[LWN Logo]
[LWN.net]

Sections:
 Main page
 Linux in the news
 Security
 Kernel
 Distributions
 Development
 Commerce
 Announcements
 Back page
All in one big page

See also: last week's Security page.

Security


News

Nasty holes of the week: a couple of unpleasant ones came around this time.
  • There is a bug in Pine (a mail reader) which can allow the execution of arbitrary code contained within a carefully constructed mail message (details here). The ramifications of this one are extensive.

  • Both the WU and ProFTPD FTP daemons suffer from overflow problems which can lead to the usual sorts of unfortunate things. This problem was publicized via this release from a company called Netect.
Thus far, we have seen updates come out only from Red Hat; see their notices for Pine and ftpd.

CERT has put out an advisory about trojan horse problems. The advisory (available here) contains little new information for readers of these pages. (Although, perhaps, many Linux users were unaware of the fake Internet Explorer upgrade...) It does contain a good summary of the situation and tells how to recognize trojaned versions of some systems.

The "Hurwitz Group" has uncovered that buffer overflows are a security problem and issued this press release to alert the world. "Buffer overflow will continue to be a security problem until all system vulnerabilities are revealed and solutions are put in place..." The product being advertised with this alert evidently works by randomizing the stack address; this approach works against a number of simple attacks, but is far from being a comprehensive solution.

Security Reports

There is a buffer overflow problem in the version of 'lpc' that is shipped with the PLP printer system. Most Linux systems do not use PLP; however, SuSE distributions at 5.2 or earlier did. Thus, folks with an older SuSE installation may wish to consider an upgrade.

Resources

Alpha 7.1 of the NRL IPv6+IPSec package has been made publicly available. This is a full implementation of these protocols, and it supports Linux. (They claim it works with the 2.1 kernel; one assumes that 2.2 will work as well). See NRL's web page for more information. The license is of the BSD variety; however, encryption support is only available within the U.S.

Network Associates announced a version of their "CyberCop" scanner for Linux; see their press release for more. For an alternative point of view on the value of their announcement, see this note from the ISN moderator...


February 11, 1999

 

Next: Kernel

 
Eklektix, Inc. Linux powered! Copyright © 1999 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds