LXer Weekly Security Roundup - Feb 16, 2004 to Feb 23, 2004

Posted by dave on Feb 23, 2004 4:21 AM EDT
Dave Whitinger
Mail this story
Print this story

There were 25 security alerts issued last week:
  • 4 from Conectiva
  • 10 from Debian
  • 2 from Fedora
  • 3 from Gentoo
  • 1 from Mandrake
  • 1 from Red Hat
  • 2 from Slackware
  • 1 from SUSE
  • 1 from Trustix

Conectiva: kernel
Feb 20, 2004 6:13 PM
Paul Starzetz identified a new vulnerability in the linux memory management code that can be used by local attackers to obtain root privileges.



Conectiva: samba
Feb 16, 2004 8:24 PM
This update provides new samba packages which were compiled with the --with-winbind-auth-challenge option. This option enables NTLM challenge-response authentication in winbind and is used, for example, in conjunction with the squid proxy server[2] to avoid the use of clear text proxy passwords between the client browser and the proxy server.



Conectiva: squid
Feb 16, 2004 8:42 PM
This update adds support for NTLM authentication[2]. In conjunction with a previous samba update[3], this allows the use of encrypted authentication between the client browser and the proxy server if the browser supports NTLM (Internet Explorer and Mozilla 1.6 or higher at this time) and if the proxy machine is a member of an NT domain.



Conectiva: XFree86
Feb 20, 2004 7:38 PM
A variety of issues are addressed in this update.



Debian: New lbreakout2 packages fix buffer overflow
Feb 21, 2004 11:19 PM
During an audit, Ulf Harnhammar discovered a vulnerability in lbreakout2, a game, where proper bounds checking was not performed on environment variables. This bug could be exploited by a local attacker to gain the privileges of group "games".



Debian: New Linux 2.4.16 packages fix several local root exploits (arm)
Feb 18, 2004 2:33 PM
Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the PowerPC/Apus kernel for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update:



Debian: New Linux 2.4.17 packages fix local root exploit (ia64)
Feb 20, 2004 12:25 PM
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges.



Debian: New Linux 2.4.17 packages fix local root exploit (mips+mipsel)
Feb 18, 2004 4:14 PM
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges.



Debian: New Linux 2.4.17 packages fix local root exploits and more (s390)
Feb 19, 2004 12:44 PM
Several security related problems have been fixed in the Linux kernel 2.4.17 used for the S/390 architecture, mostly by backporting fixes from 2.4.18 and incorporating recent security fixes.



Debian: New Linux 2.4.17 packages fix several local root exploits (powerpc/apus)
Feb 18, 2004 3:02 PM
Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the PowerPC/Apus kernel for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update:



Debian: New Linux 2.4.18 packages fix local root exploit (alpha+i386+powerpc)
Feb 18, 2004 2:03 PM
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges.



Debian: New mailman packages fix bug introduced in DSA 436-1
Feb 22, 2004 1:34 AM
Several vulnerabilities have been fixed in the mailman package.



Debian: New synaesthesia packages fix insecure file creation
Feb 22, 2004 1:27 AM
During an audit, Ulf Harnhammar discovered a vulnerability in synaesthesia, a program which represents sounds visually. synaesthesia created its configuration file while holding root privileges, allowing a local user to create files owned by root and writable by the user's primary group. This type of vulnerability can usually be easily exploited to execute arbitary code with root privileges by various means.



Debian: New xfree86 packages fix multiple vulnerabilities
Feb 20, 2004 12:25 PM
CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CAN-2004-0084. CAN-2004-0084: Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CAN-2004-0083.



Fedora: Updated kernel packages resolve security vulnerabilities
Feb 19, 2004 1:56 PM
The previous security errata (2.4.22-1.2173) unfortunatly [sic] contained a bug which made some systems unbootable, due to breakage in the aacraid scsi driver. This update contains no further changes vs 2173.



Fedora: Updated kernel packages resolve security vulnerabilities
Feb 18, 2004 5:07 PM
Paul Starzetz discovered a flaw in return value checking in mremap() in the Linux kernel versions 2.4.24 and previous that may allow a local attacker to gain root privileges. No exploit is currently available; however this issue is exploitable. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0077 to this issue.



Gentoo: Clamav 0.65 DoS vulnerability
Feb 18, 2004 1:59 PM
Oliver Eikemeier has reported a vulnerability in clamav, which can be exploited by a malformed uuencoded message causing a denial of service for programs that rely on the clamav daemon, such as SMTP daemons.



Gentoo: Linux kernel AMD64 ptrace vulnerability
Feb 17, 2004 2:33 AM
A vulnerability has been discovered by in the ptrace emulation code for AMD64 platforms when eflags are processed, allowing a local user to obtain elevated priveleges.



Gentoo: phpMyAdmin < 2.5.6-rc1 directory traversal attack
Feb 17, 2004 2:33 AM
A vulnerability in phpMyAdmin which was not properly verifying user generated input could lead to a directory traversal attack.



Mandrake: Updated metamail packages fix buffer overflow vulnerabilities
Feb 19, 2004 1:55 AM
Two format string and two buffer overflow vulnerabilities were discovered in metamail by Ulf Harnhammar. The updated packages are patched to fix these holes.



Red Hat: Updated kernel packages resolve security vulnerabilities
Feb 18, 2004 1:59 PM
Updated kernel packages that fix security vulnerabilities which may allow local users to gain root privileges are now available. These packages also resolve other minor issues.



Slackware: Kernel security update (SSA:2004-049-01)
Feb 18, 2004 12:37 PM
New kernels are available for Slackware 9.1 and -current to fix a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Please note that this is not the same issue as CAN-2003-0985 which was fixed in early January.



Slackware: metamail security update
Feb 18, 2004 1:59 PM
New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer overflows which could lead to unauthorized code execution.



SUSE: Linux Kernel (SuSE-SA:2004:005)
Feb 18, 2004 10:24 PM
Another bug in the Kernel's do_mremap() function, which is unrelated to the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz.



Trustix: kernel
Feb 18, 2004 1:59 PM
The kernel package contains the Linux kernel (vmlinuz), the core of your Trustix Secure Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.



  Nav
» Read more about: Groups: Kernel, Conectiva, Debian, LXer, Fedora, Gentoo, Red Hat, Slackware, SUSE, Trustix, GNU, PHP, Mozilla; Story Type: News Story

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.