|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Sergey Lentsov 2:4615/71.10 13 Sep 2001 16:25:24
To : All
Subject : URL: http://www.lwn.net/2001/0913/security.php3
--------------------------------------------------------------------------------
[1][LWN Logo]
[2]Click Here
[LWN.net]
Sections:
[3]Main page
Security
[4]Kernel
[5]Distributions
[6]On the Desktop
[7]Development
[8]Commerce
[9]Linux in the news
[10]Announcements
[11]Linux History
[12]Letters
[13]All in one big page
See also: [14]last week's Security page.
Security
News and Editorials
With the recent terrorist attacks in New York City and Washington
D.C., security advisors are recommending that now is a good time to be
on the lookout for cyber attacks, which have reportedly increased by
an order of magnitude. The usual monitoring of log files is
recommended, and the latest patches should be applied to all
vulnerable software.
Security workers: Copyright law stifles. C|Net is running [15]an
article on the effects of the DMCA law on writers of security code.
Security software developers are wary of lawsuits and are removing
projects from distribution.
First open virus scanner released. The [16]OpenAntivirus Project has
been announced, and has produced an open source anti virus scanner.
Currently the scanner can detect 5 different viruses with 11 variants.
(Thanks to Lenz Grimmer)
Introducing ssh-agent and keychain (IBM developerWorks). IBM's
developerWorks introduces readers to the [17]ssh-agent and keychain
utilities. "ssh-agent, included with the OpenSSH distribution, is a
special program designed to make dealing with RSA and DSA keys both
pleasant and secure...[and] for the sole purpose of caching your
decrypted private keys."
New Unix worm could be next Code Red (ZDNet). A new worm known as X.C
apparently [18]exploits a hole in the telnet daemon according to this
ZDNet article. Telnet is, of course, already vulnerable to clear text
password sniffing and sites concerned with security usually replace it
with ssh.
Linux Trojan spotted in the wild (Register). The Register reports on
another [19]Linux-based Trojan known as Remote Shell, which should not
be confused with the ancient rsh utility. "Qualys suggests Remote
Shell can be disseminated by inconspicuous emails and replicates
itself on the infected Linux-based system. The Trojan installs a
backdoor that listens for incoming connections on UDP port 5503 or
higher, enabling remote attackers to connect and take control of the
system."
Security Reports
Red Hat advisory for bugzilla. Red Hat has posted their advisory for
bugzilla. See: [20]Red Hat (September 10, 2001)
. This advisory addresses several security problems with bugzilla in
which valid users can obtain confidential data without authorization,
also addresses a problem where parameters were not being checked
properly.
Conectiva security update to mailman. Conectiva has issued a security
update to mailman which fixes a number of vulnerabilities, some fairly
old. See: [21]Conectiva (September 5, 2001)
Uucp local user exploits. There is a vulnerability in the command-line
argument handling of uucp which can be exploited by a local user to
obtain uid/gid uucp. The following updates address the problem:
* [22]Conectiva (September 11, 2001)
[23]Caldera (September 7, 2001)
Red Hat advisory for xinetd. After doing a security audit of xinetd,
Red hat has released an update to the package that fixes some
discovered problems. [24]Red Hat (September 7, 2001)
.
Updates
Apache-contrib command injection vulnerability. The Apache module
mod_auth_mysql 1.4 was found vulnerable to possible bypass
authentication by MySQL command injection. See [25]last week's LWN
security page for a discussion of the SQL injection problems with a
number of Apache modules.
This week's updates:
* [26]Conectiva (September 6, 2001)
[27]SuSE (September 10, 2001)
Buffer overrun vulnerabilities in fetchmail. (Found by Salvatore
Sanfilippo). Two buffer overrun vulnerabilities exist in the much-used
fetchmail program. Given a hostile server, arbitrary code can be run
on the system running fetchmail. The solution is to upgrade to
fetchmail 5.8.17. See [28]the August 16 Security page for the initial
report.
This week's updates:
[29]Red Hat (September 6, 2001)
Previous updates:
* [30]Conectiva (September 5, 2001)
[31]Debian (August 10, 2001)
[32]EnGarde (August 16, 2001)
[33]Mandrake (August 31, 2001)
[34]Progeny (August 14, 2001)
[35]SuSE (August 16, 2001)
Format string vulnerability in groff. A format string problem exists
in groff; apparently it could be remotely exploited when it is
configured to be used with the lpd printing system.
Previous updates:
* [36]Debian (August 10, 2001)
[37]Progeny (August 16, 2001) Vulnerabilities in Horde IMP Horde IMP
has several vulnerabilities which are fixed in version 2.2.6; see
Bugtraq ID's [38]3066, [39]3079, [40]3082, and [41]3083 for more
details.
Previous updates:
* [42]Caldera (August 2)
* [43]Conectiva (August 2)
* [44]Debian (August 11, 2001)
[45]Progeny (August 14, 2001)
Linux Kernel 2.4 Netfilter/IPTables vulnerability.
Check the [46]April 19 LWN Security Summary for the original report.
The NetFilter team has provided [47]a patch for Linux 2.4.3.
Previous updates:
* [48]Mandrake (August 28, 2001)
[49]Progeny (May 17)
[50]Red Hat (June 21), 7.1, default configuration not vulnerable
Denial of service vulnerability in OpenLDAP This problem was first
identified in [51]a CERT advisory issued in July, 2001. It was covered
in the [52]July 19, 2001 LWN security page.
Previous updates:
* [53]Conectiva (August 29, 2001)
[54]Debian (August 9, 2001)
[55]Mandrake (August 13, 2001)
[56]Progeny (August 14, 2001)
[57]Red Hat (August 9, 2001)
[58]Yellow Dog (August 10, 2001) OpenSSL Pseudo-random number
generator weakness A weakness has been discovered in the OpenSSL
Pseudo random number generator that can allow an attacker to discover
the PNRG's state and predict future values. (First reported
[59]July 12).
Previous updates:
* [60]Conectiva (August 30, 2001)
[61]EnGarde (July 12)
[62]Progeny (August 14, 2001)
[63]Trustix (July 12) Procmail race conditions. See [64]the July 26
Security page for the initial report.
Previous updates:
* [65]Red Hat (July 26)
* [66]Yellow Dog (July 25, 2001)
Input validation problem with sendmail. An input validation error
exists in versions of sendmail prior to 8.11.6 (or 8.12.0Beta19) which
may be exploited by local users to obtain root access. See [67]the
August 23 Security Page for the initial report.
This week's updates:
* [68]Mandrake (August 31, 2001)
[69]Red Hat (September 6, 2001) Previous updates:
* [70]Caldera (August 24, 2001)
[71]Conectiva (August 23, 2001)
[72]Debian (not vulnerable).
[73]Immunix (August 23, 2001)
[74]Slackware (August 27, 2001)
[75]SuSE (August 23, 2001) SQL injection vulnerabilities in Apache
authentication modules. Several Apache authentication modules have
vulnerabilities that could allow an attacker to feed arbitrary SQL
code to the underlying database, resulting in a compromise of database
integrity and unauthorized access to the server. See [76]the
September 6 security page for more information.
This week's updates:
* [77]Conectiva (September 6, 2001)
Squid httpd acceleration ACL vulnerability. This vulnerability could
result in unauthorized access to the squid server. See the [78]July 26
Security page for details.
This week's updates:
* [79]Yellow Dog (July 25, 2001)
Previous updates:
* [80]Caldera (August 9)
* [81]Linux-Mandrake (August 2)
* [82]Immunix (July 26)
* [83]Trustix (July 26)
* [84]Red Hat (July 26)
Multiple vendor telnetd vulnerability. This vulnerability, originally
thought to be confined to BSD-derived systems, was first covered in
the [85]July 26th Security Summary. It is now known that Linux telnet
daemons are vulnerable as well.
Previous updates:
* [86]Caldera (August 10, 2001)
[87]Conectiva (August 24, 2001)
[88]Debian (August 14, 2001) (SSL version)
[89]Debian (August 14, 2001) (Update for Sparc version)
[90]Mandrake (August 13, 2001)
[91]Progeny (August 14, 2001)
[92]Red Hat (August 9, 2001)
[93]Red Hat (August 9, 2001) (kerberos version).
[94]Slackware (August 9, 2001)
[95]SuSE (September 3, 2001)
[96]Yellow Dog (August 10, 2001)
[97]Yellow Dog (August 10, 2001) (kerberos version).
Buffer overruns in Window Maker A buffer overrun exists in Window
Maker which could, conceivably, be exploited remotely if the user runs
a hostile application. This problem initially appeared in the
[98]August 16, 2001 LWN security page.
Previous updates:
* [99]Conectiva (August 13, 2001)
[100]Debian (August 12, 2001)
[101]Mandrake (August 31, 2001)
[102]Progeny (August 14, 2001) Buffer overflows in xloadimage This
problem was first covered in the [103]July 12 Security page.
This week's updates:
* [104]Mandrake (September 12, 2001)
Previous updates:
* [105]Conectiva (August 28, 2001)
[106]Debian (August 9, 2001)
[107]Mandrake (August 31, 2001)
[108]Progeny (August 14, 2001)
[109]Red Hat (July 12)
[110]SuSE (July 26)
[111]Yellow Dog (July 25, 2001)
Resources
Events
Upcoming Security Events.
Date Event Location
September 13, 2001 [112]New Security Paradigms Workshop 2001(NSPW)
Cloudcroft, New Mexico, USA
September 28 - 30, 2001 [113]Canadian Association for Security and
Intelligence Studies(CASIS 2001) (Dalhousie University)Halifax, Nova
Scotia, Canada.
October 10 - 12, 2001 [114]Fourth International Symposium on Recent
Advances in Intrusion Detection(RAID 2001) Davis, CA
November 5 - 8, 2001 [115]8th ACM Conference on Computer and
Communication Security(CCS-8) Philadelphia, PA, USA
November 13 - 15, 2001 [116]International Conference on Information
and Communications Security(ICICS 2001) Xian, China
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [117]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [118]lwn@lwn.net.
Section Editor: [119]Forrest Cook
September 13, 2001
[120]Click Here
LWN Resources
[121]Security alerts archive
Secured Distributions:
[122]Blue Linux
[123]Castle
[124]Engarde Secure Linux
[125]Immunix
[126]Kaladix
[127]NSA Security Enhanced
[128]Openwall GNU/Linux
[129]Trustix
Security Projects
[130]Bastille
[131]Linux Security Audit Project
[132]Linux Security Module
[133]OpenSSH
Security List Archives
[134]Bugtraq Archive
[135]Firewall Wizards Archive
[136]ISN Archive
Distribution-specific links
[137]Caldera Advisories
[138]Conectiva Updates
[139]Debian Alerts
[140]Kondara Advisories
[141]Esware Alerts
[142]LinuxPPC Security Updates
[143]Mandrake Updates
[144]Red Hat Errata
[145]SuSE Announcements
[146]Yellow Dog Errata
BSD-specific links
[147]BSDi
[148]FreeBSD
[149]NetBSD
[150]OpenBSD
Security mailing lists [151]Caldera
[152]Cobalt
[153]Conectiva
[154]Debian
[155]Esware
[156]FreeBSD
[157]Kondara
[158]LASER5
[159]Linux From Scratch
[160]Linux-Mandrake
[161]NetBSD
[162]OpenBSD
[163]Red Hat
[164]Slackware
[165]Stampede
[166]SuSE
[167]Trustix
[168]turboLinux
[169]Yellow Dog
Security Software Archives
[170]munitions
[171]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[172]CERT
[173]CIAC
[174]Comp Sec News Daily
[175]Crypto-GRAM
[176]LinuxLock.org
[177]LinuxSecurity.com
[178]OpenSEC
[179]Security Focus
[180]SecurityPortal
[181]Next: Kernel
[182]Eklektix, Inc. Linux powered! Copyright Л 2001 [183]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
3. http://lwn.net/2001/0913/
4. http://lwn.net/2001/0913/kernel.php3
5. http://lwn.net/2001/0913/dists.php3
6. http://lwn.net/2001/0913/desktop.php3
7. http://lwn.net/2001/0913/devel.php3
8. http://lwn.net/2001/0913/commerce.php3
9. http://lwn.net/2001/0913/press.php3
10. http://lwn.net/2001/0913/announce.php3
11. http://lwn.net/2001/0913/history.php3
12. http://lwn.net/2001/0913/letters.php3
13. http://lwn.net/2001/0913/bigpage.php3
14. http://lwn.net/2001/0906/security.php3
15. http://news.cnet.com/news/0-1003-200-7079519.html
16. http://lwn.net/2001/0913/a/openantivirus.php3
17.
http://www-106.ibm.com/developerworks/linux/library/l-keyc2/?open&l=252,t=grl,p=
ossh2
18. http://www.zdnet.com/zdnn/stories/news/0,4586,2811517,00.html
19. http://www.theregister.co.uk/content/56/21538.html
20. http://lwn.net/alerts/RedHat/RHSA-2001:107-07.php3
21. http://lwn.net/alerts/Conectiva/CLA-2001:420.php3
22. http://lwn.net/alerts/Conectiva/CLA-2001:425.php3
23. http://lwn.net/alerts/Caldera/CSSA-2001-033.0.php3
24. http://lwn.net/alerts/RedHat/RHSA-2001:109-05.php3
25. http://lwn.net/2001/0906/security.php3
26. http://lwn.net/alerts/Conectiva/CLA-2001:421.php3
27. http://lwn.net/alerts/SuSE/SuSE-SA:2001:31.php3
28. http://lwn.net/2001/0816/security.php3#fetchmail
29. http://lwn.net/alerts/RedHat/RHSA-2001:103-04.php3
30. http://lwn.net/alerts/Conectiva/CLA-2001:419.php3
31. http://lwn.net/alerts/Debian/DSA-071-1.php3
32. http://lwn.net/alerts/EnGarde/ESA-20010816-01.php3
33. http://lwn.net/alerts/Mandrake/MDKSA-2001:072.php3
34. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-29.php3
35. http://lwn.net/alerts/SuSE/SuSE-SA:2001:026.php3
36. http://lwn.net/alerts/Debian/DSA-072-1.php3
37. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-33.php3
38. http://www.securityfocus.com/bid/3066
39. http://www.securityfocus.com/bid/3079
40. http://www.securityfocus.com/bid/3082
41. http://www.securityfocus.com/bid/3083
42. http://lwn.net/2001/0802/a/caldera-imp.php3
43. http://lwn.net/2001/0802/a/con-imp.php3
44. http://lwn.net/alerts/Debian/DSA-073-1.php3
45. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-28.php3
46. http://lwn.net/2001/0419/security.php3#iptables
47. http://lwn.net/2001/0419/a/sec-iptables.php3
48. http://lwn.net/alerts/Mandrake/MDKSA-2001:071.php3
49. http://lwn.net/2001/0517/a/progeny-netfilter.php3
50. http://lwn.net/2001/0628/a/rh-2.4.php3
51. http://lwn.net/2001/0719/a/cert-ldap.php3
52. http://lwn.net/2001/0719/security.php3#ldap
53. http://lwn.net/alerts/Conectiva/CLA-2001:417.php3
54. http://lwn.net/alerts/Debian/DSA-068-1.php3
55. http://lwn.net/alerts/Mandrake/MDKSA-2001:069.php3
56. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-30.php3
57. http://lwn.net/alerts/RedHat/RHSA-2001:098-05.php3
58. http://lwn.net/alerts/YellowDog/YDU-20010810-3.php3
59. http://lwn.net/2001/0712/security.php3#openssl
60. http://lwn.net/alerts/Conectiva/CLA-2001:418.php3
61. http://lwn.net/2001/0712/a/eng-openssl.php3
62. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-23.php3
63. http://lwn.net/2001/0712/a/trustix-openssl.php3
64. http://lwn.net/2001/0726/security.php3#procmail
65. http://lwn.net/2001/0726/a/rh-procmail.php3
66. http://lwn.net/alerts/YellowDog/YDU-20010725-12.php3
67. http://lwn.net/2001/0823/security.php3#sendmail
68. http://lwn.net/alerts/Mandrake/MDKSA-2001:075.php3
69. http://lwn.net/alerts/RedHat/RHSA-2001:106-06.php3
70. http://lwn.net/alerts/Caldera/CSSA-2001-032.0.php3
71. http://lwn.net/alerts/Conectiva/CLA-2001:412.php3
72.
http://lists.debian.org/debian-security/2001/debian-security-200109/msg00089.htm
l
73. http://lwn.net/alerts/Immunix/IMNX-2001-70-032-01.php3
74. http://lwn.net/alerts/Slackware/sl-998919787.php3
75. http://lwn.net/alerts/SuSE/SuSE-SA:2001:028.php3
76. http://lwn.net/2001/0906/security.php3
77. http://lwn.net/alerts/Conectiva/CLA-2001:421.php3
78. http://lwn.net/2001/0726/security.php3#squid
79. http://lwn.net/alerts/YellowDog/YDU-20010725-14.php3
80. http://lwn.net/2001/0809/a/caldera-squid.php3
81. http://lwn.net/2001/0802/a/lm-squid.php3
82. http://lwn.net/2001/0726/a/imm-squid.php3
83. http://lwn.net/2001/0726/a/trustix-squid.php3
84. http://lwn.net/2001/0726/a/rh-squid.php3
85. http://lwn.net/2001/0726/security.php3#mtelnetd
86. http://lwn.net/alerts/Caldera/CSSA-2001-030.0.php3
87. http://lwn.net/alerts/Conectiva/CLA-2001:413.php3
88. http://lwn.net/alerts/Debian/DSA-075-1.php3
89. http://lwn.net/alerts/Debian/DSA.php3
90. http://lwn.net/alerts/Mandrake/MDKSA-2001:068.php3
91. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-27.php3
92. http://lwn.net/alerts/RedHat/RHSA-2001:099-06.php3
93. http://lwn.net/alerts/RedHat/RHSA-2001:100-02.php3
94. http://lwn.net/alerts/Slackware/sl-997726350.php3
95. http://lwn.net/alerts/SuSE/SuSE-SA:2001:029.php3
96. http://lwn.net/alerts/YellowDog/YDU-20010810-1.php3
97. http://lwn.net/alerts/YellowDog/YDU-20010810-2.php3
98. http://lwn.net/2001/0816/security.php3
99. http://lwn.net/alerts/Conectiva/CLA-2001:411.php3
100. http://lwn.net/alerts/Debian/DSA-074-1.php3
101. http://lwn.net/alerts/Mandrake/MDKSA-2001:074.php3
102. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-32.php3
103. http://lwn.net/2001/0712/security.php3#xloadimage
104. http://lwn.net/alerts/Mandrake/MDKSA-2001:073-1.php3
105. http://lwn.net/alerts/Conectiva/CLA-2001:415.php3
106. http://lwn.net/alerts/Debian/DSA-069-1.php3
107. http://lwn.net/alerts/Mandrake/MDKSA-2001:073.php3
108. http://lwn.net/alerts/Progeny/PROGENY-SA-2001-31.php3
109. http://lwn.net/2001/0712/a/rh-xloadimage.php3
110. http://lwn.net/2001/0726/a/suse-xli.php3
111. http://lwn.net/alerts/YellowDog/YDU-20010725-11.php3
112. http://www.nspw.org/
113. http://www.sfu.ca/igs/CASIS/
114. http://www.raid-symposium.org/Raid2001
115. http://www.bell-labs.com/user/reiter/ccs8/
116. http://homex.coolconnect.com/member2/icisa/icics2001.html
117. http://securityfocus.com/calendar
118. mailto:lwn@lwn.net
119. mailto:lwn@lwn.net
120. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
121. http://lwn.net/alerts/
122. http://bluelinux.sourceforge.net/
123. http://castle.altlinux.ru/
124. http://www.engardelinux.org/
125. http://www.immunix.org/
126. http://www.maganation.com/~kaladix/
127. http://www.nsa.gov/selinux/
128. http://www.openwall.com/Owl/
129. http://www.trustix.com/
130. http://www.bastille-linux.org/
131. http://lsap.org/
132. http://lsm.immunix.org/
133. http://www.openssh.com/
134. http://www.securityfocus.com/bugtraq/archive/
135. http://www.nfr.net/firewall-wizards/
136. http://www.jammed.com/Lists/ISN/
137. http://www.calderasystems.com/support/security/
138. http://www.conectiva.com.br/atualizacoes/
139. http://www.debian.org/security/
140. http://www.kondara.org/errata/k12-security.html
141. http://www.esware.com/actualizaciones.html
142. http://linuxppc.org/security/advisories/
143. http://www.linux-mandrake.com/en/fupdates.php3
144. http://www.redhat.com/support/errata/index.html
145. http://www.suse.de/security/index.html
146. http://www.yellowdoglinux.com/resources/errata.shtml
147. http://www.BSDI.COM/services/support/patches/
148. http://www.freebsd.org/security/security.html
149. http://www.NetBSD.ORG/Security/
150. http://www.openbsd.org/security.html
151. http://www.calderasystems.com/support/forums/announce.html
152. http://www.cobalt.com/support/resources/usergroups.html
153. http://distro.conectiva.com.br/atualizacoes/
154. http://www.debian.org/MailingLists/subscribe
155. http://www.esware.com/lista_correo.html
156. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
157. http://www.kondara.org/mailinglist.html.en
158. http://l5web.laser5.co.jp/ml/ml.html
159. http://www.linuxfromscratch.org/services/mailinglistinfo.php
160. http://www.linux-mandrake.com/en/flists.php3
161. http://www.netbsd.org/MailingLists/
162. http://www.openbsd.org/mail.html
163. http://www.redhat.com/mailing-lists/
164. http://www.slackware.com/lists/
165. http://www.stampede.org/mailinglists.php3
166. http://www.suse.com/en/support/mailinglists/index.html
167. http://www.trustix.net/support/
168. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
169. http://lists.yellowdoglinux.com/ydl_updates.shtml
170. http://munitions.vipul.net/
171. http://www.zedz.net/
172. http://www.cert.org/nav/alerts.html
173. http://ciac.llnl.gov/ciac/
174. http://www.MountainWave.com/
175. http://www.counterpane.com/crypto-gram.html
176. http://linuxlock.org/
177. http://linuxsecurity.com/
178. http://www.opensec.net/
179. http://www.securityfocus.com/
180. http://www.securityportal.com/
181. http://lwn.net/2001/0913/kernel.php3
182. http://www.eklektix.com/
183. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
URL: http://www.lwn.net/2001/0913/security.php3 |
Sergey Lentsov |
13 Sep 2001 16:25:24 |
|
|
