![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: InfoSec News <isn@c4i.org>
To: isn@attrition.org
Subject: [ISN] Linux Advisory Watch - November 30th 2001
Date: Mon, 3 Dec 2001 01:49:27 -0600 (CST)
+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| November 30th, 2001 Volume 2, Number 48a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@linuxsecurity.com ben@linuxsecurity.com
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for wu-ftp, imp, rpm, postfix, sasl,
and sendmail. The vendors include Caldera, Conectiva, Immunix, Red Hat,
Slackware and SuSE.
* Do you need more free time?
Are you looking for a solution that provides the applications necessary to
easily create thousands of virtual Web sites, manage e-mail, DNS,
firewalling database functions for an entire organization, and supports
high-speed broadband connections all using a Web-based front-end? EnGarde
Secure Professional provides those features and more!
EnGarde Secure Professional:
http://store.guardiandigital.com/html/eng/493-AA.shtml
** FREE Apache SSL Guide from Thawte **
Planning Web Server Security? Find out how to implement SSL! Get
the free Thawte Apache SSL Guide and find the answers to all your
Apache SSL security issues and more at:
http://www.gothawte.com/rd92.html
Take advantage of our Linux Security discussion list! This mailing list
is for general security-related questions and comments. To subscribe send
an e-mail to security-discuss-request@linuxsecurity.com with "subscribe"
as the subject.
+---------------------------------+
| wu-ftp | ----------------------------//
+---------------------------------+
An overflowable buffer exists in earlier versions of wu-ftpd. An attacker
could gain access to the machine by sending malicious commands.
Red Hat Linux 7.2: i386:
ftp://updates.redhat.com/7.2/en/os/i386/
wu-ftpd-2.6.1-20.i386.rpm
7306f24d3d7d518068c5e08959d43bdd
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1711.html
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/
wuftpd-2.6.0-344.i386.rpm
d1b549b8c2d91d66a8b35fe17a1943b3
SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-1718.html
Caldera:
ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS
RPMS/wu-ftpd-2.6.1-13OL.i386.rpm
d6a618f9fe6a3ae99a1c54a405ab169a
Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-1719.html
Conectiva:
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/
wu-ftpd-2.6.1-6U70_1cl.i386.rpm
Conectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-1720.html
Immunix:
http://download.immunix.org/ImmunixOS/7.0/updates/
RPMS/wu-ftpd-2.6.1-6_imnx_4.i386.rpm
c6c2fa2fa60f2cfe5b496ad0281fa486
Immunix Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-1721.html
+---------------------------------+
| imp | ----------------------------//
+---------------------------------+
The webmail frontend IMP has a cross site scripting problem, allowing a
remote attacker to send you an E-mail with a malformed URL that when
clicked on will open your mail session to the attacker, allowing him to
read and delete your E-mails.
Caldera:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/
Server/current/RPMS
RPMS/horde-1.2.7-1.i386.rpm
53a9d75c760851f79fa72cb451416f96
RPMS/imp-2.2.7-1.i386.rpm
4bb1af4dcd98af6f168543476f691b95
Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-1715.html
+---------------------------------+
| rpm | ----------------------------//
+---------------------------------+
A malicious user could exploit this vulnerability by sending a carefully
crafted rpm package to the printing system, which will query the package
to extract the information to print and will execute arbitrary code
choosen by the attacker with the privileges of the lp user.
PLEASE SEE VENDOR ADVISORY FOR UPDATE
Conectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-1712.html
+---------------------------------+
| postfix | ----------------------------//
+---------------------------------+
Wietse Venema reported[1] a vulnerability[2] in Postfix where a remote
attacker could cause a DoS (denial of service) condition on the server.
The SMTP session log could grow to an unreasonable size and possibly
exhaust the server's memory if no other limits were in place.
Conectiva:
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/
postfix-doc-20010228pl02-7U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/
postfix-20010228pl02-7U70_1cl.i386.rpm
Conectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-1709.html
Red Hat Powertools 7.1: i386:
ftp://updates.redhat.com/7.1/en/powertools/i386/
postfix-20011125- 1SASL.i386.rpm
60402b08bd489052146eec437838a829
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1714.html
+---------------------------------+
| sasl | ----------------------------//
+---------------------------------+
There is a format string bug in the Cyrus SASL library, and the library is
used by sendmail. We are not sure whether this vulnerability can be
exploited remotely just by connecting to sendmail, but if it is, the
attacker would gain root access.
Caldera:
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/
Server/current/RPMS
RPMS/libsasl-1.5.24-4.i386.rpm
67e101e2ff0a259e57bbcc9eee616a1f
Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-1716.html
Red Hat:
PLEASE SEE ADVISORY FOR UPDATE
Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1722.html
http://www.linuxsecurity.com/advisories/redhat_advisory-1723.html
+---------------------------------+
| sendmail | ----------------------------//
+---------------------------------+
An input validation error in sendmail has been discovered by Cade Cairns
of SecurityFocus. This problem can be exploited by local users to gain
root access. It is not exploitable by remote attackers without shell
access. New packages based on sendmail.8.11.6 have been prepared for
Slackware 7.1 and 8.0.
Slackware 8.0:
ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/
patches/packages/procmail.tgz
56099f1bce9643e44342711878a7ceb0
ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/
patches/packages/sendmail.tgz
3d03fd648ecf40eed56ff915780fb8ab
ftp://ftp1.sourceforge.net/pub/slackware/slackware-8.0/
patches/packages/smailcfg.tgz
1a13d98a11d0af853893a640909d8958
Slackware Vendor Advisory:
http://www.linuxsecurity.com/advisories/slackware_advisory-1573.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY
of the mail.