|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Sergey Lentsov 2:4615/71.10 29 Mar 2001 17:11:18
To : All
Subject : URL: http://lwn.net/2001/0329/security.php3
--------------------------------------------------------------------------------
[1][LWN Logo]
[2]Click Here
[LWN.net]
Sections:
[3]Main page
Security
[4]Kernel
[5]Distributions
[6]On the Desktop
[7]Development
[8]Commerce
[9]Linux in the news
[10]Announcements
[11]Linux History
[12]Letters
[13]All in one big page
See also: [14]last week's Security page.
Security
News and Editorials
ptrace/execve/procfs race condition in the Linux kernel 2.2.18.
Exploits were released this week for a [15]ptrace/execve/procfs race
condition in the Linux kernel 2.2.18. Simultaneously, Linux 2.2.19 was
also released. Given the fact that the exploit is already available,
expect to see 2.2.19 updates from the various Linux distributions in
short order. Of course, downloading and compiling Linux 2.2.19
directly will also close the hole. Depending on your distribution,
though, you may end up without some of the patches that were included
in your original kernel.
Solar Designer also released updated versions of his OpenWall kernel
patch for 2.2.19 and for 2.0.39 as well. You will find them at [16]the
OpenWall project. The OpenWall kernel patch contains a collection of
security-related features and makes them configurable for the kernel.
Check the [17]OpenWall README and [18]FAQ for more details.
Distribution updates available so far:
* [19]Immunix
OpenSSH 2.5.2p2 released.
[20]OpenSSH 2.5.2p2 has been released. It includes a number of fixes
(including improvements in the defenses against the passive analysis
attacks discussed in [21]last week's LWN security page) and quite a
few new features as well.
Packages of the new OpenSSH are already popping up:
* [22]Linux-Mandrake
* [23]Conectiva
* [24]Immunix
* [25]Red Hat
SSH inventor denied trademark request (NW Fusion). Network World
Fusion [26]reports on the IETF meeting where Tatu Ylonnen's request
for a name change for the ssh protocol was turned down. "But IETF
participants argued that both Secure Shell and its acronym SSH were
generic terms that can't be protected by trademarks. Ultimately, the
working group voted 3 to 1 to reject Ylonnen's request. 'I'm very
disappointed,' Ylonnen said after the meeting. 'What will I do next?
Consult my lawyers.'"
The Wireless Underground: San Francisco's Free Computer Networks. In
this case, it isn't about free software, it is about illegal access to
poorly secured (if secured at all) wireless networks in downtown San
Francisco. Check out this [27]SFGate article on the subject, which
reports on tests done by folks from the [28]Bay Area Wireless User
Group (BAWUG).
"We walked around the Financial District with a laptop and an
antenna, and we could pick up about six networks per block," says
Matt Peterson, a network engineer and founder of the Bay Area
Wireless User Group (BAWUG).
Aside from networks that were not intended to be open, though, others
are being intentionally left open by individuals, freely allowing
others to use their wireless networks to get connected if they happen
to be in the area. That provides an interesting model for communities
to provide Internet access to the community as a whole.
Unless you are intending to contribute to such a free community,
though, configuring your wireless system to only allow specific MAC
addresses to connect is recommended.
A Windows/Linux virus?.
A company called Central Command ("Without us, there's no defense")
has put out [29]a press release claiming the discovery of a virus that
can infect both Windows and Linux systems. It works by infecting
executable files in the local directory, so it's not going to get all
that far in the Linux world... the "media virus," on the other hand,
seems to be propagating well, with articles in [30]Reuters, [31]ZDNet,
and [32]Newsbytes.
Security Reports
New Linux worm sighted.
Here's [33]an alert from SANS on the so-called "Lion worm" which has
been recently sighted on the net. This worm takes advantage of the
well-known holes in BIND (fixed by most distributors back in January)
to break into new systems. At that point it does a number of
unpleasant things. Those who have applied their BIND updates need not
worry; the rest of you should probably do so fairly soon. SANS has
also posted a detection and removal script. (Thanks to Greg Bailey).
Kerberos libkrb4 race condition.
A race condition in libkrb4 can be exploited to overwrite the contents
of any file on the system.
* [34]Red Hat
VIM statusline Text-Embedded Command Execution Vulnerability.
A security problem has been reported in VIM where VIM codes could be
maliciously embedded in files and then executed in vim-enhanced or
vim-X11.
* [35]Red Hat
* [36]Linux-Mandrake
Buffer overflows in imapd, pop2d and pop3d.
SuSE issued [37]an advisory this week concerning buffer overflows in
imapd, ipop2d and ipop3d. The advisory implies that these overflows
became remotely exploitable due to a configuration error: "Due to a
misconfiguration these vulnerbilities could be triggered remotely
after a user had been authenticated".
This implies that the vulnerability may be specific to SuSE, though
the advisory does not explicitly confirm this.
FCheck local command execution vulnerability.
FCheck, a perl-based file integrity checker, contains an
insecurely-programmed call to open() which does not properly filter
user input. As a result, a file can be created with metacharacters in
the filename that, when scanned by FCheck, will cause it to execute
the commands under the FCheck uid. FCheck 2.6.57 through 2.78.58 are
vulnerable; FCheck 2.78.59 is not. Check BugTraq ID [38]2497 for more
details.
UFS/ext2fs data consistency race condition.
FreeBSD has reported [39]a data consistency race condition that
affects the Unix File System (UFS), commonly used on BSD and other
Unix systems and ext2fs, commonly used on Linux systems. This race
condition may be used by one user to gain access to data from files
deleted by other users. A patch for FreeBSD has been provided.
MySQL 3.23.36 released, fixing security hole.
An apparently ancient security hole in MySQL where database names
starting with ".." were accepted by MySQL has been closed in the
latest release, [40]MySQL 3.23.36.
web scripts.
The following web scripts were reported to contain vulnerabilities:
* [41]Akopia Interchange, a GPL'd ecommerce system, contains sample
scripts which can allow unauthenicated users to access the web
administration database with privilege. A simple change to the
sample code will fix the problem.
* [42]SWSoft ASPSeek s.cgi versions 1.0.0 through 1.0.3 contain a
buffer overflow vulnerability which can be used to execute
arbitrary commands under the uid of the webserver. No fix or
workaround has been provided so far.
* [43]The cgi-script 'pwc' is reported to contain a format string
vulnerability.
Commercial products.
The following commercial products were reported to contain
vulnerabilities:
* Cisco has released an advisory for the [44]Cisco Catalyst SSH
Protocol Mismatch Vulnerability. It affects Cisco VPN 3000 series
concentrators with software prior to version 3.0.00 and allows a
flood of data to cause a reboot. An upgrade to 3.0.00 should fix
the problem.
Updates
licq URL checking problem.
Check the [45]March 22nd LWN Security Summary for the original report.
This week's updates:
* [46]Red Hat (Red Hat 7 only)
* [47]Conectiva
Previous updates:
* [48]Linux-Mandrake
timed denial-of-service vulnerability.
Check the [49]March 15th security report for this denial-of-service
vulnerability in timed.
This week's updates:
* [50]Linux-Mandrake
* [51]SuSE
Previous updates:
* [52]FreeBSD (March 15th)
sgml-tools temporary file vulnerability.
See the [53]March 15th LWN security page for the initial report.
This week's updates:
* [54]Conectiva
Previous updates:
* [55]Debian (March 15)
* [56]Immunix (March 22nd)
* [57]Linux-Mandrake (March 22nd)
* [58]Red Hat (March 22nd)
ePerl buffer overflows.
Check the [59]March 8th LWN Security Summary for the initial report.
This week's updates:
* [60]SuSE
Previous updates:
* [61]Debian (March 8th)
* [62]Linux-Mandrake (March 15th)
sudo buffer overflow.
Check the [63]March 1st LWN Security Summary for the original report.
This week's updates:
* [64]Red Hat, Powertools 6.2
Previous updates:
* [65]Slackware (March 1st)
* [66]Trustix (March 1st)
* [67]Conectiva (March 1st)
* [68]Linux-Mandrake (March 1st)
* [69]Debian (March 1st)
* [70]Immunix (March 1st)
* [71]Debian (March 8th), PowerPC packages
* [72]Linux-Mandrake, new 7.1 packages due to build problem.
joe file handling vulnerability.
Check the [73]March 1st LWN Security Summary for the initial report.
This week's updates:
* [74]SuSE
Previous updates:
* [75]Red Hat (March 8th)
* [76]Immunix (March 8th)
* [77]Linux-Mandrake (March 8th)
* [78]Debian (March 15th)
BSD ftpd single byte buffer overflow.
Check the [79]December 21st, 2000 LWN Security Summary for the initial
report. NetBSD and OpenBSD systems are affected; FreeBSD is not.
BugTraq ID [80]2124 also covers this issue.
This week's updates:
* [81]SuSE
Previous updates:
* [82]Trustix, not vulnerable, but new BSD ftpd packages provided
anyway (December 21st, 2001)
* [83]OpenBSD (December 21st, 2000)
* [84]Trustix, BSD ftpd packages updated due to a typo in the
original patch (December 21st, 2000)
Resources
Bastille Linux 1.2.0.pre22 (Testing Releases). A new development
version of Bastille Linux was [85]announced Tuesday. This snapshot
primarily contains bugfixes and apparently heralds the nearness of the
new stable release, Bastille Linux 1.2.0.
Linux Intrusion Detection System 0.9.15 for 2.2.19. With the release
of Linux kernel 2.2.19, a new version of the the Linux Intrusion
Detection Systems (LIDS) has been announced, [86]LIDS 0.9.15.
Avaya Releases Linux Security Software. Avaya Labs announced it is
releasing [87]Libsafe 2.0, a version of its free security software for
Linux. Libsafe version 2.0 adds the ability to protect against
security attacks that exploit "format string" vulnerabilities in
software.
Czech PGP Flaw Tech Details. Details from the PGP Flaw [88]reported
last week have been released in a technical paper, along with Hal
Finney's [89]analysis of the flaw, which was posted to the OpenPGP
list.
New Turbolinux key. The Turbolinux staff has [90]updated their public
key.
Events
Upcoming security events.
Date Event Location
March 29, 2001. [91]Security of e-Finance and e-Commerce Forum Series
Manhattan, New York, USA.
March 30-April 1, 2001. [92]@LANta.CON Doraville, GA, USA.
April 6-8, 2001. [93]Rubi Con 2001 Detroit, MI, USA.
April 8-12, 2001. [94]RSA Conference 2001 San Francisco, CA, USA.
April 20-22, 2001. [95]First annual iC0N security conference
Cleveland, Ohio, USA.
April 22-25, 2001. [96]Techno-Security 2001 Myrtle Beach, SC, USA.
April 24-26, 2001. [97]Infosecurity Europe 2001 London, Britain, UK.
May 13-16, 2001. [98]2001 IEEE Symposium on Security Oakland, CA, USA.
May 13-16, 2001. [99]CHES 2001 Paris, France.
May 29, 2001. [100]Security of Mobile Multiagent Systems (SEMAS-2001)
Montreal, Canada.
May 31-June 1, 2001. [101]The first European Electronic Signatures
Summit London, England, UK.
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [102]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [103]lwn@lwn.net.
Section Editor: [104]Liz Coolbaugh
March 29, 2001
[105]Click Here
Secure Linux Projects [106]Bastille Linux
[107]Immunix
[108]Nexus
[109]SLinux [110]NSA Security-Enhanced
[111]Trustix
Security List Archives
[112]Bugtraq Archive
[113]Firewall Wizards Archive
[114]ISN Archive
Distribution-specific links
[115]Caldera Advisories
[116]Conectiva Updates
[117]Debian Alerts
[118]Kondara Advisories
[119]Esware Alerts
[120]LinuxPPC Security Updates
[121]Mandrake Updates
[122]Red Hat Errata
[123]SuSE Announcements
[124]Yellow Dog Errata
BSD-specific links
[125]BSDi
[126]FreeBSD
[127]NetBSD
[128]OpenBSD
Security mailing lists [129]Caldera
[130]Cobalt
[131]Conectiva
[132]Debian
[133]Esware
[134]FreeBSD
[135]Kondara
[136]LASER5
[137]Linux From Scratch
[138]Linux-Mandrake
[139]NetBSD
[140]OpenBSD
[141]Red Hat
[142]Slackware
[143]Stampede
[144]SuSE
[145]Trustix
[146]turboLinux
[147]Yellow Dog
Security Software Archives
[148]munitions
[149]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[150]CERT
[151]CIAC
[152]Comp Sec News Daily
[153]Crypto-GRAM
[154]LinuxLock.org
[155]Linux Security Audit Project
[156]LinuxSecurity.com
[157]OpenSSH
[158]OpenSEC
[159]Security Focus
[160]SecurityPortal
[161]Next: Kernel
[162]Eklektix, Inc. Linux powered! Copyright Л 2001 [163]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
3. http://lwn.net/2001/0329/
4. http://lwn.net/2001/0329/kernel.php3
5. http://lwn.net/2001/0329/dists.php3
6. http://lwn.net/2001/0329/desktop.php3
7. http://lwn.net/2001/0329/devel.php3
8. http://lwn.net/2001/0329/commerce.php3
9. http://lwn.net/2001/0329/press.php3
10. http://lwn.net/2001/0329/announce.php3
11. http://lwn.net/2001/0329/history.php3
12. http://lwn.net/2001/0329/letters.php3
13. http://lwn.net/2001/0329/bigpage.php3
14. http://lwn.net/2001/0322/security.php3
15.
http://securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26ti
d%3D172196%26fromthread%3D0%26threads%3D1%26start%3D2001-03-25%26end%3D2001-03-3
1%26
16. http://www.openwall.com/linux/
17. http://www.openwall.com/linux/README
18. http://www.openwall.com/linux/FAQ
19. http://lwn.net/2001/0329/a/im-kernel.php3
20. http://lwn.net/2001/0329/a/openssh-2.5.2p2.php3
21. http://lwn.net/2001/0322/security.php3#sshpassive
22. http://lwn.net/2001/0329/a/lm-openssh.php3
23. http://lwn.net/2001/0329/a/con-openssh.php3
24. http://lwn.net/2001/0329/a/im-openssh.php3
25. http://lwn.net/2001/0329/a/rh-openssh.php3
26. http://www.nwfusion.com/news/2001/0321ssh.html
27.
http://www.sfgate.com/cgi-bin/article.cgi?file=/technology/archive/2001/03/22/fr
eewireless.dtl
28. http://www.bawug.org/
29. http://www.businesswire.com/webbox/bw.032701/210862635.htm
30. http://www.newsalert.com/bin/story?StoryId=CoSaEub9DtJi3ndGXmZm
31. http://www.zdnet.com/zdhelp/stories/main/0,5594,2699152,00.html
32. http://www.newsalert.com/bin/story?StoryId=CoSfV0c4bmdaWmtq
33. http://lwn.net/2001/0329/a/lion-worm.php3
34. http://lwn.net/2001/0329/a/rh-kerberos.php3
35. http://lwn.net/2001/0329/a/rh-vim.php3
36. http://lwn.net/2001/0329/a/lm-vim.php3
37. http://lwn.net/2001/0329/a/suse-pop.php3
38. http://www.securityfocus.com/bid/2497
39. http://lwn.net/2001/0329/a/fb-ufs.php3
40. http://lwn.net/2001/0329/a/mysql.php3
41. http://www.securityfocus.com/bid/2499
42. http://www.securityfocus.com/bid/2492
43. http://lwn.net/2001/0329/a/pwc.php3
44. http://lwn.net/2001/0329/a/cisco-sshmismatch.php3
45. http://lwn.net/2001/0322/security.php3#licqURL
46. http://lwn.net/2001/0329/a/rh-licq.php3
47. http://lwn.net/2001/0329/a/cn-licq.php3
48. http://lwn.net/2001/0329/a/lm-licq.php3
49. http://lwn.net/2001/0315/security.php3#timed
50. http://lwn.net/2001/0329/a/lm-timed.php3
51. http://lwn.net/2001/0329/a/suse-fptd-timed.php3
52. http://lwn.net/2001/0315/a/fb-timed.php3
53. http://lwn.net/2001/0315/security.php3#sgml
54. http://lwn.net/2001/0329/a/cn-sgml-tools.php3
55. http://lwn.net/2001/0315/a/deb-sgml-tools.php3
56. http://lwn.net/2001/0322/a/imm-sgml-tools.php3
57. http://lwn.net/2001/0322/a/lm-sgml-tools.php3
58. http://lwn.net/2001/0322/a/rh-sgmltools.php3
59. http://lwn.net/2001/0308/security.php3#eperl
60. http://lwn.net/2001/0329/a/suse-eperl.php3
61. http://lwn.net/2001/0308/a/deb-eperl.php3
62. http://lwn.net/2001/0315/a/lm-eperl.php3
63. http://lwn.net/2001/0301/security.php3#sudo
64. http://lwn.net/2001/0329/a/rh-sudo.php3
65. http://lwn.net/2001/0301/a/sl-sudo.php3
66. http://lwn.net/2001/0301/a/trustix-sudo.php3
67. http://lwn.net/2001/0301/a/conectiva-sudo.php3
68. http://lwn.net/2001/0301/a/lm-sudo.php3
69. http://lwn.net/2001/0301/a/debian-sudo.php3
70. http://lwn.net/2001/0301/a/immunix-sudo.php3
71. http://lwn.net/2001/0308/a/deb-sudo.php3
72. http://lwn.net/2001/0329/a/lm-sudo2.php3
73. http://lwn.net/2001/0301/security.php3#joe2
74. http://lwn.net/2001/0329/a/suse-joe.php3
75. http://lwn.net/2001/0308/a/rh-joe.php3
76. http://lwn.net/2001/0308/a/imm-joe.php3
77. http://lwn.net/2001/0308/a/lm-joe.php3
78. http://lwn.net/2001/0315/a/deb-joe-20010309.php3
79. http://lwn.net/2000/1221/security.php3#bsdftpd
80. http://www.securityfocus.com/bid/2124
81. http://lwn.net/2001/0329/a/suse-fptd-timed.php3
82. http://lwn.net/2000/1221/a/sec-trustix-edtcshftpd.php3
83. http://lwn.net/2000/1221/a/sec-openbsd-ftpd.php3
84. http://lwn.net/2000/1221/a/sec-trustix-gnupgftpd.php3
85. http://freshmeat.net/releases/44298/
86. http://freshmeat.net/releases/44310/
87.
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/03-21-200
1/0001452332&EDATE=
88. http://lwn.net/2001/0322/security.php3#pgp
89. http://www.imc.org/ietf-openpgp/mail-archive/msg04767.html
90. http://lwn.net/2001/0329/a/tlkey.php3
91. http://www.ists.dartmouth.edu/iria/events/ebizforum.html
92. http://www.atlantacon.org/
93. http://www.rubi-con.org/
94. http://www.rsasecurity.com/conference/rsa2001/index2.html
95. http://lwn.net/2001/0208/a/iC0N.php3
96. http://www.techsec.com/html/Conferences.html
97. http://www.infosec.co.uk/page.cfm
98. http://www.ieee-security.org/TC/sp2001.html
99. http://www.ece.wpi.edu/Research/crypt/ches/start.html
100. http://www.dfki.de/~kuf/semas/
101.
http://www.iqpc.com/cgi-bin/templates/98485262029583740234300003/genevent.html?e
vent=1525&topic=
102. http://securityfocus.com/calendar
103. mailto:lwn@lwn.net
104. mailto:lwn@lwn.net
105. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
106. http://bastille-linux.sourceforge.net/
107. http://www.immunix.org/
108. http://Nexus-Project.net/
109. http://www.slinux.org/
110. http://www.nsa.gov/selinux/
111. http://www.trustix.com/
112. http://www.securityfocus.com/bugtraq/archive/
113. http://www.nfr.net/firewall-wizards/
114. http://www.jammed.com/Lists/ISN/
115. http://www.calderasystems.com/support/security/
116. http://www.conectiva.com.br/atualizacoes/
117. http://www.debian.org/security/
118. http://www.kondara.org/errata/k12-security.html
119. http://www.esware.com/actualizaciones.html
120. http://linuxppc.org/security/advisories/
121. http://www.linux-mandrake.com/en/fupdates.php3
122. http://www.redhat.com/support/errata/index.html
123. http://www.suse.de/security/index.html
124. http://www.yellowdoglinux.com/resources/errata.shtml
125. http://www.BSDI.COM/services/support/patches/
126. http://www.freebsd.org/security/security.html
127. http://www.NetBSD.ORG/Security/
128. http://www.openbsd.org/security.html
129. http://www.calderasystems.com/support/forums/announce.html
130. http://www.cobalt.com/support/resources/usergroups.html
131. http://distro.conectiva.com.br/atualizacoes/
132. http://www.debian.org/MailingLists/subscribe
133. http://www.esware.com/lista_correo.html
134. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
135. http://www.kondara.org/mailinglist.html.en
136. http://l5web.laser5.co.jp/ml/ml.html
137. http://www.linuxfromscratch.org/services/mailinglistinfo.php
138. http://www.linux-mandrake.com/en/flists.php3
139. http://www.netbsd.org/MailingLists/
140. http://www.openbsd.org/mail.html
141. http://www.redhat.com/mailing-lists/
142. http://www.slackware.com/lists/
143. http://www.stampede.org/mailinglists.php3
144. http://www.suse.com/en/support/mailinglists/index.html
145. http://www.trustix.net/support/
146. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
147. http://lists.yellowdoglinux.com/ydl_updates.shtml
148. http://munitions.vipul.net/
149. http://www.zedz.net/
150. http://www.cert.org/nav/alerts.html
151. http://ciac.llnl.gov/ciac/
152. http://www.MountainWave.com/
153. http://www.counterpane.com/crypto-gram.html
154. http://linuxlock.org/
155. http://lsap.org/
156. http://linuxsecurity.com/
157. http://www.openssh.com/
158. http://www.opensec.net/
159. http://www.securityfocus.com/
160. http://www.securityportal.com/
161. http://lwn.net/2001/0329/kernel.php3
162. http://www.eklektix.com/
163. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
URL: http://lwn.net/2001/0329/security.php3 |
Sergey Lentsov |
29 Mar 2001 17:11:18 |
|
|
