Showing headlines posted by dave

The gnupg (the SUSE package is named gpg) package is the most widely used software for cryptographic encryption/decryption of data.

This should say "kernel", not "Apache". Sorry for any confusion. The CVE link provided is the correct one for the kernel issue.

New kernels are available for Slackware 9.1 and -current. These have been upgraded to Linux kernel version 2.4.23, which fixes a bug in the kernel's do_brk() function that could be exploited to gain root privileges. These updated kernels and modules should be installed by any sites running a 2.4 kernel earlier than 2.4.23. Linux 2.0 and 2.2 kernels are not vulnerable.

Updated Net-SNMP packages are available to correct a security vulnerability and other bugs.

Updated kernel packages are now available that fix a security vulnerability leading to a possible privilege escalation.

A vulnerability was discovered in the Linux kernel versions 2.4.22 and previous. A flaw in bounds checking in the do_brk() function can allow a local attacker to gain root privileges. This vulnerability is known to be exploitable; an exploit is in the wild at this time.

Recently multiple servers of the Debian project were compromised using a Debian developers account and an unknown root exploit. Forensics revealed a burneye encrypted exploit. Robert van der Meulen managed to decrypt the binary which revealed a kernel exploit. Study of the exploit by the RedHat and SuSE kernel and security teams quickly revealed that the exploit used an integer overflow in the brk system call. Using this bug it is possible for a userland program to trick the kernel into giving access to the full kernel address space. This problem was found in September by Andrew Morton, but unfortunately that was too late for the 2.4.22 kernel release.

A severe vulnerability was discovered in GnuPG by Phong Nguyen relating to ElGamal sign+encrypt keys. From Werner Koch's email message:

To resolve IP addresses to host and domain names and vice versa the DNS service needs to be consulted. The most popular DNS software is the BIND8 and BIND9 suite. The BIND8 code is vulnerable to a remote denial-of-service attack by poisoning the cache with authoritative negative responses that should not be accepted otherwise. To execute this attack a name-server needs to be under malicious control and the victim's bind8 has to query this name-server. The attacker can set a high TTL value to keep his negative record as long as possible in the cache of the victim. For this time the clients of the attacked site that rely on the bind8 service will not be able to reach the domain specified in the negative record. These records should disappear after the time-interval (TTL) elapsed.

Our last issue called for your feedback to find out which e-mail applications made up the 20% of respondants who answered "Other" in our previous poll. Pegasus, The Bat, Incredimail, Ximian Evolution, Courier, Pine, Novell Groupwise and Turnpike are the applications cited. It seems there's plenty of excitement in the e-mail applications arena.

A vulnerability was discovered in stunnel versions 3.24 and earlier, as well as 4.00, by Steve Grubb. It was found that stunnel leaks a critical file descriptor that can be used to hijack stunnel's services.

Updated XFree86 packages for Red Hat Linux 7.3 and 8.0 provide security fixes to font libraries and XDM.

Updated XFree86 packages for Red Hat Linux 7.1 and 7.2 provide security fixes to font libraries and XDM.

Updated Pan packages that close a denial of service vulnerability are now available.

Updated stunnel packages are now available for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 systems. These updates address problems stemming from improper use of non-reentrant functions in signal handlers.

Updated iproute packages that close a locally-exploitable denial of service vulnerability are now available.

Updated EPIC packages which fix an exploitable buffer overflow vulnerability are now available.

Today we are very happy to publish a very interesting Q&A with major freedesktop.org members: the founder Havoc Pennington (also of Debian, Gnome and Red Hat fame), Waldo Bastian (of SuSE & KDE fame), Keith Packard and Jim Gettys (of X/XFree86/fontconfig/w3c fame) and David Zeuthen, a new member who's taking over the ambitious HAL project.

This is a very unfortunate incident to report about. Some Debian servers were found to have been compromised in the last 30 hours.

OSNews sent over to Sun Microsystems ten questions for a Q&A session with Sun's product team working on Java Desktop System. Read more for the full Q&A.