Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Advisory Watch - March 23rd 2001

From: vuln-newsletter-admins () linuxsecurity com
Date: Fri, 23 Mar 2001 14:17:20 -0500
+----------------------------------------------------------------+
|  LinuxSecurity.com                      Linux  Advisory Watch  |
|  March 23rd, 2001                        Volume 2, Number 12a  |
+----------------------------------------------------------------+

  Editors:     Dave Wreski                  Benjamin Thomas
               dave () linuxsecurity com       ben () linuxsecurity com

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for slrn, cups, mutt, icecast,
imap, sgml-tools, and licq.  The vendors include Conectiva, Mandrake,
and Trusix. Although this week has been slow, if you are using any
of these distributions, please take the necessary time to patch
your system.

Are you sick and tired of having to apply system updates week after
week?  Why not use a distribution specifically for built for
security, but still maintaining maximum usability and flexibility.
Guardian Digital, Inc. (our parent company), has announced that
EnGarde Secure Linux will be made publicly available March 30th,
2001.  We invite you visit EnGarde's website for details.
http://www.engardelinux.org


HTML Version of Newsletter:
http://www.linuxsecurity.com/vuln-newsletter.html


+---------------------------------+
| Installing a new package:       | ------------------------------//
+---------------------------------+

# rpm -Uvh
# dpkg -i

Packages can be installed easily by using rpm (Red Hat Package
Manager) or dpkg (Debian Package Manager). Most advisories
issued by vendors are packaged in either an rpm or dpkg.
Additional installation instructions can be found in the body
of the Advisories.

+---------------------------------+
| Checking Package Integrity:     | -----------------------------//
+---------------------------------+

The md5sum command is used to compute a 128-bit fingerprint that is
strongly dependant upon the contents of the file to which it is
applied. It can be used to compare against a previously-generated
sum to determine whether the file has changed. It is commonly used
to ensure the integrity of updated packages distributed by a vendor.

# md5sum
ebf0d4a0d236453f63a797ea20f0758b

The string of numbers can then be compared against the MD5 checksum
published by the packager. While it does not take into account the
possibility that the same person that may have modified a package
also may have modified the published checksum, it is especially
useful for establishing a great deal of assurance in the integrity
of a package before installing


+---------------------------------+
|   Conectiva                     | ----------------------------//
+---------------------------------+

* Conectiva:  'cups' vulnerability
March 19th, 2001

"cups" is one of the printing systems distributed with Conectiva
Linux 6.0 (previous versions do not have this package). The previous
announcement (#384, with the -6cl release) has packaging problems in
the main package, cups-1.1.6-6cl As a result, the package will not be
installed and the previous version (1.1.3) will remain on the system.
An error message will also be displayed.

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 cups-1.1.6-7cl.i386.rpm

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 cups-devel-1.1.6-7cl.i386.rpm

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 cups-devel-static-1.1.6-7cl.i386.rpm

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 cups-doc-1.1.6-7cl.i386.rpm

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 cups-libs-1.1.6-7cl.i386.rpm

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/other_advisory-1224.html



* Conectiva:  'slrn' buffer overflow
March 19th, 2001

"slrn" is a text-mode news client. Previous versions have a buffer
overflow vulnerability that could be exploited remotely via a
carefully crafted news message.

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 slrn-0.9.6.3-1cl.i386.rpm

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 slrn-pull-0.9.6.3-1cl.i386.rpm

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/other_advisory-1225.html



* Conectiva:  'mutt' format string vulnerabilities
March 19th, 2001

"mutt" is a very popular text-mode email client. Versions prior to
1.2.5 have some format string vulnerabilities that have now been
fixed.

 ftp://atualizacoes.conectiva.com.br/5.1/i386/mutt-1.2.5-6cl.i386.rpm

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/other_advisory-1226.html


* Conectiva:  'icecast' vulnerabilities
March 19th, 2001

"icecast" is a server used to distribute audio streams to compatible
clients such as winamp, mpg123, xmms and many others. Matt Messier
(mmessier () prilnari com) and John Viega (viega () list org) have
identified several buffer overflow and format strings problems in
Icecast that could be remotely exploited.

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/icecast-1.3.9-2cl.i386.rpm

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/other_advisory-1227.html



* Conectiva:  'imap' buffer overflows
March 19th, 2001

"imap" is a package which contains POP3 and IMAP mail servers.
Several buffer overflow vulnerabilities have been found in this
package by their authors and by independent groups
(www.bufferoverflow.org has published an exploit for one of these
vulnerabilities).

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 imap-doc-2000c-1cl.i386.rpm

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 imap-devel-2000c-1cl.i386.rpm

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 imap-devel-static-2000c-1cl.i386.rpm

 ftp://atualizacoes.conectiva.com.br/6.0/RPMS/
 imap-2000c-1cl.i386.rpm

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/other_advisory-1228.html




+---------------------------------+
|   Mandrake                      | ----------------------------//
+---------------------------------+

* Mandrake: 'licq' vulnerability
March 20th, 2001

Versions of Licq prior to 1.0.3 have a vulnerability involving the
way Licq parses received URLs. The received URLs are passed to the
web browser without any sanity checking by using the system()
function. Because of the lack of checks on the URL, remote attackers
can pipe other commands with the sent URLs causing the client to
unwillingly execute arbitrary commands. The URL parsing code has been
fixed in the most recent 1.0.3 version.

 PLEASE SEE VENDOR ADVISORY FOR UPDATE

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/mandrake_advisory-1232.html


* Mandrake: UPDATE: 'sgml-tools' vulnerabilities
March 20th, 2001

Insecure handling of temporary file permissions can lead to other
users on a multi-user system being able to read the documents being
converted. This is due to sgml-tools creating temporary files without
any special permissions. The updated packages create a secure
temporary directory first, which is readable only by the owner, and
then create the temporary files in that secure directory.

 http://www.linux-mandrake.com/en/ftp.php3
 Linux-Mandrake 7.1:

 7.1/RPMS/sgml-tools-1.0.9-8.3mdk.i586.rpm
 35e8e14047ac5710274e803bc7bd3e7c

 7.1/SRPMS/sgml-tools-1.0.9-8.3mdk.src.rpm
 02d2fa1b6a56a7c8dc2decfb9339d2a6

 Linux-Mandrake 7.2:

 7.2/RPMS/sgml-tools-1.0.9-8.1mdk.i586.rpm
 c5e48714e3da71f692e447eb942a368b

 7.2/SRPMS/sgml-tools-1.0.9-8.1mdk.src.rpm
 c2242855d3be03b899a908944c48ac1d

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/mandrake_advisory-1231.html


* Mandrake:  'mutt' format string vulnerability
March 19th, 2001

A format string vulnerability was present in the IMAP code in
versions of the mutt email client previous to 1.2.5. This had the
effect that a compromised or malicious IMAP server could possibly
execute code on the local machine.

 http://www.linux-mandrake.com/en/ftp.php3
 Linux-Mandrake 7.1:

 7.1/RPMS/mutt-1.2.5i-5.2mdk.i586.rpm
 8ca095ea77554edf26988b5e24f8fd91

 7.1/SRPMS/mutt-1.2.5i-5.2mdk.src.rpm
 2b1d687f54b6d214f29a807f6433130c


 Linux-Mandrake 7.2:

 7.2/RPMS/mutt-1.2.5i-5.1mdk.i586.rpm
 d9dba0a7fc0fff1f1020bbb828b9e4f1

 7.2/SRPMS/mutt-1.2.5i-5.1mdk.src.rpm
 bd6dcbafebf5c434bd6b0d4478bf487c

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/mandrake_advisory-1229.html


+---------------------------------+
|   Trustix                       | ----------------------------//
+---------------------------------+

* Trustix:  'mutt' vulnerabilities
March 20th, 2001

This release fixes at least one grave IMAP error which may lead to
confusing display and other strangeness, and our instances of the
"wuftpd format bug", which had (mostly) the effect that your IMAP
server's operator could break into your computer with some work.

 ftp://ftp.trusix.net/pub/Trustix/updates/

 Vendor Advisory:
 http://www.linuxsecurity.com/advisories/other_advisory-1230.html




------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request () linuxsecurity com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: