Главная страница


ru.linux

 
 - RU.LINUX ---------------------------------------------------------------------
 From : Sergey Lentsov                       2:4615/71.10   27 Sep 2001  17:28:42
 To : All
 Subject : URL: http://www.lwn.net/2001/0927/security.php3
 -------------------------------------------------------------------------------- 
 
    [1][LWN Logo] 
    
                                [2]Click Here 
    [LWN.net]
    
    Sections:
     [3]Main page
     Security
     [4]Kernel
     [5]Distributions
     [6]On the Desktop
     [7]Development
     [8]Commerce
     [9]Linux in the news
     [10]Announcements
     [11]Linux History
     [12]Letters
    [13]All in one big page
    
    See also: [14]last week's Security page.
    
 Security
 
 News and Editorials
 
    Serious vulnerability in PHPNuke. PHPNuke 5.2 has [15]an embarrassing
    vulnerability in its file manager function that can allow the creation
    and overwriting of arbitrary files on the server system. The advisory
    contains a quick source-level fix; a [16]simpler fix was also posted.
    Note that PostNuke 0.63 appears not to be vulnerable.
    
    More SQL code injection problems. [17]This RUS-CERT advisory describes
    a new range of SQL code injection vulnerabilities. This time the
    problem is with the PAM and NSS libraries shipped with most Linux (and
    Unix) systems. Through the use of properly-crafted usernames and
    passwords, an attacker can cause arbitrary SQL code to be executed.
    This, in turn, can lead to database corruption and unauthorized
    access.
    
    No vendor updates for the affected modules are yet available.
    
    CRYPTO-GRAM for September. For those who haven't yet seen it: Bruce
    Schneier's [18]CRYPTO-GRAM Newsletter for September covers the
    September 11 attacks and several other topics.
    
 Security Reports
 
    OpenSSH restricted command vulnerability. OpenSSH 2.9 and 2.9p2 are
    subject to unauthorized access problems in certain scenarios. If you
    are using authorized key pairs to provide remote access, and have
    restricted the commands that may be executed via that key pair, and
    have the sftp capability enabled, the command restrictions can be
    evaded. The result can be access to a shell on the server system even
    though that access had been explicitly denied. The fix, for now,
    exists only in the OpenSSH cvs archive; concerned administrators
    should update to the cvs version, or simply disable sftp.
    
    slrn executes shell code. The Debian Project has released [19]a
    security update to slrn fixing an interesting problem: evidently slrn
    will execute any shell code it finds within an article, on the theory
    that the article is a self-extracting archive. This may have been
    desirable behavior in 1982, but it presents certain difficulties in
    modern times. Users of slrn should apply the update; none have yet
    been seen from other distributors.
    
    Minor DOS problem with squid. Also from Debian is [20]this update to
    squid. Evidently a malformed FTP PUT command can cause the server to
    restart. The problem has been fixed in version 2.2.5-3.2.
    
    Updates seen so far:
      * [21]Conectiva (September 26, 2001)
      * [22]Debian (September 24, 2001)
        
    Format string problems in HylaFax. The HylaFax package has [23]some
    format string vulnerabilities. On some systems (i.e. FreeBSD), the
    affected binaries are installed setuid uucp, and could thus provide
    unauthorized access to the system. Most Linux systems seem to not
    install HylaFax with added privileges, however.
    
    Filename vulnerability in Red Hat's serial init script. Red Hat has
    issued [24]an alert warning of a potential vulnerability with the
    setserial package. This one is obscure: you must have installed
    setserial, copied the init script from the documentation directory
    over to /etc/rc.d/init.d, and built your own kernel with serial
    support installed as a module. If you've done all those things, there
    is a potential problem with predictable temporary file names. Most
    users, it is expected, need not worry about this one.
    
    Proprietary products.
    The following proprietary products were reported to contain
    vulnerabilities:
      * There is [25]a vulnerability in IBM's WebSphere 4.0 session ID
        generation. Session IDs are generated in a predictable way,
        meaning that an attacker could obtain access to another user's
        session. A fix is available from IBM.
      * Cisco has issued [26]a fix for a number of SSH vulnerabilities.
    
 Updates
 
    Source page buffer overflow in man zen-parse reported a [27]buffer
    overflow in man that, when manual pages begin with a '.so' statement,
    may be exploited to execute arbitrary code under the 'man' group id.
    For more details, check BugTraq ID [28]2872. (First reported in the
    [29]June 21 LWN security page).
    
    New updates:
      * [30]Red Hat (September 6, 2001)
        
    Uucp local user exploits. There is a vulnerability in the command-line
    argument handling of uucp which can be exploited by a local user to
    obtain uid/gid uucp. See [31]the September 13, 2001 LWN security page
    for the initial report.
    
    New updates:
      * [32]Debian (September 24, 2001)
      * [33]Mandrake (September 21, 2001)
        
    Previous updates:
      * [34]Conectiva (September 11, 2001)
      * [35]Caldera (September 7, 2001)
        
    Buffer overruns in Window Maker A buffer overrun exists in Window
    Maker which could, conceivably, be exploited remotely if the user runs
    a hostile application. This problem initially appeared in the
    [36]August 16, 2001 LWN security page.
    
    New updates:
      * [37]SuSE (September 20, 2001)
        
    Previous updates:
      * [38]Conectiva (August 13, 2001)
      * [39]Debian (August 12, 2001)
      * [40]Mandrake (August 31, 2001)
      * [41]Progeny (August 14, 2001)
        
 Resources
 
    Port list available. Kurt Seifried has [42]released a comprehensive
    list of TCP and UDP ports, including 363 known trojan ports.
    
    By the numbers: Comparing Windows security to Linux (TechRepublic).
    TechRepublic uses [43]BugTraq reports to determine just [44]how secure
    Linux is versus Microsoft, and the numbers are not tilted the way you
    might think. "As these numbers illustrate, Windows NT 4.0 was the
    leader in bugs identified during 2000. But Linux was not far behind.
    And in 2001, Windows 2000 has stabilized a bit and is actually running
    in the middle of the pack." A free registration is required to access
    this article. (Thanks to Sean Walton)
    
 Events
 
    Upcoming Security Events.
    
    Date Event Location
    September 28 - 30, 2001 [45]Canadian Association for Security and
    Intelligence Studies(CASIS 2001) (Dalhousie University)Halifax, Nova
    Scotia, Canada.
    October 10 - 12, 2001 [46]Fourth International Symposium on Recent
    Advances in Intrusion Detection(RAID 2001) Davis, CA
    November 5 - 8, 2001 [47]8th ACM Conference on Computer and
    Communication Security(CCS-8) Philadelphia, PA, USA
    November 13 - 15, 2001 [48]International Conference on Information and
    Communications Security(ICICS 2001) Xian, China
    November 21 - 23, 2001 [49]International Information Warfare Symposium
    AAL, Lucerne, Swizerland.
    November 24 - 30, 2001 [50]Computer Security Mexico Mexico City
    
    For additional security-related events, included training courses
    (which we don't list above) and events further in the future, check
    out Security Focus' [51]calendar, one of the primary resources we use
    for building the above list. To submit an event directly to us, please
    send a plain-text message to [52]lwn@lwn.net.
    
    Section Editor: [53]Jonathan Corbet
    September 27, 2001
    
                               [54]Click Here 
    LWN Resources
    [55]Security alerts archive
    Secured Distributions:
    [56]Blue Linux
    [57]Castle
    [58]Engarde Secure Linux
    [59]Immunix
    [60]Kaladix Linux
    [61]NSA Security Enhanced
    [62]Openwall GNU/Linux
    [63]Trustix
    Security Projects
    [64]Bastille
    [65]Linux Security Audit Project
    [66]Linux Security Module
    [67]OpenSSH
    Security List Archives
    [68]Bugtraq Archive
    [69]Firewall Wizards Archive
    [70]ISN Archive
    Distribution-specific links
    [71]Caldera Advisories
    [72]Conectiva Updates
    [73]Debian Alerts
    [74]Kondara Advisories
    [75]Esware Alerts
    [76]LinuxPPC Security Updates
    [77]Mandrake Updates
    [78]Red Hat Errata
    [79]SuSE Announcements
    [80]Yellow Dog Errata
    BSD-specific links
    [81]BSDi
    [82]FreeBSD
    [83]NetBSD
    [84]OpenBSD
    Security mailing lists [85]Caldera
    [86]Cobalt
    [87]Conectiva
    [88]Debian
    [89]Esware
    [90]FreeBSD
    [91]Kondara
    [92]LASER5
    [93]Linux From Scratch
    [94]Linux-Mandrake
    [95]NetBSD
    [96]OpenBSD
    [97]Red Hat
    [98]Slackware
    [99]Stampede
    [100]SuSE
    [101]Trustix
    [102]turboLinux
    [103]Yellow Dog
    Security Software Archives
    [104]munitions
    [105]ZedZ.net (formerly replay.com)
    Miscellaneous Resources
    [106]CERT
    [107]CIAC
    [108]Comp Sec News Daily
    [109]Crypto-GRAM
    [110]LinuxLock.org
    [111]LinuxSecurity.com
    [112]OpenSEC
    [113]Security Focus
    [114]SecurityPortal
    
    
                                                         [115]Next: Kernel
    
    [116]Eklektix, Inc. Linux powered! Copyright Л 2001 [117]Eklektix,
    Inc., all rights reserved
    Linux (R) is a registered trademark of Linus Torvalds
 
 References
 
    1. http://lwn.net/
    2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
    3. http://lwn.net/2001/0927/
    4. http://lwn.net/2001/0927/kernel.php3
    5. http://lwn.net/2001/0927/dists.php3
    6. http://lwn.net/2001/0927/desktop.php3
    7. http://lwn.net/2001/0927/devel.php3
    8. http://lwn.net/2001/0927/commerce.php3
    9. http://lwn.net/2001/0927/press.php3
   10. http://lwn.net/2001/0927/announce.php3
   11. http://lwn.net/2001/0927/history.php3
   12. http://lwn.net/2001/0927/letters.php3
   13. http://lwn.net/2001/0927/bigpage.php3
   14. http://lwn.net/2001/0920/security.php3
   15. http://lwn.net/2001/0927/a/phpnuke.php3
   16. http://lwn.net/2001/0927/a/phpnuke-fix.php3
   17. http://lwn.net/2001/0927/a/pam-sql.php3
   18. http://lwn.net/2001/0927/a/crypto-gram.php3
   19. http://lwn.net/alerts/Debian/DSA-078-1.php3
   20. http://lwn.net/alerts/Debian/DSA-077-1.php3
   21. http://lwn.net/alerts/Conectiva/CLA-2001:426.php3
   22. http://lwn.net/alerts/Debian/DSA-077-1.php3
   23. http://lwn.net/2001/0927/a/hylafax.php3
   24. http://lwn.net/alerts/RedHat/RHSA-2001:110-05.php3
   25. http://lwn.net/2001/0927/a/websphere.php3
   26. http://www.cisco.com/warp/public/707/SSH-multiple-pub.html
   27. http://www.securityfocus.com/archive/1/190136
   28. http://www.securityfocus.com/bid/2872
   29. http://lwn.net/2001/0621/security.php3
   30. http://lwn.net/alerts/RedHat/RHSA-2001:072-14.php3
   31. http://lwn.net/2001/0913/security.php3#uucp
   32. http://lwn.net/alerts/Debian/DSA-079-1.php3
   33. http://lwn.net/alerts/Mandrake/MDKSA-2001:078.php3
   34. http://lwn.net/alerts/Conectiva/CLA-2001:425.php3
   35. http://lwn.net/alerts/Caldera/CSSA-2001-033.0.php3
   36. http://lwn.net/2001/0816/security.php3
   37. http://lwn.net/alerts/SuSE/SuSE-SA:2001:032.php3
   38. http://lwn.net/alerts/Conectiva/CLA-2001:411.php3
   39. http://lwn.net/alerts/Debian/DSA-074-1.php3
   40. http://lwn.net/alerts/Mandrake/MDKSA-2001:074.php3
   41. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-32.php3
   42. http://lwn.net/2001/0927/a/ports-list.php3
   43. http://www.securityfocus.com/
   44.
 http://www.techrepublic.com/article.jhtml?id=r00220010917mco01.htm&fromtm=e102-3
   45. http://www.sfu.ca/igs/CASIS/
   46. http://www.raid-symposium.org/Raid2001
   47. http://www.bell-labs.com/user/reiter/ccs8/
   48. http://homex.coolconnect.com/member2/icisa/icics2001.html
   49. http://www.sympinfowarfare.ch/
   50. http://www.seguridad2001.unam.mx/
   51. http://securityfocus.com/calendar
   52. mailto:lwn@lwn.net
   53. mailto:lwn@lwn.net
   54. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
   55. http://lwn.net/alerts/
   56. http://bluelinux.sourceforge.net/
   57. http://castle.altlinux.ru/
   58. http://www.engardelinux.org/
   59. http://www.immunix.org/
   60. http://www.kaladix.org/
   61. http://www.nsa.gov/selinux/
   62. http://www.openwall.com/Owl/
   63. http://www.trustix.com/
   64. http://www.bastille-linux.org/
   65. http://lsap.org/
   66. http://lsm.immunix.org/
   67. http://www.openssh.com/
   68. http://www.securityfocus.com/bugtraq/archive/
   69. http://www.nfr.net/firewall-wizards/
   70. http://www.jammed.com/Lists/ISN/
   71. http://www.calderasystems.com/support/security/
   72. http://www.conectiva.com.br/atualizacoes/
   73. http://www.debian.org/security/
   74. http://www.kondara.org/errata/k12-security.html
   75. http://www.esware.com/actualizaciones.html
   76. http://linuxppc.org/security/advisories/
   77. http://www.linux-mandrake.com/en/fupdates.php3
   78. http://www.redhat.com/support/errata/index.html
   79. http://www.suse.de/security/index.html
   80. http://www.yellowdoglinux.com/resources/errata.shtml
   81. http://www.BSDI.COM/services/support/patches/
   82. http://www.freebsd.org/security/security.html
   83. http://www.NetBSD.ORG/Security/
   84. http://www.openbsd.org/security.html
   85. http://www.calderasystems.com/support/forums/announce.html
   86. http://www.cobalt.com/support/resources/usergroups.html
   87. http://distro.conectiva.com.br/atualizacoes/
   88. http://www.debian.org/MailingLists/subscribe
   89. http://www.esware.com/lista_correo.html
   90. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
   91. http://www.kondara.org/mailinglist.html.en
   92. http://l5web.laser5.co.jp/ml/ml.html
   93. http://www.linuxfromscratch.org/services/mailinglistinfo.php
   94. http://www.linux-mandrake.com/en/flists.php3
   95. http://www.netbsd.org/MailingLists/
   96. http://www.openbsd.org/mail.html
   97. http://www.redhat.com/mailing-lists/
   98. http://www.slackware.com/lists/
   99. http://www.stampede.org/mailinglists.php3
  100. http://www.suse.com/en/support/mailinglists/index.html
  101. http://www.trustix.net/support/
  102. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
  103. http://lists.yellowdoglinux.com/ydl_updates.shtml
  104. http://munitions.vipul.net/
  105. http://www.zedz.net/
  106. http://www.cert.org/nav/alerts.html
  107. http://ciac.llnl.gov/ciac/
  108. http://www.MountainWave.com/
  109. http://www.counterpane.com/crypto-gram.html
  110. http://linuxlock.org/
  111. http://linuxsecurity.com/
  112. http://www.opensec.net/
  113. http://www.securityfocus.com/
  114. http://www.securityportal.com/
  115. http://lwn.net/2001/0927/kernel.php3
  116. http://www.eklektix.com/
  117. http://www.eklektix.com/
 
 --- ifmail v.2.14.os7-aks1
  * Origin: Unknown (2:4615/71.10@fidonet)
 
 

Вернуться к списку тем, сортированных по: возрастание даты  уменьшение даты  тема  автор 

 Тема:    Автор:    Дата:  
 URL: http://www.lwn.net/2001/0927/security.php3   Sergey Lentsov   27 Sep 2001 17:28:42 
Архивное /ru.linux/19861856d3b55.html, оценка 3 из 5, голосов 10
Яндекс.Метрика
Valid HTML 4.01 Transitional