|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Sergey Lentsov 2:4615/71.10 10 May 2002 19:55:10
To : All
Subject : URL: http://www.lwn.net/2002/0509/security.php3
--------------------------------------------------------------------------------
[1][LWN Logo]
[LWN.net]
Sections:
[2]Main page
Security
[3]Kernel
[4]Distributions
[5]Development
[6]Commerce
[7]Linux in the news
[8]Announcements
[9]Letters
[10]All in one big page
See also: [11]last week's Security page.
Security
News and Editorials
The Honeynet Project Reverse Challenge. The Honeynet Project has
[12]announced a new challenge for the security community. It differs
from last year's Forensic Challenge, however: "The goal of this
challenge is to develop reverse engineering skills amongst the
security community. Your mission, if you should choose to accept, is
to analyze and report on a binary captured in the wild." The captured
binary was [13]released on May 5th. There are actually prizes being
offered this time around.
Jeffrey Reava has [14]suggested a couple of resources that "may be
helpful in putting together an analysis environment." Please remember
that the subject is a binary "captured in the wild" and take
appropriate precautions.
NewScientist.com has also run an [15]article about the contest.
Security Reports
Multiple vulnerabilities in tcpdump. Version 3.5.2 fixed a buffer
overflow vulnerability in all prior versions. However, newer versions,
including 3.6.2, are vulnerable to another buffer overflow in the AFS
RPC functions that was reported by Nick Cleaton.
This [16]Conectiva announcement addresses both vulnerabilities. The
February 12th [17]Red Hat security advisory does not address the AFS
RPC buffer overflow vulnerability.
Both problems appear to have been reported and fixed in FreeBSD some
months ago. The [18]CIAC report on the vulnerability in versions prior
to 3.5.2 is dated October 31, 2000. Nick Cleaton's [19]FreeBSD
security advisory on the AFS RPC bug, and reference to a fix for
FreeBSD, is dated July, 17, 2001. [20]Tcpdump 3.7 was released on
January 21, 2002. So the Linux distributors are running a little slow
on this one. (Thanks to Michael Richardson).
Heap corruption vulnerability in imlib. A new problem has been found
with the imlib library; this heap corruption bug could, perhaps, lead
to remote exploits. Note that this is a different problem than the
NetPBM vulnerability (reported below); a new update is required to fix
it. So far, the only update we have seen for the new vulnerability is
[21]this one from Conectiva.
Webmin/Usermin vulnerabilities. [22]Webmin is a web-based interface
for system administration for Unix. Webmin has [23]cross-site
scripting and [24]session ID spoofing vulnerabilities which are fixed
in [25]version 0.970.
Gentoo security update to evolution. There is [26]a security update to
evolution available for Gentoo Linux fixing the malformed header
processing vulnerability in that package.
Red Hat Security Advisory: Nautilus. Red Hat has posted a security
update to [27]nautilus. "The metadata file code in Red Hat Linux 7.2
can be tricked into chasing a symlink and overwriting the symlink
target."
SuSE security update to sysconfig. SuSE has [28]updated its sysconfig
package fixing a (SuSE-specific) problem where DHCP clients can be
compromised via spoofed DHCP reply packets.
Packet Storm warning. "On May 5, a file was added to Packet Storm
which was found to contain a linux virus known as Linux.Jac.8759. The
file, 73501867, is an exploit for PHP in binary form." [29]Packet
Storm is "a non-profit organization comprised of security engineers
dedicated to providing the information necessary to secure the World's
networks." (Thanks to Giorgio Zoppi).
Updates
Problem loading untrusted images in imlib. Versions of imlib prior to
1.9.13 used the NetPBM package in ways which "make it possible for
attackers to create image files such that when loaded via software
which uses Imlib, could crash the program or potentially allow
arbitrary code to be executed." (First LWN report: [30]March 28).
This week's updates:
* [31]SuSE (May 7, 2002)
Previous updates:
* [32]Caldera (April 29, 2002)
* [33]Conectiva (March 28, 2002)
* [34]Eridani (March 27, 2002)
* [35]Mandrake (April 25, 2002)
* [36]Red Hat (March 20, 2002)
mod_python remote vulnerability. Version 2.7.7 of mod_python [37]has
been announced. "This release (as far as I could tell adequately)
addresses the security issue whereby a module indirectly imported by a
published module could then be accessed via the publisher." Upgrades
are recommended. (First LWN report: [38]April 18).
This week's updates:
* [39]Conectiva (May 3, 2002)
* [40]Red Hat (May 2, 2002)
Mozilla XMLHttpRequest file disclosure vulnerability. This
[41]XMLHttpRequest security bug impacts all Mozilla-based browsers.
"The bug is found in versions of Mozilla from 0.9.7 to 0.9.9 on
various operating system platforms, and in Netscape versions 6.1 and
higher." (First LWN report: [42]May 2).
This week's updates:
* The fix is in Mozilla 1.0 branch [43]nightly builds dated 2 May
2002 or later.
ZDNet also [44]covered the vulnerability with a focus on its presence
in Netscape.
Resources
Linux security week. The [45]Linux Security Week and [46]Linux
Advisory Watch publications from LinuxSecurity.com are available.
GnuPG version 1.0.7 released. Version 1.0.7 of the Gnu Privacy Guard
(GnuPG), the open replacement for PGP [47]has been released. This
version features a large number of changes and improvements.
Events
Upcoming Security Events.
Mark your calendars - DEFCON 10. The [48]announcement has gone out:
DEFCON 10, "largest hacker convention on the planet," will be held
August 2 to 4 in Las Vegas.
Date Event Location
May 9, 2002 [49]Stanford's Center for Internet and Society Conference
on Computer Security Vulnerability Disclosure (Stanford Law
School)Stanford, CA, USA
May 12 - 15, 2002 [50]2002 IEEE Symposium on Security and Privacy (The
Claremont Resort)Oakland, California, USA
May 13 - 14, 2002 [51]3rd International Common Criteria
Conference(ICCC) Ottawa, Ont., Canada
May 13 - 17, 2002 [52]14th Annual Canadian Information Technology
Security Symposium(CITSS) (Ottawa Congress Centre)Ottawa, Ontario,
Canada
May 27 - 31, 2002 [53]3rd International SANE Conference(SANE 2002)
Maastricht, The Netherlands
May 29 - 30, 2002 [54]RSA Conference 2002 Japan (Akasaka Prince
Hotel)Tokyo, Japan
May 31 - June 1, 2002 [55]SummerCon 2002 (Renaissance Hotel)Washington
D.C., USA
June 17 - 19, 2002 [56]NetSec 2002 San Fransisco, California, USA
June 24 - 28, 2002 [57]14th Annual Computer Security Incident Handling
Conference (Hilton Waikoloa Village)Hawaii
June 24 - 26, 2002 [58]15th IEEE Computer Security Foundations
Workshop (Keltic Lodge, Cape Breton)Nova Scotia, Canada
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [59]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [60]lwn@lwn.net.
Section Editor: [61]Dennis Tenney
May 9, 2002
Sponsored Link
[62]Cheap and Effective
LWN's text ads are a cheap and effective marketing tool for your
organization. You can now purchase text ads automatically through our
own credit card gateway. (No more PayPal).
LWN Resources
[63]Security alerts archive
Secured Distributions:
[64]Astaro Security
[65]Castle
[66]Engarde Secure Linux
[67]Immunix
[68]Kaladix Linux
[69]NSA Security Enhanced
[70]Openwall GNU/Linux
[71]Trustix
Security Projects
[72]Bastille
[73]Linux Security Audit Project
[74]Linux Security Module
[75]OpenSSH
Security List Archives
[76]Bugtraq Archive
[77]Firewall Wizards Archive
[78]ISN Archive
Distribution-specific links
[79]Caldera Advisories
[80]Conectiva Updates
[81]Debian Alerts
[82]Kondara Advisories
[83]Esware Alerts
[84]LinuxPPC Security Updates
[85]Mandrake Updates
[86]Red Hat Errata
[87]SuSE Announcements
[88]Turbolinux
[89]Yellow Dog Errata
BSD-specific links
[90]BSDi
[91]FreeBSD
[92]NetBSD
[93]OpenBSD
Security mailing lists
[94]Caldera
[95]Cobalt
[96]Conectiva
[97]Debian
[98]Esware
[99]FreeBSD
[100]Kondara
[101]LASER5
[102]Linux From Scratch
[103]Linux-Mandrake
[104]NetBSD
[105]OpenBSD
[106]Red Hat
[107]Slackware
[108]Stampede
[109]SuSE
[110]Trustix
[111]turboLinux
[112]Yellow Dog
Security Software Archives
[113]munitions
[114]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[115]CERT
[116]CIAC
[117]Comp Sec News Daily
[118]Crypto-GRAM
[119]LinuxLock.org
[120]LinuxSecurity.com
[121]Security Focus
[122]SecurityPortal
[123]Next: Kernel
[124]Eklektix, Inc. Linux powered! Copyright Л 2002 [125]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://lwn.net/2002/0509/
3. http://lwn.net/2002/0509/kernel.php3
4. http://lwn.net/2002/0509/dists.php3
5. http://lwn.net/2002/0509/devel.php3
6. http://lwn.net/2002/0509/commerce.php3
7. http://lwn.net/2002/0509/press.php3
8. http://lwn.net/2002/0509/announce.php3
9. http://lwn.net/2002/0509/letters.php3
10. http://lwn.net/2002/0509/bigpage.php3
11. http://lwn.net/2002/0502/security.php3
12. http://lwn.net/2002/0509/a/honeynet-challenge.php3
13. http://lwn.net/2002/0509/a/honeynetbinary.php3
14. http://lwn.net/2002/0509/a/honeynetlinks.php3
15. http://www.newscientist.com/news/news.jsp?id=ns99992250
16. http://lwn.net/alerts/Conectiva/CLA-2002:480.php3
17. http://lwn.net/alerts/RedHat/RHSA-2001:089-08.php3
18. http://www.ciac.org/ciac/bulletins/l-015.shtml
19.
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:48.tcpdump.asc
20. http://www.tcpdump.org/
21. http://lwn.net/alerts/Conectiva/CLA-2002:481.php3
22. http://www.webmin.com/
23. http://lwn.net/2002/0509/a/webmincss.php3
24. http://lwn.net/2002/0509/a/webminspoof.php3
25. http://www.webmin.com/download.html
26. http://lwn.net/alerts/Gentoo/evolution-20020503.php3
27. http://lwn.net/alerts/RedHat/RHSA-2002:064-12.php3
28. http://lwn.net/alerts/SuSE/SuSE-SA:2002:016.php3
29. http://packetstormsecurity.nl/
30. http://lwn.net/2002/0328/security.php3#imlib
31. http://lwn.net/alerts/SuSE/SuSE-SA:2002:015.php3
32. http://lwn.net/alerts/Caldera/CSSA-2002-019.0.php3
33. http://lwn.net/alerts/Conectiva/CLA-2002:470.php3
34. http://lwn.net/alerts/Eridani/ERISA-2002:011.php3
35. http://lwn.net/alerts/Mandrake/MDKSA-2002:029.php3
36. http://lwn.net/alerts/RedHat/RHSA-2002:048-06.php3
37. http://lwn.net/2002/0418/a/modpy277.php3
38. http://lwn.net/2002/0418/security.php3#modpython
39. http://lwn.net/alerts/Conectiva/CLA-2002:477.php3
40. http://lwn.net/alerts/RedHat/RHSA-2002:070-06.php3
41. http://sec.greymagic.com/adv/gm001-ns/
42. http://lwn.net/2002/0502/security.php3#mozilla
43. http://ftp.mozilla.org/pub/mozilla/nightly/latest-1.0.0/
44. http://zdnet.com.com/2100-1104-896099.html
45. http://lwn.net/2002/0509/a/security-week.php3
46. http://lwn.net/2002/0509/a/advisory-watch.php3
47. http://lists.gnupg.org/pipermail/gnupg-announce/2002q2/000251.html
48. http://lwn.net/2002/0509/a/defcon-10.php3
49. http://cyberlaw.stanford.edu/
50. http://www.ieee-security.org/TC/SP02/sp02index.html
51. http://www.cse-cst.gc.ca/en/iccc/iccc.html
52. http://www.cse-cst.gc.ca/en/symposium/symposium.html
53. http://www.nluug.nl/sane/
54. http://www.rsaconference.net/
55. http://www.summercon.org/
56. http://www.gocsi.com/#netsec
57. http://www.first.org/conference/2002
58. http://www.csl.sri.com/programs/security/csfw/csfw15/csfw15.html
59. http://securityfocus.com/calendar
60. mailto:lwn@lwn.net
61. mailto:lwn@lwn.net
62.
http://oasis.lwn.net/oasisc.php?s=4&c=5&cb=645570665&url=http%3A%2F%2Flwn.net%2F
corp%2Fadvertise%2Ftext%2F
63. http://lwn.net/alerts/
64. http://www.astaro.com/products/index.html
65. http://castle.altlinux.ru/
66. http://www.engardelinux.org/
67. http://www.immunix.org/
68. http://www.kaladix.org/
69. http://www.nsa.gov/selinux/
70. http://www.openwall.com/Owl/
71. http://www.trustix.com/
72. http://www.bastille-linux.org/
73. http://lsap.org/
74. http://lsm.immunix.org/
75. http://www.openssh.com/
76. http://www.securityfocus.com/archive/1
77. http://www.nfr.net/firewall-wizards/
78. http://www.jammed.com/Lists/ISN/
79. http://www.calderasystems.com/support/security/
80. http://www.conectiva.com.br/atualizacoes/
81. http://www.debian.org/security/
82. http://www.kondara.org/errata/k12-security.html
83. http://www.esware.com/actualizaciones.html
84. http://linuxppc.org/security/advisories/
85. http://www.linux-mandrake.com/en/fupdates.php3
86. http://www.redhat.com/support/errata/index.html
87. http://www.suse.de/security/index.html
88. http://www.turbolinux.com/security/
89. http://www.yellowdoglinux.com/resources/
90. http://www.BSDI.COM/services/support/patches/
91. http://www.freebsd.org/security/security.html
92. http://www.NetBSD.ORG/Security/
93. http://www.openbsd.org/security.html
94. http://www.calderasystems.com/support/forums/announce.html
95. http://www.cobalt.com/support/resources/usergroups.html
96. http://distro.conectiva.com.br/atualizacoes/
97. http://www.debian.org/MailingLists/subscribe
98. http://www.esware.com/lista_correo.html
99. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
100. http://www.kondara.org/mailinglist.html.en
101. http://l5web.laser5.co.jp/ml/ml.html
102. http://www.linuxfromscratch.org/services/mailinglistinfo.php
103. http://www.linux-mandrake.com/en/flists.php3
104. http://www.netbsd.org/MailingLists/
105. http://www.openbsd.org/mail.html
106. http://www.redhat.com/mailing-lists/
107. http://www.slackware.com/lists/
108. http://www.stampede.org/mailinglists.php3
109. http://www.suse.com/en/support/mailinglists/index.html
110. http://www.trustix.net/support/
111. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
112. http://lists.yellowdoglinux.com/ydl_updates.shtml
113. http://munitions.vipul.net/
114. http://www.zedz.net/
115. http://www.cert.org/nav/alerts.html
116. http://ciac.llnl.gov/ciac/
117. http://www.MountainWave.com/
118. http://www.counterpane.com/crypto-gram.html
119. http://linuxlock.org/
120. http://linuxsecurity.com/
121. http://www.securityfocus.com/
122. http://www.securityportal.com/
123. http://lwn.net/2002/0509/kernel.php3
124. http://www.eklektix.com/
125. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
URL: http://www.lwn.net/2002/0509/security.php3 |
Sergey Lentsov |
10 May 2002 19:55:10 |
|
|
