SecurityFocus Linux Newsletter #258
----------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
------------------------------------------------------------------
I. FRONT AND CENTER
1. Balancing surveillance
By Scott Granneman
With camera and network surveillance now commonplace, and database abuse continuing to appear, how do we balance the positive side of security along with its potential for abuse?
http://www.securityfocus.com/columnists/366
II. LINUX VULNERABILITY SUMMARY
1. phpMyAdmin Theme Variable Local File Inclusion Vulnerability
2. SUSE Linux Permissions Package CHKSTAT Insecure Permissions Handling Vulnerability
3. Todd Miller Sudo Local Privilege Escalation Vulnerability
4. Skype Technologies Skype Networking Routine Heap Overflow Vulnerability
5. LibGDA Multiple Format String Vulnerabilities
6. PAM Unix_Chkpwd Unauthorized Access Vulnerability
7. Ethereal IRC Protocol Dissector Denial of Service Vulnerability
8. Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
9. GNU gnump3d Error Page Cross-Site Scripting Vulnerability
10. GNU gnump3d Directory Traversal Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. httpd and port 7200
2. Re[2]: Securing Fedora Core 4
3. Re[2]: Linux hardening
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Collaborative endpoint security, part one
By Ivan Arce, Eduardo Arias
Part one of this article introduces endpoint security solution technologies and proposes a collaborative approach to solving technical challenges that are commonly faced by the community.
http://www.securityfocus.com/infocus/1849
2. Evolution of Web-based worms
By Daniel Hanson
The Myspace Web worm used a simple vulnerability and XSS to propagate, and it might be a sign of things to come.
http://www.securityfocus.com/columnists/362
3. The click-wrap conundrum
By Mark Rasch
With the rise of spyware, the fact that you didn't understand what you were doing by downloading and installing the software doesn't mean you weren't bound by the End User License Agreement (EULA). However, the FTC argues otherwise.
http://www.securityfocus.com/columnists/365
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. phpMyAdmin Theme Variable Local File Inclusion Vulnerability
BugTraq ID: 15169
Remote: Yes
Date Published: 2005-10-22
Relevant URL: http://www.securityfocus.com/bid/15169
Summary:
phpMyAdmin is prone to a local file include vulnerability.
An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web server process. This may potentially facilitate unauthorized access.
phpMyAdmin 2.6.4-pl2 and earlier versions are reported to be vulnerable.
2. SUSE Linux Permissions Package CHKSTAT Insecure Permissions Handling Vulnerability
BugTraq ID: 15182
Remote: No
Date Published: 2005-10-24
Relevant URL: http://www.securityfocus.com/bid/15182
Summary:
The SUSE Linux 'permissions' package is susceptible to a local information disclosure vulnerability. This issue is due to improper handling of file permissions by the 'chkstat' utility.
This issue is due to the inherent insecurity of attempting to modify files contained in world-writable directories.
Local attackers may gain access to the contents of potentially sensitive files, aiding them in further attacks.
3. Todd Miller Sudo Local Privilege Escalation Vulnerability
BugTraq ID: 15191
Remote: No
Date Published: 2005-10-25
Relevant URL: http://www.securityfocus.com/bid/15191
Summary:
Sudo is prone to a local privilege escalation vulnerability.
The vulnerability presents itself because the application does not properly sanitize malicious data provided through environment variables.
A successful attack may result in a complete compromise.
4. Skype Technologies Skype Networking Routine Heap Overflow Vulnerability
BugTraq ID: 15192
Remote: Yes
Date Published: 2005-10-25
Relevant URL: http://www.securityfocus.com/bid/15192
Summary:
Skype is prone to a heap overflow vulnerability in its networking routines. Successful exploitation could result in a denial of service and remote machine code execution in the context of the affected application.
The vendor reports that this vulnerability has not been reproduced to execute arbitrary code, but the reporter of this issue states that they have successfully created proof of concept exploits against the Microsoft Windows and Linux client applications.
This issue affects Skype for Windows 1.4.*.83 and earlier, Skype for Mac OS X 1.3.*.16 and earlier, Skype for Linux 1.2.*.17 and earlier, and Skype for Pocket PC 1.1.*.6 and earlier.
5. LibGDA Multiple Format String Vulnerabilities
BugTraq ID: 15200
Remote: No
Date Published: 2005-10-25
Relevant URL: http://www.securityfocus.com/bid/15200
Summary:
libgda is prone to multiple format string vulnerabilities. These issues arise due to insufficient sanitization of user-supplied data.
Very little information is available on these issues. This BID will be updated as more information becomes available.
6. PAM Unix_Chkpwd Unauthorized Access Vulnerability
BugTraq ID: 15217
Remote: No
Date Published: 2005-10-26
Relevant URL: http://www.securityfocus.com/bid/15217
Summary:
The PAM unix_chkpwd command is prone to an unauthorized access vulnerability.
A local attacker can exploit this vulnerability to perform brute force attacks to obtain the valid passwords of other local users.
7. Ethereal IRC Protocol Dissector Denial of Service Vulnerability
BugTraq ID: 15219
Remote: Yes
Date Published: 2005-10-26
Relevant URL: http://www.securityfocus.com/bid/15219
Summary:
The Ethereal IRC protocol dissector is prone to remotely exploitable denial of service vulnerability.
The issue may be exploited by causing Ethereal to process a malformed packet. Successful exploitation will cause a denial of service condition in the Ethereal application.
Further details are not currently available. This BID will be updated as more information is disclosed.
8. Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
BugTraq ID: 15224
Remote: Yes
Date Published: 2005-10-27
Relevant URL: http://www.securityfocus.com/bid/15224
Summary:
mod_auth_shadow is prone to a vulnerability that may bypass expected authentication routines.
An attacker can exploit this vulnerability to bypass security restrictions and gain access to possibly sensitive or privileged information. Information obtained may be used in further attacks against the underlying system; other attacks are also possible.
9. GNU gnump3d Error Page Cross-Site Scripting Vulnerability
BugTraq ID: 15226
Remote: Yes
Date Published: 2005-10-28
Relevant URL: http://www.securityfocus.com/bid/15226
Summary:
GNU gnump3d is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
10. GNU gnump3d Directory Traversal Vulnerability
BugTraq ID: 15228
Remote: Yes
Date Published: 2005-10-28
Relevant URL: http://www.securityfocus.com/bid/15228
Summary:
GNU gnump3d is prone to a directory traversal vulnerability. Information obtained may be used in further attacks.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. httpd and port 7200
http://www.securityfocus.com/archive/91/414099
3. Re[2]: Linux hardening
http://www.securityfocus.com/archive/91/409012
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
----------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------
I. FRONT AND CENTER
1. Balancing surveillance
By Scott Granneman
With camera and network surveillance now commonplace, and database abuse continuing to appear, how do we balance the positive side of security along with its potential for abuse?
http://www.securityfocus.com/columnists/366
II. LINUX VULNERABILITY SUMMARY
1. phpMyAdmin Theme Variable Local File Inclusion Vulnerability
2. SUSE Linux Permissions Package CHKSTAT Insecure Permissions Handling Vulnerability
3. Todd Miller Sudo Local Privilege Escalation Vulnerability
4. Skype Technologies Skype Networking Routine Heap Overflow Vulnerability
5. LibGDA Multiple Format String Vulnerabilities
6. PAM Unix_Chkpwd Unauthorized Access Vulnerability
7. Ethereal IRC Protocol Dissector Denial of Service Vulnerability
8. Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
9. GNU gnump3d Error Page Cross-Site Scripting Vulnerability
10. GNU gnump3d Directory Traversal Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. httpd and port 7200
2. Re[2]: Securing Fedora Core 4
3. Re[2]: Linux hardening
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Collaborative endpoint security, part one
By Ivan Arce, Eduardo Arias
Part one of this article introduces endpoint security solution technologies and proposes a collaborative approach to solving technical challenges that are commonly faced by the community.
http://www.securityfocus.com/infocus/1849
2. Evolution of Web-based worms
By Daniel Hanson
The Myspace Web worm used a simple vulnerability and XSS to propagate, and it might be a sign of things to come.
http://www.securityfocus.com/columnists/362
3. The click-wrap conundrum
By Mark Rasch
With the rise of spyware, the fact that you didn't understand what you were doing by downloading and installing the software doesn't mean you weren't bound by the End User License Agreement (EULA). However, the FTC argues otherwise.
http://www.securityfocus.com/columnists/365
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. phpMyAdmin Theme Variable Local File Inclusion Vulnerability
BugTraq ID: 15169
Remote: Yes
Date Published: 2005-10-22
Relevant URL: http://www.securityfocus.com/bid/15169
Summary:
phpMyAdmin is prone to a local file include vulnerability.
An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web server process. This may potentially facilitate unauthorized access.
phpMyAdmin 2.6.4-pl2 and earlier versions are reported to be vulnerable.
2. SUSE Linux Permissions Package CHKSTAT Insecure Permissions Handling Vulnerability
BugTraq ID: 15182
Remote: No
Date Published: 2005-10-24
Relevant URL: http://www.securityfocus.com/bid/15182
Summary:
The SUSE Linux 'permissions' package is susceptible to a local information disclosure vulnerability. This issue is due to improper handling of file permissions by the 'chkstat' utility.
This issue is due to the inherent insecurity of attempting to modify files contained in world-writable directories.
Local attackers may gain access to the contents of potentially sensitive files, aiding them in further attacks.
3. Todd Miller Sudo Local Privilege Escalation Vulnerability
BugTraq ID: 15191
Remote: No
Date Published: 2005-10-25
Relevant URL: http://www.securityfocus.com/bid/15191
Summary:
Sudo is prone to a local privilege escalation vulnerability.
The vulnerability presents itself because the application does not properly sanitize malicious data provided through environment variables.
A successful attack may result in a complete compromise.
4. Skype Technologies Skype Networking Routine Heap Overflow Vulnerability
BugTraq ID: 15192
Remote: Yes
Date Published: 2005-10-25
Relevant URL: http://www.securityfocus.com/bid/15192
Summary:
Skype is prone to a heap overflow vulnerability in its networking routines. Successful exploitation could result in a denial of service and remote machine code execution in the context of the affected application.
The vendor reports that this vulnerability has not been reproduced to execute arbitrary code, but the reporter of this issue states that they have successfully created proof of concept exploits against the Microsoft Windows and Linux client applications.
This issue affects Skype for Windows 1.4.*.83 and earlier, Skype for Mac OS X 1.3.*.16 and earlier, Skype for Linux 1.2.*.17 and earlier, and Skype for Pocket PC 1.1.*.6 and earlier.
5. LibGDA Multiple Format String Vulnerabilities
BugTraq ID: 15200
Remote: No
Date Published: 2005-10-25
Relevant URL: http://www.securityfocus.com/bid/15200
Summary:
libgda is prone to multiple format string vulnerabilities. These issues arise due to insufficient sanitization of user-supplied data.
Very little information is available on these issues. This BID will be updated as more information becomes available.
6. PAM Unix_Chkpwd Unauthorized Access Vulnerability
BugTraq ID: 15217
Remote: No
Date Published: 2005-10-26
Relevant URL: http://www.securityfocus.com/bid/15217
Summary:
The PAM unix_chkpwd command is prone to an unauthorized access vulnerability.
A local attacker can exploit this vulnerability to perform brute force attacks to obtain the valid passwords of other local users.
7. Ethereal IRC Protocol Dissector Denial of Service Vulnerability
BugTraq ID: 15219
Remote: Yes
Date Published: 2005-10-26
Relevant URL: http://www.securityfocus.com/bid/15219
Summary:
The Ethereal IRC protocol dissector is prone to remotely exploitable denial of service vulnerability.
The issue may be exploited by causing Ethereal to process a malformed packet. Successful exploitation will cause a denial of service condition in the Ethereal application.
Further details are not currently available. This BID will be updated as more information is disclosed.
8. Apache Mod_Auth_Shadow Authentication Bypass Vulnerability
BugTraq ID: 15224
Remote: Yes
Date Published: 2005-10-27
Relevant URL: http://www.securityfocus.com/bid/15224
Summary:
mod_auth_shadow is prone to a vulnerability that may bypass expected authentication routines.
An attacker can exploit this vulnerability to bypass security restrictions and gain access to possibly sensitive or privileged information. Information obtained may be used in further attacks against the underlying system; other attacks are also possible.
9. GNU gnump3d Error Page Cross-Site Scripting Vulnerability
BugTraq ID: 15226
Remote: Yes
Date Published: 2005-10-28
Relevant URL: http://www.securityfocus.com/bid/15226
Summary:
GNU gnump3d is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
10. GNU gnump3d Directory Traversal Vulnerability
BugTraq ID: 15228
Remote: Yes
Date Published: 2005-10-28
Relevant URL: http://www.securityfocus.com/bid/15228
Summary:
GNU gnump3d is prone to a directory traversal vulnerability. Information obtained may be used in further attacks.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. httpd and port 7200
http://www.securityfocus.com/archive/91/414099
2. Re[2]: Securing Fedora Core 4
http://www.securityfocus.com/archive/91/411685
3. Re[2]: Linux hardening
http://www.securityfocus.com/archive/91/409012
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
[ reply ]