|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Sergey Lentsov 2:4615/71.10 19 Jul 2001 16:52:08
To : All
Subject : URL: http://www.lwn.net/2001/0719/security.php3
--------------------------------------------------------------------------------
[1][LWN Logo]
[2]Click Here
[LWN.net]
Sections:
[3]Main page
Security
[4]Kernel
[5]Distributions
[6]On the Desktop
[7]Development
[8]Commerce
[9]Linux in the news
[10]Announcements
[11]Linux History
[12]Letters
[13]All in one big page
See also: [14]last week's Security page.
Security
News and Editorials
NIST gives away vulnerability database. The National Institute for
Standards Technology announced this week that they are [15]giving away
their vulnerability database, free for public use. The data is being
provided on a royalty-free basis, for inclusion in both proprietary
and free products. Check the [16]ICAT home-page for more details.
Note that the data is provided as a Microsoft Access 2000 file.
Hopefully someone will massage it into a more friendly, open format in
the near future.
Snort: Planning IDS for Your Enterprise (Linux Journal). The Snort
Intrusion Detection System gets a look in [17]this Linux Journal
article. "Snort is often referred to as a lightweight intrusion
detection system. Snort is labeled lightweight because it is designed
primarily for small network segments. Snort is very flexible due to
its rule-based architecture. The designers of Snort have made it very
easy to insert and expand upon rules as new security threats are
detected".
This month's CRYPTO-GRAM newsletter. Bruce Schneier's [18]CRYPTO-GRAM
Newsletter for July is out. The main topics of interest this month are
Internet-based telephony (and the associated security risks) and
security monitoring.
Also from Bruce this month is a [19]a copy of his written testimony
provided for the Senate Subcommittee on E-consumer Science, Technology
and Space. The favorite quote of the week is, of course, this one:
What will happen when the CFO looks at his premium and realizes
that it will go down 50 percent if he gets rid of all his insecure
Windows operating systems and replaces them with a secure version
of Linux? The choice of which operating system to use will no
longer be 100 percent technical.
In addition, however, many of his other comments are also worth
reviewing, including his belief that the Internet will never be
secure, but will, in fact, grow less secure. He emphasizes that
automatic security will always be flawed and human intervention
required.
Which Is More Secure? -- Open Source Vs. Proprietary (Interactive
Week). Jeremy Allison provides the [20]open source argument in this
two-sided story on Security from Interactive Week. "Most often, a
security alert is issued for a proprietary software package once a
cracker has created and published an exploit to take advantage of a
problem. Most open source security alerts are issued because of
third-party audits, not published exploits, and an alert is published
in the spirit of openness to notify any users of the broken software
about upgrades."
PortSentry (Linux Journal). Linux Journal looks at [21]PortSentry and
LogCheck, two tools in the arsenal of security. "Once a host is
targeted by an attacker, a port scan is almost always performed. The
port scan is done to expose all services available on the target host
and to provide a starting point for break-in attempts. PortSentry
detects such scans by monitoring the unused ports on the host. "
Security Reports
Linux init default umask vulnerability.
Linux kernel versions 2.4.3 through 2.4.6 create the init process with
a default umask of 0000. If a specific Linux distribution does not
explicitly change this umask, this vulnerability can be exploited
locally to gain root privileges. Check [22]BugTraq ID 3031 for more
details.
Adding 'umask 022' to the beginning of the rc.sysinit file will
resolve the problem, which has been fixed as of 2.4.7pre7.
CERT security advisory for LDAP.
CERT has issued [23]a security advisory describing denial of service
and remote compromise vulnerabilities in numerous LDAP servers,
including OpenLDAP. CERT does not normally get into the picture until
problems are being actively exploited, so, if you're running LDAP,
it's probably worth taking a look and doing a quick update.
Vulnerable versions of OpenLDAP include 1.x prior to 1.2.12 and 2.x
prior to 2.0.8. Note that OpenLDAP was only found to be vulnerable to
denial-of-service attacks; no remote compromise vulnerabilities were
found.
AllCommerce temporary file creation vulnerability.
[24]AllCommerce, a Perl and SQL92-based e-commerce application, has
been reported to contain a temporary file creation vulnerability.
Check also BugTraq ID [25]3016.
* [26]Engarde
Engarde Secure Linux-specific sudo vulnerability.
The default configuration of Engarde can lead to elevated privileges
for accounts included in the admin group. They have issued [27]an
advisory and recommended workarounds. Check also BugTraq ID [28]3019.
vipw insecure file permissions vulnerability.
Red Hat has issued [29]an advisory for vipw in Red Hat 7.1. If vipw is
used to edit the /etc/shadow file, the modified file will be saved
with improper permissions. Check also [30]BugTraq ID 3036.
Slackware /var/man permissions vulnerability.
Slackware 8.0 and earlier has been reported to contain a vulnerability
due to the [31]permissions shipped by default on the /var/man/cat*
directories. These directories are shipped with permissions "1777",
allowing world-write access. Using symlinks, this access can be
exploited to overwrite files owned by the person running the man
command. In particular, if man is run by root, this can be exploited
locally to gain root privileges. Modifying the permissions on the
directories will close the vulnerability.
Opera malformed header vulnerabilty.
The Opera web browser version 5.0 for Linux has been reported to have
difficulties handling malformed headers. As a result, this can be
exploited by malicious webmasters to cause the browser to crash. No
response from Opera has been seen so far.
web scripts.
The following web scripts were reported to contain vulnerabilities:
* [32]Docview, a set of CGI scripts from Caldera Systems, is
reported to contain an argument validation problem. This can allow
a local attacker to gain access to the 'httpd' account. Docview
1.0-15 fixes this problem. Caldera has provided updated docview
packages for OpenLinux Server 3.1 and OpenLinux Workstation 3.1.
* [33]Interactive Story 1.3, a perl-based freeware application,
contains a directory transversal vulnerability. This has been
fixed in version 1.4.
* [34]Adcycle Adlogin.pm, one of a set of scripts to handle ad
banner rotation, has been reported to contain an administrator
authentication bypass vulnerability. An upgrade to Adcycle 1.16
should resolve the problem.
Proprietary products.
The following proprietary products were reported to contain
vulnerabilities:
* [35]Cisco IOS PPTP (Point to Point Tunneling Protocol) has been
reported to contain a vulnerability that can crash the router if
it receives a malformed or crafted PPTP packet. No workaround is
available, but updated software is. Check also [36]BugTraq ID
3022.
Updates
OpenSSL Pseudo-random number generator weakness. Check the [37]July
12th LWN Security Summary for the original report or BugTraq ID
[38]3004.
This week's updates:
* [39]Red Hat
Previous updates:
* [40]Engarde (July 12th)
* [41]Trustix (July 12th)
cfingerd buffer overflow and format string vulnerabilities.
Check the [42]June 28th LWN Security Summary for the original report
or BugTraq ID [43]2914. These vulnerabilities can be exploited locally
to gain elevated privileges, possibly including root access.
This week's updates:
* [44]Debian
fetchmail buffer overflow.
Check the [45]June 21st LWN Security Summary for the original report.
This is remotely exploitable and could lead to root access if
fetchmail is run by root. An upgrade to fetchmail 5.8.6 will resolve
the problem.
This week's updates:
* [46]SuSE, patch available but no advisory released
Previous updates:
* [47]Caldera (June 28th)
* [48]Engarde (June 28th)
* [49]Immunix (June 21st)
* [50]Debian (June 21st)
* [51]Conectiva (June 21st)
* [52]Slackware, June 18th Changelog
* [53]MandrakeSoft (July 12th)
Horde IMP Message Attachment symbolic link vulnerability.
Check the [54]June 7th, 2001 LWN Security Summary for the initial
report (or BugTraq ID [55]2805). Horde Imp versions prior to 2.2.5
contain this vulnerability, which stems from the use of the PHP
tempnam function for creating temporary files. Upgrading to Imp 2.2.5
and PHP 4.0.5 is recommended.
This week's updates:
* [56]Caldera
elm alternate folder buffer overflow.
Check the [57]March 1st LWN Security Summary for the initial report.
Elm 2.5 PL3 was impacted. The problem was fixed in elm 2.5.4. Updated
versions of elm are [58]available. Check BugTraq ID [59]2403 for more
details.
This week's updates:
* [60]Red Hat (already included in RH 7.1/Alpha)
Multiple buffer overflows in tcpdump.
[61]Multiple buffer overflows in tcpdump were reported in our November
2nd, 2000 edition. Check also BugTraq ID [62]1870
This week's updates:
* [63]FreeBSD, 4.X
Previous updates:
* [64]FreeBSD (November 2nd, 2000
* [65]SuSE (November 16th, 2000
* [66]Debian (November 23rd, 2000)
* [67]SuSE (November 23rd, 2000)
* [68]Turbolinux (June 14th)
* [69]Linux-Mandrake (June 14th)
Events
10th Usenix Security Symposium. The [70]10th Usenix Security Symposium
is scheduled for August 13th through the 17th in Washington, D.C.
Richard M. Smith, CTO of the Privacy Foundation, will be giving the
keynote. Edward W. Felten, Princeton University, and his research team
will be presenting a refereed paper on "Reading Between the Lines:
Lessons from the SDMI Challenge".
Upcoming Security Events.
Date Event Location
August 6 - 10, 2001 [71]CERT Conference 2001 Omaha, NE, USA.
August 7, 2001 [72]CIBC World Markets First Annual Security & Privacy
Conference New York, NY, USA.
August 10 - 12, 2001 [73]Hackers at Large 2001(HAL2001) Enschede,
Netherlands
August 13 - 17, 2001 [74]10th USENIX Security Symposium 2001
Conference Washington, D.C.
September 11 - 13, 2001 [75]New Security Paradigms Workshop 2001(NSPW)
Cloudcroft, New Mexico, USA
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [76]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [77]lwn@lwn.net.
Section Editor: [78]Liz Coolbaugh
July 19, 2001
[79]Click Here
Secured Distributions:
[80]Blue Linux
[81]Engarde Secure Linux
[82]Immunix
[83]Kaladix
[84]NSA Security Enhanced
[85]Openwall GNU/Linux
[86]Trustix
Security Projects
[87]Bastille
[88]Linux Security Audit Project
[89]Linux Security Module
[90]OpenSSH
Security List Archives
[91]Bugtraq Archive
[92]Firewall Wizards Archive
[93]ISN Archive
Distribution-specific links
[94]Caldera Advisories
[95]Conectiva Updates
[96]Debian Alerts
[97]Kondara Advisories
[98]Esware Alerts
[99]LinuxPPC Security Updates
[100]Mandrake Updates
[101]Red Hat Errata
[102]SuSE Announcements
[103]Yellow Dog Errata
BSD-specific links
[104]BSDi
[105]FreeBSD
[106]NetBSD
[107]OpenBSD
Security mailing lists [108]Caldera
[109]Cobalt
[110]Conectiva
[111]Debian
[112]Esware
[113]FreeBSD
[114]Kondara
[115]LASER5
[116]Linux From Scratch
[117]Linux-Mandrake
[118]NetBSD
[119]OpenBSD
[120]Red Hat
[121]Slackware
[122]Stampede
[123]SuSE
[124]Trustix
[125]turboLinux
[126]Yellow Dog
Security Software Archives
[127]munitions
[128]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[129]CERT
[130]CIAC
[131]Comp Sec News Daily
[132]Crypto-GRAM
[133]LinuxLock.org
[134]LinuxSecurity.com
[135]OpenSEC
[136]Security Focus
[137]SecurityPortal
[138]Next: Kernel
[139]Eklektix, Inc. Linux powered! Copyright Л 2001 [140]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
3. http://lwn.net/2001/0719/
4. http://lwn.net/2001/0719/kernel.php3
5. http://lwn.net/2001/0719/dists.php3
6. http://lwn.net/2001/0719/desktop.php3
7. http://lwn.net/2001/0719/devel.php3
8. http://lwn.net/2001/0719/commerce.php3
9. http://lwn.net/2001/0719/press.php3
10. http://lwn.net/2001/0719/announce.php3
11. http://lwn.net/2001/0719/history.php3
12. http://lwn.net/2001/0719/letters.php3
13. http://lwn.net/2001/0719/bigpage.php3
14. http://lwn.net/2001/0712/security.php3
15. http://lwn.net/2001/0719/a/sec-nist.php3
16. http://icat.nist.gov/
17. http://noframes.linuxjournal.com/articles/misc/0047.html
18. http://lwn.net/2001/0719/a/crypto-gram.php3
19. http://lwn.net/2001/0719/a/brucetestimony.php3
20. http://www.zdnet.com/intweek/stories/news/0,4164,2784795-2,00.html
21. http://noframes.linuxjournal.com/articles/culture/0028.html
22. http://www.securityfocus.com/bid/3031
23. http://lwn.net/2001/0719/a/cert-ldap.php3
24. http://freshmeat.net/projects/allcommerce/
25. http://www.securityfocus.com/bid/3016
26. http://lwn.net/2001/0719/a/en-allcommerce.php3
27. http://lwn.net/2001/0719/a/en-sudo.php3
28. http://www.securityfocus.com/bid/3019
29. http://lwn.net/2001/0719/a/rh-vipw.php3
30. http://www.securityfocus.com/bid/3036
31. http://lwn.net/2001/0719/a/sl-varman.php3
32. http://lwn.net/2001/0719/a/caldera-docview.php3
33. http://www.securityfocus.com/bid/3028
34. http://www.securityfocus.com/bid/3032
35. http://lwn.net/2001/0719/a/cisco-pptp.php3
36. http://www.securityfocus.com/bid/3022
37. http://lwn.net/2001/0712/security.php3#openssl
38. http://www.securityfocus.com/bid/3004
39. http://lwn.net/2001/0719/a/rh-openssl.php3
40. http://lwn.net/2001/0712/a/eng-openssl.php3
41. http://lwn.net/2001/0712/a/trustix-openssl.php3
42. http://lwn.net/2001/0628/security.php3#cfingerd
43. http://www.securityfocus.com/bid/2914
44. http://lwn.net/2001/0719/a/db-cfingerd.php3
45. http://lwn.net/2001/0621/security.php3#fetchmail
46. http://www.suse.de/de/support/download/updates/index.html
47. http://lwn.net/2001/0628/a/caldera-fetchmail.php3
48. http://lwn.net/2001/0628/a/engarde-fetchmail.php3
49. http://lwn.net/2001/0621/a/im-fetchmail.php3
50. http://lwn.net/2001/0621/a/deb-fetchmail.php3
51. http://lwn.net/2001/0621/a/con-fetchmail.php3
52. http://www.slackware.com/changelog/current.php?cpu=i386
53. http://lwn.net/2001/0712/a/mandfetchmail.php3
54. http://lwn.net/2001/0607/security.php3#impphp
55. http://www.securityfocus.com/bid/2805
56. http://lwn.net/2001/0719/a/caldera-imp.php3
57. http://lwn.net/2001/0301/security.php3#elm
58. http://ftp.virginia.edu/pub/elm
59. http://www.securityfocus.com/bid/2403
60. http://lwn.net/2001/0719/a/rh-elm.php3
61. http://lwn.net/2000/1102/security.php3#tcpdump
62. http://www.securityfocus.com/bid/1870
63. http://lwn.net/2001/0719/a/fb-tcpdump.php3
64. http://lwn.net/2000/1102/a/sec-freebsd-tcpdump.php3
65. http://lwn.net/2000/1116/a/sec-suse-misc.php3
66. http://lwn.net/2000/1123/a/deb-tcpdump.php3
67. http://lwn.net/2000/1123/a/sec-suse-tcpdump.php3
68. http://lwn.net/2001/0614/a/tl-tcpdump28.php3
69. http://lwn.net/2001/0614/a/lm-tcpdump.php3
70. http://lwn.net/2001/0719/a/sec-usenix.php3
71. http://www.certconf.org/
72. http://www.cibcwm.com/eq/conference/security/
73. http://www.hal2001.org/hal/01Home/index.html
74. http://www.usenix.org/events/sec2001
75. http://www.nspw.org/
76. http://securityfocus.com/calendar
77. mailto:lwn@lwn.net
78. mailto:lwn@lwn.net
79. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
80. http://bluelinux.sourceforge.net/
81. http://www.engardelinux.org/
82. http://www.immunix.org/
83. http://www.maganation.com/~kaladix/
84. http://www.nsa.gov/selinux/
85. http://www.openwall.com/Owl/
86. http://www.trustix.com/
87. http://www.bastille-linux.org/
88. http://lsap.org/
89. http://lsm.immunix.org/
90. http://www.openssh.com/
91. http://www.securityfocus.com/bugtraq/archive/
92. http://www.nfr.net/firewall-wizards/
93. http://www.jammed.com/Lists/ISN/
94. http://www.calderasystems.com/support/security/
95. http://www.conectiva.com.br/atualizacoes/
96. http://www.debian.org/security/
97. http://www.kondara.org/errata/k12-security.html
98. http://www.esware.com/actualizaciones.html
99. http://linuxppc.org/security/advisories/
100. http://www.linux-mandrake.com/en/fupdates.php3
101. http://www.redhat.com/support/errata/index.html
102. http://www.suse.de/security/index.html
103. http://www.yellowdoglinux.com/resources/errata.shtml
104. http://www.BSDI.COM/services/support/patches/
105. http://www.freebsd.org/security/security.html
106. http://www.NetBSD.ORG/Security/
107. http://www.openbsd.org/security.html
108. http://www.calderasystems.com/support/forums/announce.html
109. http://www.cobalt.com/support/resources/usergroups.html
110. http://distro.conectiva.com.br/atualizacoes/
111. http://www.debian.org/MailingLists/subscribe
112. http://www.esware.com/lista_correo.html
113. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
114. http://www.kondara.org/mailinglist.html.en
115. http://l5web.laser5.co.jp/ml/ml.html
116. http://www.linuxfromscratch.org/services/mailinglistinfo.php
117. http://www.linux-mandrake.com/en/flists.php3
118. http://www.netbsd.org/MailingLists/
119. http://www.openbsd.org/mail.html
120. http://www.redhat.com/mailing-lists/
121. http://www.slackware.com/lists/
122. http://www.stampede.org/mailinglists.php3
123. http://www.suse.com/en/support/mailinglists/index.html
124. http://www.trustix.net/support/
125. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
126. http://lists.yellowdoglinux.com/ydl_updates.shtml
127. http://munitions.vipul.net/
128. http://www.zedz.net/
129. http://www.cert.org/nav/alerts.html
130. http://ciac.llnl.gov/ciac/
131. http://www.MountainWave.com/
132. http://www.counterpane.com/crypto-gram.html
133. http://linuxlock.org/
134. http://linuxsecurity.com/
135. http://www.opensec.net/
136. http://www.securityfocus.com/
137. http://www.securityportal.com/
138. http://lwn.net/2001/0719/kernel.php3
139. http://www.eklektix.com/
140. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
URL: http://www.lwn.net/2001/0719/security.php3 |
Sergey Lentsov |
19 Jul 2001 16:52:08 |
|
|
