Linux Advisory Watch: January 28th 2005
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, articles were released for libtiff, ethereal, xpdf, squid, xtrlock, sword, unarj, enscript, zhcon, vdr, xine-lib, libpam-radius, kdebase, f2c, cups, alsa-lib, grep, kernel-utils, hal, im-sdk, gphoto, apr, tetex, koffice, kdegraphics, kdelibs, gaim, procps, mailman, mysql, awstats, less, kernel, and xpdf. The distributors include Conectiva, Debian, Fedora, Gentoo, Mandrake, Red Hat, SuSE, and TurboLinux.


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design. Click to find out more!

The Tao of Network Security Monitoring: Beyond Intrusion Detection

To be honest, this was one of the best books that I've read on network security. Others books often dive so deeply into technical discussions, they fail to provide any relevance to network engineers/administrators working in a corporate environment. Budgets, deadlines, and flexibility are issues that we must all address. The Tao of Network Security Monitoring is presented in such a way that all of these are still relevant. One of the greatest virtues of this book is that is offers real-life technical examples, while backing them up with relevant case studies. Network security engineers, system administrations, and security management will find value in this book. It is a must-read for anyone interested in getting into the field, but would still be useful as a reference for the experienced expert.

The book is written in an easy to follow manner and is filled with diagrams, tables, screen shots, and relevant examples. Richard Bejtlich attempts to help network engineers go beyond what is offered by today's intrusion detection systems. He provides a basis for developing an entire network security monitoring architecture, which gives administrators a much clearer view of network activity. I highly recommend this book to anyone involved in network security on a day-to-day basis.

The Tao of Network Security Monitoring is written in 6 parts with 18 chapters and several appendixes. Part I gives an introduction to network security monitoring, part II introduces available network security tools with examples of usage as well as how the tool can be acquired. Part III and IV outline the network security monitoring process through best practices and case studies while explaining role of those individuals involved. Part V describes what tools and tactics attackers use to evade network security monitoring systems. Part VI, the appendixes, offer a protocol header reference, an intellectual history of network security monitoring, and an introduction to protocol anomaly detection.

Full Review Available:
http://www.linuxsecurity.com/content/view/118106/49/

 

LinuxSecurity.com Feature Extras:

Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).

A 2005 Linux Security Resolution - Year 2000, the coming of the new millennium, brought us great joy and celebration, but also brought great fear. Some believed it would result in full-scale computer meltdown, leaving Earth as a nuclear wasteland. Others predicted minor glitches leading only to inconvenience. The following years (2001-2004) have been tainted with the threat of terrorism worldwide.

State of Linux Security 2004 - In 2004, security continued to be a major concern. The beginning of the year was plagued with several kernel flaws and Linux vendor advisories continue to be released at an ever-increasing rate. This year, we have seen the reports touting Window's security superiority, only to be debunked by other security experts immediately after release. Also, Guardian Digital launched the new LinuxSecurity.com, users continue to be targeted by automated attacks, and the need for security awareness and education continues to rise.

Bulletproof Virus Protection - Protect your network from costly security breaches with Guardian Digital’s multi-faceted security applications. More then just an email firewall, on demand and scheduled scanning detects and disinfects viruses found on the network. Click to find out more!

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

    Contectiva
  Conectiva: libtiff3 Fixes for libtiff vulnerabilities
  20th, January, 2005

This announcement fixes several integer overflow vulnerabilities[3,4] that were encountered in libtiff by iDefense which could lead to remote arbitrary code execution.

http://www.linuxsecurity.com/content/view/117982

 
  Conectiva: ethereal Fixes for security vulnerabilities in ethereal
  24th, January, 2005

This update fixes several vulnerabilities[2,3,4] in ethereal: CAN-2004-0633[5]: The iSNS dissector for ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.

http://www.linuxsecurity.com/content/view/118030

 
  Conectiva: Fixes for xpdf vulnerabilities
  25th, January, 2005

iDefense noticed two issuesin the xpdf code where two buffer overflows could lead to remote code execution vulnerabilities.

http://www.linuxsecurity.com/content/view/118050

 
  Conectiva: Fixes for squid vulnerabilities
  26th, January, 2005

This update fixes several vulnerabilities in the squid web proxy cache.

http://www.linuxsecurity.com/content/view/118068

 
    Debian
  Debian: New xtrlock packages fix authentication bypass
  20th, January, 2005

A buffer overflow has been discovered in xtrlock, a minimal X display lock program which can be exploited by a malicious local attacker to crash the lock program and take over the desktop session.

http://www.linuxsecurity.com/content/view/117981

 
  Debian: New sword packages fix arbitrary command execution
  20th, January, 2005

Ulf Hþrnhammar discovered that due to missing input sanitising in diatheke, a CGI script for making and browsing a bible website, it is possible to execute arbitrary commands via a specially crafted URL.

http://www.linuxsecurity.com/content/view/117990
 
  Debian: New squid packages fix denial of service
  20th, January, 2005

Several vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache.

http://www.linuxsecurity.com/content/view/117991
 
  Debian: New unarj packages fix several vulnerabilities
  21st, January, 2005

Several vulnerabilities have been discovered in unarj, a non-free ARJ unarchive utility.

http://www.linuxsecurity.com/content/view/118007
 
  Debian: New ethereal packages fix buffer overflow
  21st, January, 2005

A buffer overflow has been detected in the X11 dissector of ethereal, a commonly used network traffic analyser. A remote attacker may be able to overflow a buffer using a specially crafted IP packet.

http://www.linuxsecurity.com/content/view/118008
 
  Debian: New enscript packages fix several vulnerabilities
  21st, January, 2005

Erik Sjšlund has discovered several security relevant problems in enscript, a program to convert ASCII text into Postscript and other formats.

http://www.linuxsecurity.com/content/view/118009
 
  Debian: New zhcon packages fix unauthorised file access
  25th, January, 2005

Erik Sjšlund discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files.

http://www.linuxsecurity.com/content/view/118039
 
  Debian: New vdr packages fix insecure file access
  25th, January, 2005

Javier Fern‡ndez-Sanguino Pe–a from the Debian Security Audit Team has discovered that the vdr daemon which is used for video disk recorders for DVB cards can overwrite arbitrary files.

http://www.linuxsecurity.com/content/view/118040
 
  Debian: New xine-lib packages fix arbitrary code execution
  25th, January, 2005

A heap overflow has been discovered in the DVD subpicture decoder of xine-lib. An attacker could cause arbitrary code to be executed on the victims host by supplying a malicious MPEG. By tricking users to view a malicious network stream, this is remotely exploitable.

http://www.linuxsecurity.com/content/view/118049
 
  Debian: New libdbi-perl packages fix insecure temporary file
  25th, January, 2005

Javier Fern‡ndez-Sanguino Pe–a from the Debian Security Audit Project discovered that the DBI library, the Perl5 database interface, creates a tmporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.

http://www.linuxsecurity.com/content/view/118051
 
  Debian: New libpam-radius-auth packages fix several vulnerabilities
  26th, January, 2005

Two problems have been discovered in the libpam-radius-auth package, the PAM RADIUS authentication module. The Common Vulnerabilities and Exposures Project identifies the following problems...

http://www.linuxsecurity.com/content/view/118067
 
  Debian: New kdebase packages fix authentication bypass
  26th, January, 2005

Rapha‘l Enrici discovered that the KDE screensaver can crash under certain local circumstances. This can be exploited by an attacker with physical access to the workstation to take over the desktop session.

http://www.linuxsecurity.com/content/view/118073
 
  Debian: New f2c packages fix insecure temporary files
  27th, January, 2005

Javier Fern‡ndez-Sanguino Pe–a from the Debian Security Audit project discovered that f2c and fc, which are both part of the f2c package, a fortran 77 to C/C++ translator, open temporary files insecurely and are hence vulnerable to a symlink attack.

http://www.linuxsecurity.com/content/view/118091
 
    Fedora
  Fedora Core 2 Update: cups-1.1.20-11.10
  20th, January, 2005

This package fixes a buffer overflow which may possibly allow attackers to execute arbitrary code as the "lp" user. The Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned the name CAN-2005-0064 to this issue.

http://www.linuxsecurity.com/content/view/117983
 
  Fedora Core 3 Update: cups-1.1.22-0.rc1.8.4
  20th, January, 2005

This package fixes a buffer overflow which may possibly allow attackers to execute arbitrary code as the "lp" user. The Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned the name CAN-2005-0064 to this issue.

http://www.linuxsecurity.com/content/view/117984
 
  Fedora Core 3 Update: alsa-lib-1.0.6-7.FC3
  20th, January, 2005

A flaw in the alsa mixer code was discovered, which disabled stack execution protection for the libasound.so library distributed with Fedora Core 3. The effect of this flaw resulted in stack execution protection, through NX or Exec-Shield, which was disabled for any application linked to libasound.

http://www.linuxsecurity.com/content/view/117985
 
  Fedora Core 3 Update: grep-2.5.1-31.4
  20th, January, 2005

This update fixes a small regression in handling multibyte input for "grep -Fi", and further improves performance when processing UTF-8 input.

http://www.linuxsecurity.com/content/view/117992
 
  Fedora Core 2 Update: xpdf-3.00-3.7
  20th, January, 2005

Applied patch to fix CAN-2005-0064 (bug #145050)

http://www.linuxsecurity.com/content/view/117993
 
  Fedora Core 3 Update: xpdf-3.00-10.2
  20th, January, 2005

Applied patch to fix CAN-2005-0064 (bug #145050)

http://www.linuxsecurity.com/content/view/117994
 
  Fedora Core 2 Update: kernel-utils-2.4-9.1.131_FC2
  20th, January, 2005

Update microcode_ctl to 1.11 (#131885)

http://www.linuxsecurity.com/content/view/117997
 
  Fedora Core 3 Update: kernel-utils-2.4-13.1.49_FC3
  20th, January, 2005

Update microcode_ctl to 1.11

http://www.linuxsecurity.com/content/view/117998
 
  Fedora Core 3 Update: hal-0.4.6-1.FC3
  20th, January, 2005

New upstream release

http://www.linuxsecurity.com/content/view/118004
 
  Fedora Core 3 Update: im-sdk-12.1-10.FC3
  21st, January, 2005

This is a bugfix update.

http://www.linuxsecurity.com/content/view/118010
 
  Fedora Core 3 Update: gphoto2-2.1.5-1.1
  21st, January, 2005

This is a version upgrade to 2.1.5. More cameras are supported in this version.

http://www.linuxsecurity.com/content/view/118011
 
  Fedora Core 3 Update: apr-0.9.4-24.2
  21st, January, 2005

This update includes a regenerated version of the bundled libtool script, which fixes some build issues with third-party httpd modules.

http://www.linuxsecurity.com/content/view/118012
 
  Fedora Core 3 Update: pam-0.77-66.2
  21st, January, 2005

Fix PAM_IGNORE return value handling and correct the grubb_leak patch to fix #143750

http://www.linuxsecurity.com/content/view/118019
 
  Fedora Core 2 Update: tetex-2.0.2-14FC2.2
  24th, January, 2005

Updated tetex package fixes another xpdf buffer overflow. The Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned the name CAN-2005-0064 to this issue.

http://www.linuxsecurity.com/content/view/118033
 
  Fedora Core 3 Update: tetex-2.0.2-21.3
  24th, January, 2005

Updated tetex package fixes another xpdf buffer overflow. The Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned the name CAN-2005-0064 to this issue.

http://www.linuxsecurity.com/content/view/118035
 
  Fedora Core 3 Update: ethereal-0.10.9-1.FC3.1
  25th, January, 2005

This update fixes several vulnerabilities in the ethereal package.

http://www.linuxsecurity.com/content/view/118041
 
  Fedora Core 2 Update: ethereal-0.10.9-1.FC2.1
  25th, January, 2005

This update fixes several vulnerabilities in the ethereal package.

http://www.linuxsecurity.com/content/view/118042
 
  Fedora Core 2 Update: koffice-1.3.5-0.FC2.1
  25th, January, 2005

This update fixes a buffer overflow in the koffice package.

http://www.linuxsecurity.com/content/view/118043
 
  Fedora Core 3 Update: koffice-1.3.5-0.FC3.1
  25th, January, 2005

This update fixes a buffer overflow in the koffice package.

http://www.linuxsecurity.com/content/view/118044
 
  Fedora Core 2 Update: kdegraphics-3.2.2-1.3
  25th, January, 2005

This update fixes several vulnerabilities in graphics-related KDE packages.

http://www.linuxsecurity.com/content/view/118045
 
  Fedora Core 3 Update: kdegraphics-3.3.1-2.3
  25th, January, 2005

This update fixes several vulnerabilities in graphics-related KDE packages.

http://www.linuxsecurity.com/content/view/118046
 
  Fedora Core 2 Update: kdelibs-3.2.2-12.FC2
  25th, January, 2005

This update fixes several vulnerabilities in KDE.

http://www.linuxsecurity.com/content/view/118047
 
  Fedora Core 3 Update: kdelibs-3.3.1-2.6.FC3
  25th, January, 2005

This update fixes several vulnerabilities in KDE.

http://www.linuxsecurity.com/content/view/118048
 
  Fedora Core 2 Update: enscript-1.6.1-25.2
  26th, January, 2005

Several security relevant problems in enscript, a program to converts ASCII text to Postscript and other formats.

http://www.linuxsecurity.com/content/view/118075
 
  Fedora Core 2 Update: gaim-1.1.2-0.FC2
  26th, January, 2005

Fixes a great many bugs. Refer to the official changelog for details.

http://www.linuxsecurity.com/content/view/118076
 
  Fedora Core 3 Update: gaim-1.1.2-0.FC3
  26th, January, 2005

Fixes a great many bugs. Refer to the official changelog for details.

http://www.linuxsecurity.com/content/view/118077
 
  Fedora Core 2 Update: tetex-2.0.2-14FC2.2
  26th, January, 2005

Updated tetex package fixes another xpdf buffer overflow. The Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned the name CAN-2005-0064 to this issue.

http://www.linuxsecurity.com/content/view/118078
 
  Fedora Core 3 Update: tetex-2.0.2-21.3
  26th, January, 2005

Updated tetex package fixes another xpdf buffer overflow. The Common Vulnerabilities and Exposures projects (cve.mitre.org) has assigned the name CAN-2005-0064 to this issue.

http://www.linuxsecurity.com/content/view/118079
 
  Fedora Core 3 Update: enscript-1.6.1-28.0.2
  26th, January, 2005

Several security relevant problems in enscript, a program to converts ASCII text to Postscript and other formats.

http://www.linuxsecurity.com/content/view/118080
 
  Fedora Core 3 Update: procps-3.2.3-5.1
  27th, January, 2005

The procps package contains a set of system utilities that provide system information.

http://www.linuxsecurity.com/content/view/118093
 
  Fedora Core 2 Update: procps-3.2.0-1.2
  27th, January, 2005

The procps package contains a set of system utilities that provide system information.

http://www.linuxsecurity.com/content/view/118094
 
    Gentoo
  Gentoo: ImageMagick PSD decoding heap overflow
  20th, January, 2005

ImageMagick is vulnerable to a heap overflow when decoding Photoshop Document (PSD) files, which could lead to arbitrary code execution.

http://www.linuxsecurity.com/content/view/118003

 
  Gentoo: Ethereal Multiple vulnerabilities
  20th, January, 2005

Multiple vulnerabilities exist in Ethereal, which may allow an attacker to run arbitrary code, crash the program or perform DoS by CPU and disk utilization.

http://www.linuxsecurity.com/content/view/118005

 
  Gentoo: Xpdf, GPdf Stack overflow in Decrypt::makeFileKey2
  21st, January, 2005

A stack overflow was discovered in Xpdf, potentially resulting in the execution of arbitrary code. GPdf includes Xpdf code and therefore is vulnerable to the same issue.

http://www.linuxsecurity.com/content/view/118020
 
  Gentoo: Mailman Cross-site scripting vulnerability
  21st, January, 2005

Mailman is vulnerable to cross-site scripting attacks.

http://www.linuxsecurity.com/content/view/118021
 
  Gentoo: CUPS Stack overflow in included Xpdf code
  22nd, January, 2005

CUPS includes Xpdf code and therefore is vulnerable to the recent stack overflow issue, potentially resulting in the remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/118022
 
  Gentoo: teTeX, pTeX, CSTeX Multiple vulnerabilities
  23rd, January, 2005

teTeX, pTeX and CSTeX make use of vulnerable Xpdf code which may allow the remote execution of arbitrary code. Furthermore, the xdvizilla script is vulnerable to temporary file handling issues.

http://www.linuxsecurity.com/content/view/118023
 
  Gentoo: KPdf, KOffice Stack overflow in included Xpdf code
  23rd, January, 2005

KPdf and KOffice both include vulnerable Xpdf code to handle PDF files, making them vulnerable to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/118024
 
  Gentoo: MySQL Insecure temporary file creation
  23rd, January, 2005

MySQL is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

http://www.linuxsecurity.com/content/view/118025
 
  Gentoo: Konversation Various vulnerabilities
  24th, January, 2005

Konversation contains multiple vulnerabilities that could lead to remote command execution or information leaks.

http://www.linuxsecurity.com/content/view/118027
 
  Gentoo: CUPS Multiple vulnerabilities
  24th, January, 2005

CUPS was vulnerable to multiple vulnerabilities and as a fix we recommended upgrading to version 1.1.23_rc1. This version is affected by a remote Denial Of Service, so we now recommend upgrading to the final 1.1.23 release which does not have any known vulnerability.

http://www.linuxsecurity.com/content/view/118029
 
  Gentoo: Evolution Integer overflow in camel-lock-helper
  24th, January, 2005

An overflow in the camel-lock-helper application can be exploited by an attacker to execute arbitrary code with elevated privileges.

http://www.linuxsecurity.com/content/view/118034
 
  Gentoo: AWStats Remote code execution
  25th, January, 2005

AWStats fails to validate certain input, which could lead to the remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/118053
 
  Gentoo: GraphicsMagick PSD decoding heap overflow
  26th, January, 2005

GraphicsMagick is vulnerable to a heap overflow when decoding Photoshop Document (PSD) files, which could lead to arbitrary code execution.

http://www.linuxsecurity.com/content/view/118081
 
  Gentoo: Perl rmtree and DBI tmpfile vulnerabilities
  26th, January, 2005

The Perl DBI library and File::Path::rmtree function are vulnerable to symlink attacks.

http://www.linuxsecurity.com/content/view/118082
 
    Mandrake
  Mandrake: Updated zhcon packages fix
  24th, January, 2005

Erik Sjolund discovered that zhcon accesses a user-controlled configuration file with elevated privileges which could make it possible to read arbitrary files.

http://www.linuxsecurity.com/content/view/118031

 
  Mandrake: Updated ethereal packages
  24th, January, 2005

A number of vulnerabilities were found in Ethereal, all of which are fixed in version 0.10.9: The COPS dissector could go into an infinite loop (CAN-2005-0006); the DLSw dissector could cause an assertion, making Ethereal exit prematurely (CAN-2005-0007); the DNP dissector could cause memory corruption (CAN-2005-0008); the Gnutella dissector could cause an assertion, making Ethereal exit prematurely (CAN-2005-0009); the MMSE dissector could free static memory (CAN-2005-0010); and the X11 protocol dissector is vulnerable to a string buffer overflow (CAN-2005-0084).

http://www.linuxsecurity.com/content/view/118032
 
  Mandrake: Updated squid packages fix
  24th, January, 2005

"infamous41md" discovered two vulnerabilities in the squid proxy cache server. The first is a buffer overflow in the Gopher response parser which leads to memory corruption and would usually crash squid (CAN-2005-0094). The second is an integer overflow in the receiver of WCCP (Web Cache Communication Protocol) messages. An attacker could send a specially crafted UDP datagram that would cause squid to crash (CAN-2005-0095).

http://www.linuxsecurity.com/content/view/118036
 
  Mandrake: Updated php packages fix bug
  24th, January, 2005

When php tries to opens a connection using fsockopen(), but the connection fails, php would not close the socket.

http://www.linuxsecurity.com/content/view/118037
 
  Mandrake: Updated mailman packages fix
  24th, January, 2005

Florian Weimer discovered a vulnerability in Mailman, which can be exploited by malicious people to conduct cross-site scripting attacks. Input is not properly sanitised by "scripts/driver" when returning error pages. This can be exploited to execute arbitrary HTML or script code in a user's browser session in context of a vulnerable site by tricking a user into visiting a malicious web site or follow a specially crafted link.

http://www.linuxsecurity.com/content/view/118038
 
  Mandrake: Updated xpdf packages fix
  26th, January, 2005

A buffer overflow vulnerability was discovered in the xpdf PDF viewer, which could allow for arbitrary code execution as the user viewing a PDF file. The vulnerability exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. The updated packages have been patched to prevent these problems.

http://www.linuxsecurity.com/content/view/118060
 
  Mandrake: Updated cups packages fix
  26th, January, 2005

A buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file. Cups uses xpdf code and is susceptible to the same vulnerability. The updated packages have been patched to prevent these problems.

http://www.linuxsecurity.com/content/view/118061
 
  Mandrake: Updated tetex packages fix
  26th, January, 2005

A buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file. Tetex uses xpdf code and is susceptible to the same vulnerability. The updated packages have been patched to prevent these problems.

http://www.linuxsecurity.com/content/view/118062
 
  Mandrake: Updated gpdf packages fix
  26th, January, 2005

A buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file. Gpdf uses xpdf code and is susceptible to the same vulnerability. The updated packages have been patched to prevent these problems.

http://www.linuxsecurity.com/content/view/118063
 
  Mandrake: Updated koffice packages fix
  26th, January, 2005

A buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file. Koffice uses xpdf code and is susceptible to the same vulnerability. The updated packages have been patched to prevent these problems.

http://www.linuxsecurity.com/content/view/118064
 
  Mandrake: Updated kdegraphics packages
  26th, January, 2005

A buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file. Kdegraphics uses xpdf code and is susceptible to the same vulnerability. 10.1 packages also include a fix for ksvg kde bug #74457. The updated packages have been patched to prevent these problems.

http://www.linuxsecurity.com/content/view/118065
 
  Mandrake: Updated kernel packages fix multiplevulnerabilities
  26th, January, 2005

A number of vulnerabilities are fixed in the 2.4 and 2.6 kernels with this advisory.

http://www.linuxsecurity.com/content/view/118066
 
  Mandrake: Updated bind packages fix
  26th, January, 2005

A vulnerability was discovered in BIND version 9.3.0 where a remote attacker may be able to cause named to exit prematurely, causing a Denial of Service due to an incorrect assumption in the validator function authvalidated(). The updated packages have been patched to prevent this problem.

http://www.linuxsecurity.com/content/view/118089
 
  Mandrake: Updated KDE packages address
  27th, January, 2005

New KDE packages are available to address various bugs.

http://www.linuxsecurity.com/content/view/118096
 
  Mandrake: Updated evolution packages
  27th, January, 2005

Max Vozeler discovered an integer overflow in the camel-lock-helper application.

http://www.linuxsecurity.com/content/view/118098
 
  Mandrake: Updated nut package provide
  27th, January, 2005

A bug in the upsd initscript used by nut exists where it starts the upsd/powerdown script earlier in the halt/shutdown process to ensure it still has access to USB.

http://www.linuxsecurity.com/content/view/118099
 
  Mandrake: Updated mdkonline package
  27th, January, 2005

A permissions flaw was found on /etc/sysconfig/mdkonline which prevented users from reading the file.

http://www.linuxsecurity.com/content/view/118100
 
    Red Hat
  RedHat: Updated kernel packages fix security
  21st, January, 2005

Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 2.1 are now available.

http://www.linuxsecurity.com/content/view/118016
 
  RedHat: Updated Itanium kernel packages fix security
  21st, January, 2005
Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 2.1 are now available.

http://www.linuxsecurity.com/content/view/118017
 
  RedHat: Updated Xpdf package fixes security issue
  26th, January, 2005

Updated Xpdf package that fixes a stack based buffer overflow security issue is now available.

http://www.linuxsecurity.com/content/view/118069
 
  RedHat: Updated less package fixes security issue
  26th, January, 2005

An updated less package that fixes segmentation fault when viewing binary files is now available.

http://www.linuxsecurity.com/content/view/118070
 
    SuSE
  SuSE: kernel local privilege escalation
  21st, January, 2005

Several exploitable security problems were identified and fixed in the Linux kernel, the core of every SUSE Linux product.

http://www.linuxsecurity.com/content/view/118018
 
  SuSE: Realplayer 8 (SUSE-SA:2005:004)
  24th, January, 2005

eEye Security in October 2004 discovered a flaw in the .rm RealMovie stream handling routines which allows a remote attacker to exploit an integer overflow vulnerability using a special .rm file. This might allow a remote attacker to execute code as the user running RealPlayer.

http://www.linuxsecurity.com/content/view/118028

 
    TurboLinux
  TurboLinux: xpdf Buffer overflow
  20th, January, 2005

These vulnerabilities may allow remote attackers to execute arbitrary code via malformed PDF files.

http://www.linuxsecurity.com/content/view/117986
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!