LXer Weekly Security Roundup - Mar 29, 2004 to Apr 05, 2004

Posted by dave on Apr 5, 2004 4:12 AM EDT
Dave Whitinger
Mail this story
Print this story

There were 27 security alerts issued last week:
  • 4 from Conectiva
  • 7 from Debian
  • 9 from Gentoo
  • 2 from Mandrake
  • 1 from OpenPKG
  • 2 from Red Hat
  • 2 from Trustix

Conectiva: ethereal
Mar 31, 2004 10:29 PM
ith a graphical user interface (GUI). This update fixes several vulnerabilities[2] in Ethereal.

Conectiva: libxml2
Mar 31, 2004 10:29 PM
This update fixes a buffer overflow vulnerability[1,2] in the URI parsing code of the nanoftp and nanohttp modules of libxml2.

Conectiva: mc
Mar 31, 2004 7:15 PM
Midnight Commander (MC) is a visual shell and a file manager for text consoles.

Conectiva: openssl
Mar 31, 2004 9:00 PM
OpenSSL[1] implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as full-strength general purpose cryptography functions. It's used (as a library) by several projects, like Apache, OpenSSH, Bind, OpenLDAP and many others clients and servers programs.

Debian: New fte packages fix buffer overflows
Apr 4, 2004 1:22 PM
Steve Kemp and Jaguar discovered a number of buffer overflow vulnerabilities in vfte, a version of the fte editor which runs on the Linux console, found in the package fte-console. This program is setuid root in order to perform certain types of low-level operations on the console.

Debian: New interchange packages fix information leak
Apr 2, 2004 5:21 PM
A vulnerability was discovered recently in Interchange, an e-commerce and general HTTP database display system. This vulnerability can be exploited by an attacker to expose the content of arbitrary variables. An attacker may learn SQL access information for your Interchange application and use this information to read and manipulate sensitive data.

Debian: New libpam-pgsql packages fix SQL injection
Mar 29, 2004 2:13 PM
Primoz Bratanic discovered a bug in libpam-psgl, a PAM module to authenticate using a PostgreSQL database. The library does not escape all user-supplied data that are sent to the database. An attacker could exploit this bug to insert SQL statements.

Debian: New Linux 2.4.17 packages fix several local root exploits (hppa)
Apr 1, 2004 4:31 PM
Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the mips kernel 2.4.19 for Debian GNU/Linux.

Debian: New oftpd packages fix denial of service
Apr 4, 2004 1:22 PM
A vulnerability was discovered in oftpd, an anonymous FTP server, whereby a remote attacker could cause the oftpd process to crash by specifying a large value in a PORT command.

Debian: New squid packages fix ACL bypass
Apr 4, 2004 1:22 PM
A vulnerability was discovered in squid, an Internet object cache, whereby access control lists based on URLs could be bypassed (CAN-2004-0189). Two other bugs were also fixed with patches squid-2.4.STABLE7-url_escape.patch (a buffer overrun which does not appear to be exploitable) and squid-2.4.STABLE7-url_port.patch (a potential denial of service).

Debian: New sysstat packages fix insecure temporary file creation
Apr 4, 2004 1:22 PM
Alan Cox discovered that the isag utility (which graphically displays data collected by the sysstat tools), creates a temporary file without taking proper precautions. This vulnerability could allow a local attacker to overwrite files with the privileges of the user invoking isag.

Gentoo: Buffer overflow in Midnight Commander
Mar 31, 2004 12:06 PM
A remotely-exploitable buffer overflow in Midnight Commander allows arbitrary code to be run on a user's computer

Gentoo: Fetchmail 6.2.5 fixes a remote DoS
Mar 31, 2004 12:06 PM
Fetchmail versions 6.2.4 and earlier can be crashed by sending a specially-crafted email to a fetchmail user.

Gentoo: Multiple remote buffer overflow vulnerabilities in Courier
Mar 29, 2004 12:23 PM
Remote buffer overflow vulnerabilites have been found in Courier-IMAP and Courier MTA. These exploits may allow the execution of abritrary code, allowing unauthorized access to a vulnerable system.

Gentoo: Multiple remote overflows and vulnerabilities in Ethereal
Mar 29, 2004 12:23 PM
Mulitple overflows and vulnerabilities exist in Ethereal which may allow an attacker to crash the program or run arbitrary code.

Gentoo: Multiple Security Vulnerabilities in Monit
Mar 31, 2004 3:40 PM
A denial of service and a buffer overflow vulnerability have been found in Monit.

Gentoo: oftpd DoS vulnerability
Mar 29, 2004 3:29 PM
A remotely-exploitable overflow exists in oftpd, allowing an attacker to crash the oftpd daemon.

Gentoo: OpenLDAP DoS Vulnerability
Mar 31, 2004 12:06 PM
A failed password operation can cause the OpenLDAP slapd server, if it is using the back-ldbm backend, to free memory that was never allocated.

Gentoo: Remote buffer overflow in MPlayer
Mar 31, 2004 12:13 PM
MPlayer contains a remotely exploitable buffer overflow in the HTTP parser that may allow attackers to run arbitrary code on a user's computer.

Gentoo: Squid ACL [url_regex
Mar 31, 2004 12:06 PM
Squid versions 2.0 through to 2.5.STABLE4 could allow a remote attacker to bypass Access Control Lists by sending a specially-crafted URL request containing '%00': in such circumstances; the url_regex ACL may not properly detect the malicious URL, allowing the attacker to effectively bypass the ACL.

Mandrake: Updated ethereal packages fix multiple vulnerabilities
Mar 31, 2004 2:23 AM
A number of serious issues have been discovered in versions of Ethereal prior to 0.10.2.

Mandrake: Updated squid packages fix vulnerability
Mar 31, 2004 2:23 AM
A vulnerability was discovered in squid version 2.5.STABLE4 and earlier with the processing of %-encoded characters in a URL. If a squid configuration uses ACLs (Access Control Lists), it is possible for a remote attacker to create URLs that would not be properly tested against squid's ACLs, potentially allowing clients to access URLs that would otherwise be disallowed.

OpenPKG: OpenPKG Security Advisory (squid)
Apr 1, 2004 6:17 PM
According to a security advisory [0] from the vendor, a vulnerability exists in the URL unescaping logic of the Squid Web Proxy Cache [1]. This bug could allow an attacker to bypass certain access controls by inserting a NUL character into decoded URLs. The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2004-0189 [2] to the problem.

Red Hat: Updated Ethereal packages fix security issues
Mar 31, 2004 12:06 PM
Stefan Esser reported that Ethereal versions 0.10.1 and earlier contain stack overflows in the IGRP, PGM, Metflow, ISUP, TCAP, or IGAP dissectors. On a system where Ethereal is being run a remote attacker could send malicious packets that could cause Ethereal to crash or execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0176 to this issue.

Red Hat: Updated squid package fixes security vulnerability
Mar 29, 2004 12:23 PM
An updated squid package is avaliable that fixes a security vulnerability in URL decoding and provides a new ACL type for protecting vulnerable clients.

Trustix: apache
Mar 30, 2004 2:35 PM
The new upstream version of apache addresses several security issues...

Trustix: tcpdump
Mar 30, 2004 2:35 PM
The new upstream version of tcpdump fixes several bugs, some security related. Amongst others: CAN-2004-0183 and CAN-2004-0184

» Read more about: Story Type: Roundups

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.