|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Sergey Lentsov 2:4615/71.10 20 Dec 2001 17:11:08
To : All
Subject : URL: http://www.lwn.net/2001/1220/security.php3
--------------------------------------------------------------------------------
[1][LWN Logo]
[2]Click Here
[LWN.net]
Sections:
[3]Main page
Security
[4]Kernel
[5]Distributions
[6]Development
[7]Commerce
[8]Linux in the news
[9]Announcements
[10]Linux History
[11]Letters
[12]All in one big page
See also: [13]last week's Security page.
Security
News and Editorials
What's in Windows XP?. Newsbytes [14]reported a claim by an Al Qaeda
suspect that saboteurs infiltrated Microsoft to plant "trojans,
trapdoors, and bugs in Windows XP." This claim is difficult to
believe, to say the least. Still, one wonders just how Microsoft would
go about convincing its customers that Windows XP doesn't contain
"trojans, trapdoors, and bugs" planted by Al Qaeda. A development
process that allows flight simulators to be slipped into a spreadsheet
product seems unlikely to be able to prevent more subtle insertions.
Companies selling closed source software are especially vulnerable to
attacks like this one. Even groundless rumors can inflict real damage
when you sell closed source software. Only when source code is
available for public inspection can the public know what is fact and
what is a cruel lie.
FBI reportedly seeks personal data without a warrant. The Daily Rotten
has reported that the [15]FBI has requested access to the Badtrans
worm's pilfered data. Millions of victims of Badtrans had passwords
and other personal data pilfered by a keystroke logger. The virus sent
the stolen data back to a number of email addresses. One of the
addresses was a free email account at IJustGotFired.com. IJustGotFired
is owned by MonkeyBrains.
The rotten.com story states that last week the FBI contacted the owner
of MonkeyBrains and requested a cloned copy of the password database
and keylogged data sent to IJustGotFired.
The FBI wants indiscriminant [sic] access to the illegally
extracted passwords and keystrokes of over two million people
without so much as a warrant. Even with a warrant they would have
to specify exactly what information they are after, on whom, and
what they expect to find. Instead, they want it all and for no
justifiable reason.
The Register [16]described the request as a "surveillance bonanza" for
the FBI.
Know Your Enemy: Honeynets (LinuxSecurity). LinuxSecurity.com is
running [17]a lengthy article on building honeynets. "Conceptually,
Honeynets are a simple mechanism. We create a network similar to a
fishbowl, where we can see everything that happens inside it. Similar
to fish in a fishbowl, we can watch and monitor attackers in our
network. Also just like a fishbowl, we can put almost anything in
there we want. This controlled network, becomes our Honeynet. The
captured activity teaches us the tools, tactics, and motives of the
blackhat community."
December CRYPTO-GRAM newsletter. Bruce Schneier's [18]CRYPTO-GRAM
newsletter for December is out. Covered topics include national ID
cards, SMTP banners, and forcing companies with bad security off the
net. "This is where the legal system can step in. I like to see
companies told that they have no business putting the security of
others at risk. If a company's computers are so insecure that hackers
routinely break in and use them as a launching pad for further
attacks, get them off the Internet. If a company can't secure the
personal information it is entrusted with, why should it be allowed to
have that information?"
Security Reports
Buffer overflow problem in glibc. [19]EnGarde Secure Linux and [20]Red
Hat released updates this week fixing the buffer overflow problem in
the glibc filename globbing code.
For those who are interested, here is [21]a detailed description of
this vulnerability from Global InterSec LLC. Expect glibc updates from
most other distributors in the near future.
Mandrake security update to passwd. MandrakeSoft has issued [22]an
update to its passwd package. Evidently a PAM misconfiguration in
Mandrake Linux 8.1 can prevent the use of MD5 passwords.
web scripts.
The following web scripts were reported to contain vulnerabilities:
* The PHP script "Unix Manual" allows users to execute every
arbitrary shell commands as [23]reported on Bugtraq.
Proprietary products.
The following proprietary products were reported to contain
vulnerabilities:
* The default IBM WebSphere installation on Linux allows a normal
user to get access to the WebSphere administration account
according to [24]this report on Bugtraq.
* This [25]report on Magic Enterprise versions 8.30-5 and prior
describes several security vulnerabilities.
Updates
Mailman cross-site scripting vulnerability. This vulnerability was
first reported by LWN on [26] December 13th.
This week's updates:
* [27]Debian (December 16, 2001)
Previous updates:
* [28]Conectiva (December 11, 2001)
OpenSSH UseLogin vulnerability. This obscure vulnerability is not of
concern to most sites. This problem first appeared in [29] the
December 6th LWN security page.
This week's updates:
* [30]Caldera (December 14, 2001) (correct previous update)
* [31]Caldera (December 11, 2001)
* [32]Conectiva (December 13, 2001)
* [33]Mandrake (December 13, 2001)
Previous updates:
* [34]Debian (December 5, 2001) (backport from OpenSSH 3.0.2)
* [35]Red Hat (December 4, 2001) (backport from OpenSSH 3.0.2)
Multiple vendor telnetd vulnerability. This vulnerability, originally
thought to be confined to BSD-derived systems, was first covered in
the [36]July 26th Security Summary. It is now known that Linux telnet
daemons are vulnerable as well.
This week's updates:
* [37]Mandrake (December 17, 2001) (kerberos version)
Previous updates:
* [38]Caldera (August 10, 2001)
* [39]Conectiva (August 24, 2001)
* [40]Debian (August 14, 2001) (SSL version)
* [41]Debian (August 14, 2001) (Update for Sparc version)
* [42]Mandrake (August 13, 2001)
* [43]Progeny (August 14, 2001)
* [44]Red Hat (August 9, 2001)
* [45]Red Hat (August 9, 2001) (kerberos version)
* [46]Slackware (August 9, 2001)
* [47]SuSE (September 3, 2001)
* [48]Yellow Dog (August 10, 2001)
* [49]Yellow Dog (August 10, 2001) (kerberos version)
Resources
Recent SSH vulnerabilities is the topic of this [50]CERT advisory on
recent activity against secure shell daemons. "While these problems
have been previously disclosed, we believe many system and network
administrators may have overlooked one or more of these
vulnerabilities. We are issuing this document primarily to encourage
system and network administrators to check their systems, prior to the
holiday break."
Email Security through Procmail version 1.131 was [51]announced this
week. This is a "collection of methods to sanitize e-mail, removing
obvious exploit attempts and disabling the channels through which
exploits are delivered. Facilities for detecting and blocking Trojan
Horse exploits and worms are also provided."
Events
Upcoming Security Events.
CodeCon Call for Papers. The Linux Journal is running [52]the final
CodeCon 2002 call for papers. This event will be held February 15
to 17 in San Francisco, and is intended to be "the premier event in
2002 for the P2P, cypherpunk and network/security application
developer community." The CFP deadline is January 1, so time is
running out.
Date Event Location
December 27 - 29, 2001 [53]18th Chaos Communication Congress Berlin,
Germany
January 7 - 9, 2002 [54]2002 Federal Convention on Emerging
Technologies: a Homeland Security Forum Las Vegas, Nevada, USA
January 30 - February 2, 2002 [55]Second Annual Privacy and Data
Protection Summit Washington D.C., USA
February 15 - 17, 2002 [56]CODECON 2002 San Francisco, California, USA
February 18 - 22, 2002 [57]RSA Conference 2002 San Jose, CA., USA
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [58]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [59]lwn@lwn.net.
Section Editor: [60]Dennis Tenney
December 20, 2001
[61]Click Here
LWN Resources
[62]Security alerts archive
Secured Distributions:
[63]Astaro Security
[64]Blue Linux
[65]Castle
[66]Engarde Secure Linux
[67]Immunix
[68]Kaladix Linux
[69]NSA Security Enhanced
[70]Openwall GNU/Linux
[71]Trustix
Security Projects
[72]Bastille
[73]Linux Security Audit Project
[74]Linux Security Module
[75]OpenSSH
Security List Archives
[76]Bugtraq Archive
[77]Firewall Wizards Archive
[78]ISN Archive
Distribution-specific links
[79]Caldera Advisories
[80]Conectiva Updates
[81]Debian Alerts
[82]Kondara Advisories
[83]Esware Alerts
[84]LinuxPPC Security Updates
[85]Mandrake Updates
[86]Red Hat Errata
[87]SuSE Announcements
[88]Yellow Dog Errata
BSD-specific links
[89]BSDi
[90]FreeBSD
[91]NetBSD
[92]OpenBSD
Security mailing lists [93]Caldera
[94]Cobalt
[95]Conectiva
[96]Debian
[97]Esware
[98]FreeBSD
[99]Kondara
[100]LASER5
[101]Linux From Scratch
[102]Linux-Mandrake
[103]NetBSD
[104]OpenBSD
[105]Red Hat
[106]Slackware
[107]Stampede
[108]SuSE
[109]Trustix
[110]turboLinux
[111]Yellow Dog
Security Software Archives
[112]munitions
[113]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[114]CERT
[115]CIAC
[116]Comp Sec News Daily
[117]Crypto-GRAM
[118]LinuxLock.org
[119]LinuxSecurity.com
[120]Security Focus
[121]SecurityPortal
[122]Next: Kernel
[123]Eklektix, Inc. Linux powered! Copyright Л 2001 [124]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
3. http://lwn.net/2001/1220/
4. http://lwn.net/2001/1220/kernel.php3
5. http://lwn.net/2001/1220/dists.php3
6. http://lwn.net/2001/1220/devel.php3
7. http://lwn.net/2001/1220/commerce.php3
8. http://lwn.net/2001/1220/press.php3
9. http://lwn.net/2001/1220/announce.php3
10. http://lwn.net/2001/1220/history.php3
11. http://lwn.net/2001/1220/letters.php3
12. http://lwn.net/2001/1220/bigpage.php3
13. http://lwn.net/2001/1213/security.php3
14. http://www.newsbytes.com/news/01/173039.html
15. http://www.dailyrotten.com/articles/archive/189387.html
16. http://www.theregister.co.uk/content/55/23438.html
17. http://www.linuxsecurity.com/feature_stories/feature_story-95.html
18. http://lwn.net/2001/1220/a/crypto-gram.php3
19. http://lwn.net/alerts/EnGarde/ESA-20011217-01.php3
20. http://lwn.net/alerts/RedHat/RHSA-2001:160-09.php3
21. http://lwn.net/2001/1220/a/glibc-vulnerability.php3
22. http://lwn.net/alerts/Mandrake/MDKSA-2001:091.php3
23. http://lwn.net/2001/1220/a/UnixManualPhpScript.php3
24. http://lwn.net/2001/1220/a/WebSphereVul.php3
25. http://lwn.net/2001/1220/a/MagicEnterprise.php3
26. http://lwn.net/2001/1213/security.php3#mailman
27. http://lwn.net/alerts/Debian/DSA-094-1.php3
28. http://lwn.net/alerts/Conectiva/CLA-2001:445.php3
29. http://lwn.net/2001/1206/security.php3#openssh
30. http://lwn.net/alerts/Caldera/CSSA-2001-042.1.php3
31. http://lwn.net/alerts/Caldera/CSSA-2001-042.0.php3
32. http://lwn.net/alerts/Conectiva/CLA-2001:446.php3
33. http://lwn.net/alerts/Mandrake/MDKSA-2001:092.php3
34. http://lwn.net/alerts/Debian/DSA-091-1.php3
35. http://lwn.net/alerts/RedHat/RHSA-2001:161-08.php3
36. http://lwn.net/2001/0726/security.php3#mtelnetd
37. http://lwn.net/alerts/Mandrake/MDKSA-2001:093.php3
38. http://lwn.net/alerts/Caldera/CSSA-2001-030.0.php3
39. http://lwn.net/alerts/Conectiva/CLA-2001:413.php3
40. http://lwn.net/alerts/Debian/DSA-075-1.php3
41. http://lwn.net/alerts/Debian/DSA-075-2.php3
42. http://lwn.net/alerts/Mandrake/MDKSA-2001:068.php3
43. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-27.php3
44. http://lwn.net/alerts/RedHat/RHSA-2001:099-06.php3
45. http://lwn.net/alerts/RedHat/RHSA-2001:100-02.php3
46. http://lwn.net/alerts/Slackware/sl-997726350.php3
47. http://lwn.net/alerts/SuSE/SuSE-SA:2001:029.php3
48. http://lwn.net/alerts/YellowDog/YDU-20010810-1.php3
49. http://lwn.net/alerts/YellowDog/YDU-20010810-2.php3
50. http://lwn.net/2001/1220/a/CertOnSSH.php3
51. http://lwn.net/2001/1220/a/ProcmailAndSecurity.php3
52. http://www.linuxjournal.com//article.php?sid=5662
53. http://www.ccc.de/congress
54. http://www.federalevents.com/fc_main.html
55. http://www.privacyassociation.org/html/conferences.html
56. http://www.codecon.org/
57. http://www.rsaconference.com/
58. http://securityfocus.com/calendar
59. mailto:lwn@lwn.net
60. mailto:lwn@lwn.net
61. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
62. http://lwn.net/alerts/
63. http://www.astaro.com/products/index.html
64. http://bluelinux.sourceforge.net/
65. http://castle.altlinux.ru/
66. http://www.engardelinux.org/
67. http://www.immunix.org/
68. http://www.kaladix.org/
69. http://www.nsa.gov/selinux/
70. http://www.openwall.com/Owl/
71. http://www.trustix.com/
72. http://www.bastille-linux.org/
73. http://lsap.org/
74. http://lsm.immunix.org/
75. http://www.openssh.com/
76. http://www.securityfocus.com/archive/1
77. http://www.nfr.net/firewall-wizards/
78. http://www.jammed.com/Lists/ISN/
79. http://www.calderasystems.com/support/security/
80. http://www.conectiva.com.br/atualizacoes/
81. http://www.debian.org/security/
82. http://www.kondara.org/errata/k12-security.html
83. http://www.esware.com/actualizaciones.html
84. http://linuxppc.org/security/advisories/
85. http://www.linux-mandrake.com/en/fupdates.php3
86. http://www.redhat.com/support/errata/index.html
87. http://www.suse.de/security/index.html
88. http://www.yellowdoglinux.com/resources/
89. http://www.BSDI.COM/services/support/patches/
90. http://www.freebsd.org/security/security.html
91. http://www.NetBSD.ORG/Security/
92. http://www.openbsd.org/security.html
93. http://www.calderasystems.com/support/forums/announce.html
94. http://www.cobalt.com/support/resources/usergroups.html
95. http://distro.conectiva.com.br/atualizacoes/
96. http://www.debian.org/MailingLists/subscribe
97. http://www.esware.com/lista_correo.html
98. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
99. http://www.kondara.org/mailinglist.html.en
100. http://l5web.laser5.co.jp/ml/ml.html
101. http://www.linuxfromscratch.org/services/mailinglistinfo.php
102. http://www.linux-mandrake.com/en/flists.php3
103. http://www.netbsd.org/MailingLists/
104. http://www.openbsd.org/mail.html
105. http://www.redhat.com/mailing-lists/
106. http://www.slackware.com/lists/
107. http://www.stampede.org/mailinglists.php3
108. http://www.suse.com/en/support/mailinglists/index.html
109. http://www.trustix.net/support/
110. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
111. http://lists.yellowdoglinux.com/ydl_updates.shtml
112. http://munitions.vipul.net/
113. http://www.zedz.net/
114. http://www.cert.org/nav/alerts.html
115. http://ciac.llnl.gov/ciac/
116. http://www.MountainWave.com/
117. http://www.counterpane.com/crypto-gram.html
118. http://linuxlock.org/
119. http://linuxsecurity.com/
120. http://www.securityfocus.com/
121. http://www.securityportal.com/
122. http://lwn.net/2001/1220/kernel.php3
123. http://www.eklektix.com/
124. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
URL: http://www.lwn.net/2001/1220/security.php3 |
Sergey Lentsov |
20 Dec 2001 17:11:08 |
|
|
