|
|
ru.linux- RU.LINUX --------------------------------------------------------------------- From : Sergey Lentsov 2:4615/71.10 27 Sep 2001 17:28:42 To : All Subject : URL: http://www.lwn.net/2001/0927/security.php3 --------------------------------------------------------------------------------
[1][LWN Logo]
[2]Click Here
[LWN.net]
Sections:
[3]Main page
Security
[4]Kernel
[5]Distributions
[6]On the Desktop
[7]Development
[8]Commerce
[9]Linux in the news
[10]Announcements
[11]Linux History
[12]Letters
[13]All in one big page
See also: [14]last week's Security page.
Security
News and Editorials
Serious vulnerability in PHPNuke. PHPNuke 5.2 has [15]an embarrassing
vulnerability in its file manager function that can allow the creation
and overwriting of arbitrary files on the server system. The advisory
contains a quick source-level fix; a [16]simpler fix was also posted.
Note that PostNuke 0.63 appears not to be vulnerable.
More SQL code injection problems. [17]This RUS-CERT advisory describes
a new range of SQL code injection vulnerabilities. This time the
problem is with the PAM and NSS libraries shipped with most Linux (and
Unix) systems. Through the use of properly-crafted usernames and
passwords, an attacker can cause arbitrary SQL code to be executed.
This, in turn, can lead to database corruption and unauthorized
access.
No vendor updates for the affected modules are yet available.
CRYPTO-GRAM for September. For those who haven't yet seen it: Bruce
Schneier's [18]CRYPTO-GRAM Newsletter for September covers the
September 11 attacks and several other topics.
Security Reports
OpenSSH restricted command vulnerability. OpenSSH 2.9 and 2.9p2 are
subject to unauthorized access problems in certain scenarios. If you
are using authorized key pairs to provide remote access, and have
restricted the commands that may be executed via that key pair, and
have the sftp capability enabled, the command restrictions can be
evaded. The result can be access to a shell on the server system even
though that access had been explicitly denied. The fix, for now,
exists only in the OpenSSH cvs archive; concerned administrators
should update to the cvs version, or simply disable sftp.
slrn executes shell code. The Debian Project has released [19]a
security update to slrn fixing an interesting problem: evidently slrn
will execute any shell code it finds within an article, on the theory
that the article is a self-extracting archive. This may have been
desirable behavior in 1982, but it presents certain difficulties in
modern times. Users of slrn should apply the update; none have yet
been seen from other distributors.
Minor DOS problem with squid. Also from Debian is [20]this update to
squid. Evidently a malformed FTP PUT command can cause the server to
restart. The problem has been fixed in version 2.2.5-3.2.
Updates seen so far:
* [21]Conectiva (September 26, 2001)
* [22]Debian (September 24, 2001)
Format string problems in HylaFax. The HylaFax package has [23]some
format string vulnerabilities. On some systems (i.e. FreeBSD), the
affected binaries are installed setuid uucp, and could thus provide
unauthorized access to the system. Most Linux systems seem to not
install HylaFax with added privileges, however.
Filename vulnerability in Red Hat's serial init script. Red Hat has
issued [24]an alert warning of a potential vulnerability with the
setserial package. This one is obscure: you must have installed
setserial, copied the init script from the documentation directory
over to /etc/rc.d/init.d, and built your own kernel with serial
support installed as a module. If you've done all those things, there
is a potential problem with predictable temporary file names. Most
users, it is expected, need not worry about this one.
Proprietary products.
The following proprietary products were reported to contain
vulnerabilities:
* There is [25]a vulnerability in IBM's WebSphere 4.0 session ID
generation. Session IDs are generated in a predictable way,
meaning that an attacker could obtain access to another user's
session. A fix is available from IBM.
* Cisco has issued [26]a fix for a number of SSH vulnerabilities.
Updates
Source page buffer overflow in man zen-parse reported a [27]buffer
overflow in man that, when manual pages begin with a '.so' statement,
may be exploited to execute arbitrary code under the 'man' group id.
For more details, check BugTraq ID [28]2872. (First reported in the
[29]June 21 LWN security page).
New updates:
* [30]Red Hat (September 6, 2001)
Uucp local user exploits. There is a vulnerability in the command-line
argument handling of uucp which can be exploited by a local user to
obtain uid/gid uucp. See [31]the September 13, 2001 LWN security page
for the initial report.
New updates:
* [32]Debian (September 24, 2001)
* [33]Mandrake (September 21, 2001)
Previous updates:
* [34]Conectiva (September 11, 2001)
* [35]Caldera (September 7, 2001)
Buffer overruns in Window Maker A buffer overrun exists in Window
Maker which could, conceivably, be exploited remotely if the user runs
a hostile application. This problem initially appeared in the
[36]August 16, 2001 LWN security page.
New updates:
* [37]SuSE (September 20, 2001)
Previous updates:
* [38]Conectiva (August 13, 2001)
* [39]Debian (August 12, 2001)
* [40]Mandrake (August 31, 2001)
* [41]Progeny (August 14, 2001)
Resources
Port list available. Kurt Seifried has [42]released a comprehensive
list of TCP and UDP ports, including 363 known trojan ports.
By the numbers: Comparing Windows security to Linux (TechRepublic).
TechRepublic uses [43]BugTraq reports to determine just [44]how secure
Linux is versus Microsoft, and the numbers are not tilted the way you
might think. "As these numbers illustrate, Windows NT 4.0 was the
leader in bugs identified during 2000. But Linux was not far behind.
And in 2001, Windows 2000 has stabilized a bit and is actually running
in the middle of the pack." A free registration is required to access
this article. (Thanks to Sean Walton)
Events
Upcoming Security Events.
Date Event Location
September 28 - 30, 2001 [45]Canadian Association for Security and
Intelligence Studies(CASIS 2001) (Dalhousie University)Halifax, Nova
Scotia, Canada.
October 10 - 12, 2001 [46]Fourth International Symposium on Recent
Advances in Intrusion Detection(RAID 2001) Davis, CA
November 5 - 8, 2001 [47]8th ACM Conference on Computer and
Communication Security(CCS-8) Philadelphia, PA, USA
November 13 - 15, 2001 [48]International Conference on Information and
Communications Security(ICICS 2001) Xian, China
November 21 - 23, 2001 [49]International Information Warfare Symposium
AAL, Lucerne, Swizerland.
November 24 - 30, 2001 [50]Computer Security Mexico Mexico City
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [51]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [52]lwn@lwn.net.
Section Editor: [53]Jonathan Corbet
September 27, 2001
[54]Click Here
LWN Resources
[55]Security alerts archive
Secured Distributions:
[56]Blue Linux
[57]Castle
[58]Engarde Secure Linux
[59]Immunix
[60]Kaladix Linux
[61]NSA Security Enhanced
[62]Openwall GNU/Linux
[63]Trustix
Security Projects
[64]Bastille
[65]Linux Security Audit Project
[66]Linux Security Module
[67]OpenSSH
Security List Archives
[68]Bugtraq Archive
[69]Firewall Wizards Archive
[70]ISN Archive
Distribution-specific links
[71]Caldera Advisories
[72]Conectiva Updates
[73]Debian Alerts
[74]Kondara Advisories
[75]Esware Alerts
[76]LinuxPPC Security Updates
[77]Mandrake Updates
[78]Red Hat Errata
[79]SuSE Announcements
[80]Yellow Dog Errata
BSD-specific links
[81]BSDi
[82]FreeBSD
[83]NetBSD
[84]OpenBSD
Security mailing lists [85]Caldera
[86]Cobalt
[87]Conectiva
[88]Debian
[89]Esware
[90]FreeBSD
[91]Kondara
[92]LASER5
[93]Linux From Scratch
[94]Linux-Mandrake
[95]NetBSD
[96]OpenBSD
[97]Red Hat
[98]Slackware
[99]Stampede
[100]SuSE
[101]Trustix
[102]turboLinux
[103]Yellow Dog
Security Software Archives
[104]munitions
[105]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[106]CERT
[107]CIAC
[108]Comp Sec News Daily
[109]Crypto-GRAM
[110]LinuxLock.org
[111]LinuxSecurity.com
[112]OpenSEC
[113]Security Focus
[114]SecurityPortal
[115]Next: Kernel
[116]Eklektix, Inc. Linux powered! Copyright Л 2001 [117]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
3. http://lwn.net/2001/0927/
4. http://lwn.net/2001/0927/kernel.php3
5. http://lwn.net/2001/0927/dists.php3
6. http://lwn.net/2001/0927/desktop.php3
7. http://lwn.net/2001/0927/devel.php3
8. http://lwn.net/2001/0927/commerce.php3
9. http://lwn.net/2001/0927/press.php3
10. http://lwn.net/2001/0927/announce.php3
11. http://lwn.net/2001/0927/history.php3
12. http://lwn.net/2001/0927/letters.php3
13. http://lwn.net/2001/0927/bigpage.php3
14. http://lwn.net/2001/0920/security.php3
15. http://lwn.net/2001/0927/a/phpnuke.php3
16. http://lwn.net/2001/0927/a/phpnuke-fix.php3
17. http://lwn.net/2001/0927/a/pam-sql.php3
18. http://lwn.net/2001/0927/a/crypto-gram.php3
19. http://lwn.net/alerts/Debian/DSA-078-1.php3
20. http://lwn.net/alerts/Debian/DSA-077-1.php3
21. http://lwn.net/alerts/Conectiva/CLA-2001:426.php3
22. http://lwn.net/alerts/Debian/DSA-077-1.php3
23. http://lwn.net/2001/0927/a/hylafax.php3
24. http://lwn.net/alerts/RedHat/RHSA-2001:110-05.php3
25. http://lwn.net/2001/0927/a/websphere.php3
26. http://www.cisco.com/warp/public/707/SSH-multiple-pub.html
27. http://www.securityfocus.com/archive/1/190136
28. http://www.securityfocus.com/bid/2872
29. http://lwn.net/2001/0621/security.php3
30. http://lwn.net/alerts/RedHat/RHSA-2001:072-14.php3
31. http://lwn.net/2001/0913/security.php3#uucp
32. http://lwn.net/alerts/Debian/DSA-079-1.php3
33. http://lwn.net/alerts/Mandrake/MDKSA-2001:078.php3
34. http://lwn.net/alerts/Conectiva/CLA-2001:425.php3
35. http://lwn.net/alerts/Caldera/CSSA-2001-033.0.php3
36. http://lwn.net/2001/0816/security.php3
37. http://lwn.net/alerts/SuSE/SuSE-SA:2001:032.php3
38. http://lwn.net/alerts/Conectiva/CLA-2001:411.php3
39. http://lwn.net/alerts/Debian/DSA-074-1.php3
40. http://lwn.net/alerts/Mandrake/MDKSA-2001:074.php3
41. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-32.php3
42. http://lwn.net/2001/0927/a/ports-list.php3
43. http://www.securityfocus.com/
44.
http://www.techrepublic.com/article.jhtml?id=r00220010917mco01.htm&fromtm=e102-3
45. http://www.sfu.ca/igs/CASIS/
46. http://www.raid-symposium.org/Raid2001
47. http://www.bell-labs.com/user/reiter/ccs8/
48. http://homex.coolconnect.com/member2/icisa/icics2001.html
49. http://www.sympinfowarfare.ch/
50. http://www.seguridad2001.unam.mx/
51. http://securityfocus.com/calendar
52. mailto:lwn@lwn.net
53. mailto:lwn@lwn.net
54. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
55. http://lwn.net/alerts/
56. http://bluelinux.sourceforge.net/
57. http://castle.altlinux.ru/
58. http://www.engardelinux.org/
59. http://www.immunix.org/
60. http://www.kaladix.org/
61. http://www.nsa.gov/selinux/
62. http://www.openwall.com/Owl/
63. http://www.trustix.com/
64. http://www.bastille-linux.org/
65. http://lsap.org/
66. http://lsm.immunix.org/
67. http://www.openssh.com/
68. http://www.securityfocus.com/bugtraq/archive/
69. http://www.nfr.net/firewall-wizards/
70. http://www.jammed.com/Lists/ISN/
71. http://www.calderasystems.com/support/security/
72. http://www.conectiva.com.br/atualizacoes/
73. http://www.debian.org/security/
74. http://www.kondara.org/errata/k12-security.html
75. http://www.esware.com/actualizaciones.html
76. http://linuxppc.org/security/advisories/
77. http://www.linux-mandrake.com/en/fupdates.php3
78. http://www.redhat.com/support/errata/index.html
79. http://www.suse.de/security/index.html
80. http://www.yellowdoglinux.com/resources/errata.shtml
81. http://www.BSDI.COM/services/support/patches/
82. http://www.freebsd.org/security/security.html
83. http://www.NetBSD.ORG/Security/
84. http://www.openbsd.org/security.html
85. http://www.calderasystems.com/support/forums/announce.html
86. http://www.cobalt.com/support/resources/usergroups.html
87. http://distro.conectiva.com.br/atualizacoes/
88. http://www.debian.org/MailingLists/subscribe
89. http://www.esware.com/lista_correo.html
90. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
91. http://www.kondara.org/mailinglist.html.en
92. http://l5web.laser5.co.jp/ml/ml.html
93. http://www.linuxfromscratch.org/services/mailinglistinfo.php
94. http://www.linux-mandrake.com/en/flists.php3
95. http://www.netbsd.org/MailingLists/
96. http://www.openbsd.org/mail.html
97. http://www.redhat.com/mailing-lists/
98. http://www.slackware.com/lists/
99. http://www.stampede.org/mailinglists.php3
100. http://www.suse.com/en/support/mailinglists/index.html
101. http://www.trustix.net/support/
102. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
103. http://lists.yellowdoglinux.com/ydl_updates.shtml
104. http://munitions.vipul.net/
105. http://www.zedz.net/
106. http://www.cert.org/nav/alerts.html
107. http://ciac.llnl.gov/ciac/
108. http://www.MountainWave.com/
109. http://www.counterpane.com/crypto-gram.html
110. http://linuxlock.org/
111. http://linuxsecurity.com/
112. http://www.opensec.net/
113. http://www.securityfocus.com/
114. http://www.securityportal.com/
115. http://lwn.net/2001/0927/kernel.php3
116. http://www.eklektix.com/
117. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
Архивное /ru.linux/19861856d3b55.html, оценка из 5, голосов 10
|