedora Core 5 Update: totem-1.4.0-2 | ||
| 24th, March, 2006
A new totem package has been built that brings the version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. advisories/fedora/fedora-core-5-update-totem-140-2-16-49-00-122098 |
||
| Fedora Core 5 Update: libglade2-2.5.1-4.fc5.1 | ||
| 24th, March, 2006
A new libglade package has been released that fixes a problem when setting the "invisible" character (in password entries) to a non-ASCII character. advisories/fedora/fedora-core-5-update-libglade2-251-4fc51-16-50-00-122099 |
||
| Fedora Core 5 Update: gnome-icon-theme-2.14.2-1.fc5.1 | ||
| 24th, March, 2006
An updated gnome-icon-theme package fixes a problem where files with mimetype application/xml would not get the right icon. advisories/fedora/fedora-core-5-update-gnome-icon-theme-2142-1fc51-16-50-00-122100 |
||
| Fedora Core 5 Update: shared-mime-info-0.17-1.fc5.1 | ||
| 24th, March, 2006
A new version of the shared-mime-info package has been released that fixes several bugs. advisories/fedora/fedora-core-5-update-shared-mime-info-017-1fc51-16-51-00-122101 |
||
| Fedora Core 5 Update: libxklavier-2.2-1 | ||
| 24th, March, 2006
A new libxklavier package has been built that brings the version in Fedora Core 5 in sync with the version that shipped with Gnome 2.14. advisories/fedora/fedora-core-5-update-libxklavier-22-1-16-51-00-122102 |
||
| Fedora Core 5 Update: gnome-vfs2-2.14.0-2 | ||
| 24th, March, 2006
A new version of the gnome-vfs2 package fixes a packaging error. advisories/fedora/fedora-core-5-update-gnome-vfs2-2140-2-16-52-00-122103 |
||
| Fedora Core 5 Update: gstreamer-plugins-base-0.10.5-1 | ||
| 24th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-gstreamer-plugins-base-0105-1-16-54-00-122104 |
||
| Fedora Core 5 Update: gstreamer-0.10.4-1 | ||
| 24th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-gstreamer-0104-1-16-55-00-122105 |
||
| Fedora Core 5 Update: cpio-2.6-15.FC5 | ||
| 27th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-cpio-26-15fc5-12-02-00-122113 |
||
| Fedora Core 4 Update: squirrelmail-1.4.6-4.fc4 | ||
| 27th, March, 2006
This update fixes Bug #185767 where we broke Japanese mail sending in our previous update. (I would really appreciate it if Chinese and Korean users would test this and report if it works properly for incoming and outgoing mail.) advisories/fedora/fedora-core-4-update-squirrelmail-146-4fc4-12-02-00-122114 |
||
| Fedora Core 5 Update: squirrelmail-1.4.6-4.fc5 | ||
| 27th, March, 2006
This update fixes Bug #185767 where we broke Japanese mail sending in our previous update. (I would really appreciate it if Chinese and Korean users would test this and report if it works properly for incoming and outgoing mail.) advisories/fedora/fedora-core-5-update-squirrelmail-146-4fc5-12-03-00-122115 |
||
| Fedora Core 4 Update: glibc-2.3.6-3 | ||
| 27th, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-glibc-236-3-12-03-00-122116 |
||
| Fedora Core 5 Update: mtr-0.71-0.FC5.1 | ||
| 27th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-mtr-071-0fc51-12-04-00-122117 |
||
| Fedora Core 4 Update: mtr-0.71-0.FC4.1 | ||
| 27th, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-mtr-071-0fc41-12-04-00-122118 |
||
| Fedora Core 5 Update: tix-8.4.0-4 | ||
| 27th, March, 2006
The tix-8.4.0-3.1 package that shipped with Fedora Core 5 had libTix8.4.so in the wrong directory. The tix-8.4.0-4 package corrects this problem. The 'package require Tix' command now works as it should. advisories/fedora/fedora-core-5-update-tix-840-4-12-05-00-122119 |
||
| Fedora Core 5 Update: xterm-211-1.FC5 | ||
| 27th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-xterm-211-1fc5-12-05-00-122121 |
||
| Fedora Core 4 Update: perl-5.8.6-24 | ||
| 27th, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-perl-586-24-12-16-00-122122 |
||
| Fedora Core 4 Update: kernel-2.6.16-1.2069_FC4 | ||
| 30th, March, 2006
Updated package. advisories/fedora/fedora-core-4-update-kernel-2616-12069fc4-16-31-00-122170 |
||
| Fedora Core 4 Update: rpm-4.4.1-23 | ||
| 30th, March, 2006
This update fixes an issue with a double free experienced in verification with matchpathcon. advisories/fedora/fedora-core-4-update-rpm-441-23-16-32-00-122171 |
||
| Fedora Core 5 Update: scim-hangul-0.2.2-1.fc5 | ||
| 30th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-scim-hangul-022-1fc5-16-32-00-122172 |
||
| Fedora Core 5 Update: scim-anthy-1.0.0-1.fc5 | ||
| 30th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-scim-anthy-100-1fc5-16-33-00-122173 |
||
| Fedora Core 5 Update: mrtg-2.13.2-0.fc5.1 | ||
| 30th, March, 2006
Fixes the RouterUptime option. advisories/fedora/fedora-core-5-update-mrtg-2132-0fc51-16-33-00-122174 |
||
| Fedora Core 5 Update: wpa_supplicant-0.4.8-6.fc5 | ||
| 30th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-wpasupplicant-048-6fc5-16-34-00-122175 |
||
| Fedora Core 5 Update: samba-3.0.22-1.fc5 | ||
| 30th, March, 2006
Updated package. advisories/fedora/fedora-core-5-update-samba-3022-1fc5-21-05-00-122176 |
||
| Gentoo | ||
| Gentoo: NetHack, Slash'EM, Falcon's Eye Local privilege escalation | ||
| 23rd, March, 2006
NetHack, Slash'EM and Falcon's Eye are vulnerable to local privilege escalation vulnerabilities that could potentially allow the execution of arbitrary code as other users. |
||
| Gentoo: RealPlayer Buffer overflow vulnerability | ||
| 26th, March, 2006
RealPlayer is vulnerable to a buffer overflow that could lead to remote execution of arbitrary code. |
||
| Gentoo: OpenOffice.org Heap overflow in included libcurl | ||
| 27th, March, 2006
OpenOffice.org contains a vulnerable version of libcurl that may cause a heap overflow when parsing URLs. |
||
| Gentoo: bsd-games Local privilege escalation in tetris-bsd | ||
| 29th, March, 2006
tetris-bsd is prone to local privilege escalation vulnerabilities. |
||
| Mandriva | ||
| Mandriva: Updated FreeRADIUS packages fix EAP-MSCHAPv2 module vulnerability | ||
| 24th, March, 2006
An unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module. Updated packages have been patched to correct this issue. |
||
| Mandriva: Updated mailman packages fix DoS from badly formed mime multipart messages. | ||
| 29th, March, 2006
Scrubber.py, in Mailman 2.1.5 and earlier, when using email 2.5 (part of Python), is susceptible to a DoS (mailman service stops delivering for the list in question) if it encounters a badly formed mime multipart message with only one part and that part has two blank lines between the first boundary and the end boundary. |
||
| Red Hat | ||
| RedHat: Critical: RealPlayer security update | ||
| 23rd, March, 2006
An updated RealPlayer package that fixes a buffer overflow bug is now available for Red Hat Enterprise Linux Extras 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-realplayer-security-update-56018 |
||
| SuSE | ||
| SuSE: RealPlayer security problems | ||
| 23rd, March, 2006
This update fixes the following security problems in Realplayer: CVE-2006-0323, CVE-2005-2922. |
||
| SuSE: freeradius authentication bypass | ||
| 28th, March, 2006
Updated package. |
||
