exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

linux-advisory.1-19a.txt

linux-advisory.1-19a.txt
Posted Sep 8, 2000
Authored by Benjamin Thomas | Site linuxsecurity.com

Linux Advisory Watch for September 8th, 2000. Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for glibc, screen, apache, and suidperl from Caldera, Conectiva, Debian, Mandrake, Slackware, SuSE, and Trustix.

tags | vulnerability
systems | linux, suse, slackware, debian, mandrake
SHA-256 | 58e4fa5accfb242abf0994a96a96bd8ca1fa2451c8d22c4f82165eca1089d646

linux-advisory.1-19a.txt

Change Mirror Download
+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| September 8th, 2000 Volume 1, Number 19a |
+----------------------------------------------------------------+

Editors: Dave Wreski Benjamin Thomas
dave@linuxsecurity.com ben@linuxsecurity.com


Linux Advisory Watch is a comprehensive newsletter that outlines
the security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for glibc, screen, apache, and
suidperl. The advisories released were from Caldera, Conectiva, Debian,
Mandrake, Slackware, SuSE, and Trustix. The glibc, screen, and suidperl
vulnerabilities can result in a local root compromise.

This week has been full of advisories from various Linux distributions
regarding two severe problems with glibc. Confusing the issue, more than
one vulnerability is involved and they were reported at different times.
That means that some of the updates only fixed the first reported
problem, while others fixed both problems.

-- OpenDoc Publishing -------------------------------------------------
//

Our sponsor this week is OpenDoc Publishing. Their 480-page
comprehensive security book, Securing and Optimizing Linux, takes a
hands-on approach to installing, optimizing, configuring, and
securing Red Hat Linux. Topics include sendmail 8.10.1, OpenSSL,
ApacheSSL, OpenSSH and much more! Includes Red Hat 6.2 and Red Hat 6.2
PowerTools edition.

https://secure.linuxports.com/cart/security/


+---------------------------------+
| Installing a new package: | ----------------------------//
+---------------------------------+

# rpm -Uvh <package-name.rpm>
# dpkg -i <package-name.deb>

Packages can be installed easily by using rpm (Red Hat Package
Manager) or dpkg (Debian Package Manager). Most advisories
issued by vendors are packaged in either an rpm or dpkg.
Additional installation instructions can be found in the body
of the advisory.

+---------------------------------+
| Checking Package Integrity: | -----------------------------//
+---------------------------------+

The md5sum command is used to compute a 128-bit fingerprint that is
strongly dependant upon the contents of the file to which it is
applied. It can be used to compare against a previously-generated
sum to determine whether the file has changed. It is commonly used
to ensure the integrity of updated packages distributed by a vendor.

# md5sum <package-name>
ebf0d4a0d236453f63a797ea20f0758b <package-name>

The string of numbers can then be compared against the MD5 checksum
published by the packager. While it does not take into account the
possibility that the same person that may have modified a package
also may have modified the published checksum, it is especially
useful for establishing a great deal of assurance in the integrity
of a package before installing it.


+---------------------------------+
| glibc Advisories | ----------------------------//
+---------------------------------+


* September 5th, 2000 -- Caldera: 'glibc' vulnerability
http://www.linuxsecurity.com/advisories/caldera_advisory-688.html

A bug in the parsing of these locale names allows an attacker to
trick glibc into using locale information files provided by the
attacker, which can make an application crash.


ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
9509340276c43bdcbeee2d95e82b9d03 RPMS/glibc-2.1.1-3.i386.rpm



* September 5th, 2000 -- Conectiva: glibc vulnerabilities
http://www.linuxsecurity.com/advisories/other_advisory-684.html
http://www.linuxsecurity.com/advisories/other_advisory-689.html

Several problems have been found in the glibc code that allow
a local attacker to obtain root privileges.


ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-2.1.2-14cl.i386.rpm


* September 4th, 2000 -- Debian: glibc vulnerabilities
http://www.linuxsecurity.com/advisories/debian_advisory-687.html
http://www.linuxsecurity.com/advisories/debian_advisory-683.html

Recently two problems have been found in the glibc suite, which
could be used to trick setuid applications to run arbitrary code.

http://security.debian.org/dists/slink/updates/binary-i386/
libc6-dbg_2.0.7.19981211-6.2_i386.deb

MD5 checksum: 23f5aace9db7104163b2422d600d8869



* September 7th, 2000 -- Mandrake: 'glibc' vulnerabilities
http://www.linuxsecurity.com/advisories/mandrake_advisory-694.html

It is highly probable that some of these bugs can be used
for local root exploits.

ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake/updates



* September 5th, 2000 -- Slackware: glibc vulnerabilities
http://www.linuxsecurity.com/advisories/slackware_advisory-690.html


Three locale-related vulnerabilities with glibc 2.1.3 were recently
reported on BugTraq. These vulnerabilities could allow local users
to gain root access.

Users of Slackware 7.0, 7.1, and -current are strongly urged to
upgrade to the new glibc packages in the -current branch.

ftp://ftp.slackware.com/pub/slackware/slackware-current/
slakware/a1/glibcso.tgz
md5sum: 1119944158 781102 a1/glibcso.tgz

ftp://ftp.slackware.com/pub/slackware/slackware-current/
slakware/d1/glibc.tgz
md5sum: 4150671113 22146158 d1/glibc.tgz

ftp://ftp.slackware.com/pub/slackware/slackware-current/
slakware/des1/descrypt.tgz
md5sum: 95989487 95843 des1/descrypt.tgz



* September 6th, 2000 -- SuSE: 'shlibs' vulnerability
http://www.linuxsecurity.com/advisories/suse_advisory-692.html

The glibc implementations in all SuSE distributions starting with
SuSE-6.0 have multiple security problems where at least one of them
allows any local user to gain root access to the system.

ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/
shlibs-2.1.3-154.i386.rpm

753176172ebf628c6567c70a9b950933


* September 7th, 2000 -- Trustix: 'glibc' updates.
http://www.linuxsecurity.com/advisories/other_advisory-695.html

glibc-2.1.3-10tr.i586.rpm
glibc-devel-2.1.3-10tr.i586.rpm
glibc-profile-2.1.3-10tr.i586.rpm
scd-2.1.3-10tr.i586.rpm
ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/



+---------------------------------+
| Other Linux Advisories |--------------------------------- //
+---------------------------------+


* September 4th, 2000 -- Debian: 'screen' vulnerability
http://www.linuxsecurity.com/advisories/debian_advisory-686.html

A format string bug was recently discovered in screen which can
be used to gain elevated privilages if screen is setuid.

http://security.debian.org/dists/stable/updates/main/binary-i386/
screen_3.9.5-9_i386.deb

MD5 checksum: 139c65e404139f6681a4e60b4ef708f1



* September 3rd, 2000 -- Slackware: 'suidperl' vulnerability.
http://www.linuxsecurity.com/advisories/slackware_advisory-685.html

A root exploit was found in the /usr/bin/suidperl5.6.0 program that
shipped with the Slackware 7.1 perl.tgz package. It is recommended
that all users of Slackware 7.1 (and -current) upgrade to the
perl.tgz package available in the Slackware current branch.


ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/d1/
1027099174 6464627 ./perl.tgz 0dfc1c46e3dd22033850fc69928588ec



* September 7th, 2000 -- SuSE: 'apache' vulnerabilities.
http://www.linuxsecurity.com/advisories/suse_advisory-696.html

The configuration file that comes with the package contains
two security relevant errors:

Starting in SuSE-6.0, a section in apache's configuration file
/etc/httpd/httpd.conf reads Alias /cgi-bin-sdb//usr/local/httpd/
cgi-bin/ This allows remote users to read the cgi script sources
of the server, located in /usr/local/httpd/cgi-bin/.

Opposing the recommendations on the WebDAV homepage under
http://www.webdav.org /mod_dav/#security, there is no access
control
or authentification activated. This should most definitely be
considered a security problem.



ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/apache-1.3.12-107.i386.rpm
65bac933de7676ad3d8f63b32c608dad



* September 6th, 2000 -- SuSE: 'screen' vulnerability
http://www.linuxsecurity.com/advisories/suse_advisory-693.html

screen, a tty multiplexer, is installed suid root by default on
SuSE
Linux distributions. By supplying a thoughtfully designed string as
the visual bell message, local users can obtain root privilege.
Exploit information has been published on security forums.



ftp://ftp.suse.com/pub/suse/i386/update/7.0/ap1/screen-3.9.8-1.i386.rpm
84b6330f0b9ac7600cc5ec53a9dfdbe9
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com

To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close