I know the debate about posting security warnings is still ongoing, but how
about I just post this when I get it, its only once a week.
simon
LAN Administrator
Damelin Hatfield
Tel: 012 342-0755
Cel: 083 374 1161
-----Original Message-----
From: Network Computing and The SANS Institute
[mailto:[EMAIL PROTECTED]]
Sent: Friday, July 06, 2001 4:04 AM
To: Simon Taplin
Subject: Security Alert Consensus #104
To: Simon Taplin (SD209500)
Re: Your personalized newsletter
-- Security Alert Consensus --
Number 104 (01.27)
Thursday, July 5, 2001
Created for you by
Network Computing and the SANS Institute
Powered by Neohapsis
----------------------------------------------------------------------
Welcome to SANS' distribution of the Security Alert Consensus.
----------------------------------------------------------------------
Need to bone up on building wireless infrastructure or provide better
support for your mobile users? While at N+I 2001 in Atlanta, spend some
time at the Network Computing Real-World Labs(R) LIVE, where we'll be
demonstrating Mobile Computing and Wireless Connectivity products,
technologies and solutions.
WHERE: Georgia World Congress Center, Atlanta, GA
WHEN: September 9 - 14, 2001
http://www.networkcomputing.com/marketing/mediakit/events.html
----------------------------------------------------------------------
Cisco was bitten by two bugs this week: a problem with its SSH
{01.27.001} implementation and another bug with its on-board HTTP
servers {01.27.008}. These vulnerabilities should serve as a reminder
that not only do operating systems need patching and lock-down attention
but infrastructure equipment does, as well. Security-savvy network
administrators who have already shutdown the HTTP services on their
Cisco devices proactively avoided this latest round of HTTP-based
vulnerabilities.
While organizations should still upgrade their vulnerable IOS and CatOS
images, proactive lock-down efforts can definitely reduce potential
risks. It's time to re-embrace some age-old wisdom: "If you aren't using
it, turn it off."
Until next week,
--Security Alert Consensus Team
************************************************************************
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
TABLE OF CONTENTS:
{01.27.007} Linux - Update {01.26.024}: Samba malicious NetBIOS name
file overwrite
{01.27.009} Linux - Update {01.25.017}: rxvt command line buffer
overflow
{01.27.012} Linux - Update {01.23.002}: gpg file name format string
vulnerability
{01.27.013} Linux - Update {01.24.020}: Potential buffer overflow in
xinetd svc_logprint function
{01.27.019} Linux - Update {01.18.017}: kdesu creates world-readable
temp file to hold authentication info
{01.27.022} Linux - GnatsWeb allows escalated access to files
{01.27.028} Linux - Update {01.19.014}: Zope ZClasses permission
remapping
{01.27.034} Linux - Update {01.24.021}: Scotty ntping host name buffer
overflow
- --- Linux News ---------------------------------------------------------
*** {01.27.007} Linux - Update {01.26.024}: Samba malicious NetBIOS
name file overwrite
Multiple Linux vendors have issued patches addressing the vulnerability
discussed in {01.26.024} ("Samba malicious NetBIOS name file
overwrite").
Updated RedHat RPMs:
http://archives.neohapsis.com/archives/linux/redhat/2001-q2/0138.html
Updated Caldera RPMs:
http://archives.neohapsis.com/archives/linux/caldera/2001-q2/0016.html
Updated Immunix RPMs:
http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0137.html
Updated Trustix RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-06/0360.html
Updated SuSE RPMs:
http://archives.neohapsis.com/archives/linux/suse/2001-q2/1581.html
Updated Mandrake RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-07/0002.html
Source: RedHat, SuSE, Caldera, Immunix, Trustix, Mandrake (SF Bugtraq)
http://archives.neohapsis.com/archives/linux/redhat/2001-q2/0138.html
http://archives.neohapsis.com/archives/linux/suse/2001-q2/1581.html
http://archives.neohapsis.com/archives/bugtraq/2001-06/0360.html
http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0137.html
http://archives.neohapsis.com/archives/linux/caldera/2001-q2/0016.html
http://archives.neohapsis.com/archives/bugtraq/2001-07/0002.html
*** {01.27.009} Linux - Update {01.25.017}: rxvt command line buffer
overflow
Immunix has officially reported that it is not vulnerable to the
vulnerability discussed in {01.25.017} ("rxvt command line buffer
overflow"), because the company does not ship rxvt setuid or setgid by
default.
For Immunix rxvt binary and source update information see:
http://archives.neohapsis.com/archives/bugtraq/2001-06/0378.html
Source: Immunix
http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0138.html
*** {01.27.012} Linux - Update {01.23.002}: gpg file name format string
vulnerability
Caldera has released updated gnupg packages to fix the vulnerability
discussed in {01.23.002} ("gpg file name format string vulnerability").
Updated Caldera packages are listed at:
http://archives.neohapsis.com/archives/linux/caldera/2001-q2/0011.html
Source: Caldera
http://archives.neohapsis.com/archives/linux/caldera/2001-q2/0011.html
*** {01.27.013} Linux - Update {01.24.020}: Potential buffer overflow
in xinetd svc_logprint function
Multiple Linux vendors have released updated xinetd packages to fix the
vulnerability discussed in {01.24.020} ("Potential buffer overflow in
xinetd svc_logprint function").
Updated SuSe RPMs:
http://archives.neohapsis.com/archives/linux/suse/2001-q2/1582.html
Updated EnGarde RPMs:
http://archives.neohapsis.com/archives/bugtraq/2001-06/0412.html
Updated Immunix RPMs:
http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0142.html
Updated Conectiva RPMs:
http://archives.neohapsis.com/archives/linux/conectiva/2001-q2/0016.html
Source: SuSe, EnGarde, Immunix, Conectiva
http://archives.neohapsis.com/archives/linux/suse/2001-q2/1582.html
http://archives.neohapsis.com/archives/linux/engarde/2001-q2/0010.html
http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0142.html
http://archives.neohapsis.com/archives/linux/conectiva/2001-q2/0016.html
*** {01.27.019} Linux - Update {01.18.017}: kdesu creates
world-readable temp file to hold authentication info
Mandrake has released updated kdelib packages to fix the vulnerability
discussed in {01.18.017} ("kdesu creates world-readable temp file to
hold authentication info").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/bugtraq/2001-06/0382.html
Source: Mandrake (SF Bugtraq)
http://archives.neohapsis.com/archives/bugtraq/2001-06/0382.html
*** {01.27.022} Linux - GnatsWeb allows escalated access to files
GnatsWeb versions 2.7, 2.8.0, 2.8.1, 3.95 and 4.0 contain a
vulnerability in the new help file system that allows a remote attacker
to read or execute files accessible by the Web server. The vulnerability
allows file execution if a file name value is provided in a request URL
without checking the file name.
RedHat/GNATS has confirmed the problem and released a patch:
http://sources.redhat.com/gnats/gnatsWeb/advisory-jun-26-2001.html
Source: Redhat / GNATSWeb Security Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-06/0365.html
*** {01.27.028} Linux - Update {01.19.014}: Zope ZClasses permission
remapping
Conectiva has released updated Zope packages to fix the vulnerability
discussed in {01.19.014} ("Zope ZClasses permission remapping ").
Updated RPMs are listed at:
http://archives.neohapsis.com/archives/linux/conectiva/2001-q2/0017.html
Source: Conectiva
http://archives.neohapsis.com/archives/linux/conectiva/2001-q2/0017.html
*** {01.27.034} Linux - Update {01.24.021}: Scotty ntping host name
buffer overflow
SuSE has released updated Scotty packages to fix the vulnerability
discussed in {01.24.021} ("Scotty ntping host name buffer overflow").
Updates RPMs are listed at:
http://archives.neohapsis.com/archives/linux/suse/2001-q3/0011.html
Source: SuSE
http://archives.neohapsis.com/archives/linux/suse/2001-q3/0011.html
************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (BSD/OS)
Comment: For info see http://www.gnupg.org
iD8DBQE7RREa+LUG5KFpTkYRArtoAJ4zFwJDApLpYNZbovD/jxG7M8+cawCgldw6
omSdnYuOd4OKp7OtrG9gX74=
=m08v
-----END PGP SIGNATURE-----
------------------------------------------------------------------------
Need to bone up on building wireless infrastructure or provide better
support for your mobile users? While at N+I 2001 in Atlanta, spend some
time at the Network Computing Real-World Labs(R) LIVE, where we'll be
demonstrating Mobile Computing and Wireless Connectivity products,
technologies and solutions.
WHERE: Georgia World Congress Center, Atlanta, GA
WHEN: September 9 - 14, 2001
http://www.networkcomputing.com/marketing/mediakit/events.html
----------------------------------------------------------------------
Become a Security Alert Consensus member! If this e-mail was passed to
you and you would like to begin receiving our security e-mail newsletter
on a weekly basis, we invite you to subscribe today.
http://www.sans.org/sansnews/.
We are signing the Consensus newsletter with PGP. The new SANS PGP key
is posted at:
http://certserver.pgp.com:11371/pks/lookup?op=get&search=0xA1694E46 and
can be accessed from the SANS Web site (http://www.sans.org).
Special Note: To better secure your confidential information, we will
no longer include personal URLs in our Consensus newsletter mailings.
Instead, we have created a new form (http://www.sans.org/sansurl). On
this form you can enter the SD number located near your name at the top
of the newsletter. When you submit this form, an e-mail containing a
URL will be sent to you at the e-mail address on record. With this URL
you can make changes to your account (edit the content of your Consensus
mailing, for example) without endangering the security of your personal
URL. If you'd like to change your e-mail address or other information,
or unsubscribe to this newsletter, please visit your new URL as
described above. If you have any problems or questions, e-mail us at
<[EMAIL PROTECTED]>.
Missed an issue? You can find all back issues of Security Alert
Consensus (and Security Express) online. http://archives.neohapsis.com/
Your opinion counts. We'd like to hear your thoughts on Security Alert
Consensus. E-mail any questions or comments to <[EMAIL PROTECTED]>.
Copyright (c) 2001 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com) and The SANS Institute
(http://www.sans.org). Powered by Neohapsis Inc., a Chicago-based
security assessment and integration services consulting group
([EMAIL PROTECTED] | http://www.neohapsis.com/).
_______________________________________________
http://linux.nf -- [EMAIL PROTECTED]
Archives, Subscribe, Unsubscribe, Digest, Etc
->http://linux.nf/mailman/listinfo/linux-users
