All articles

No avatar November 03, 2001 00:00 An Open Letter from One Administrator to Users Everywhere

33
I have been a network administrator for about five years. It has been said that administration is hours of boredom interrupted by moments of sheer panic. Through the highs and lows of this existence, there is one constant: answering user requests.

November 02, 2001 03:54 Red Hat: Updated webalizer packages available

0
A bug in versions of webalizer prior to 2.01_09 allowed users to embed malicious HTML tags in reports generated by webalizer. Fixed packages are available from updates.redhat.com.

November 02, 2001 02:18 Red Hat: New util-linux packages available

0
A problem existed in /bin/login's PAM implementation; it stored the value of a static pwent buffer across PAM calls; when used with some PAM modules in non-default configuration (such as pam_limits), it would overwrite the buffer, causing a user to get credentials of another user. Fixed packages are available from updates.redhat.com.

November 02, 2001 02:17 Red Hat: New kernel 2.2 packages are available

0
A vulnerability has been found in the ptrace code of the kernel (ptrace is the part that allows program debuggers to run) that could be abused by local users to gain root privileges. Fixed packages are available from updates.redhat.com.

November 02, 2001 02:16 Red Hat: New kernel 2.4 packages are available

0
A vulnerability has been found in the ptrace code of the kernel (ptrace is the part that allows program debuggers to run) that could be abused by local users to gain root privileges. Fixed packages are available from updates.redhat.com.

November 02, 2001 02:14 Red Hat: Updated mod_auth_pgsql packages available

0
The updated mod_auth_pgsql packages close a vulnerability which would allow a malicious client to cause a Web server to execute arbitrary SQL statements. Several Apache authentication modules which use SQL databases to store authentication information are vulnerable to a remote SQL code injection attack. A bug in the MD5 password mechanism causing valid passwords not to authenticate the user has also been fixed. The fixed packages are available from updates.redhat.com.

November 02, 2001 02:12 Red Hat: Updated diffutils packages available

0
When using sdiff in interactive mode, a temporary file is created. The new diffutils packages make sure to create that file in a secure way. The packages are available from updates.redhat.com.

November 02, 2001 02:10 Red Hat: New Zope packages are available

0
The updated packages include a "hotfix" product which addresses a security problem with DTML scripting, as described in the Hotfix_2001-09-28 README.txt file: "The issue involves the fmt attribute of dtml-var tags. Without this correction, Zope does not check security access to methods invoked through fmt. This issue could allow partially trusted users with enough knowledge of Zope to call, in a limited way, methods they would not otherwise be allowed to access." The packages are available from updates.redhat.com.

November 02, 2001 02:08 Red Hat: Updated openssh packages available

0
If a user lists multiple keys in her .ssh/authorized_keys2 file, sshd may in some circumstances not honor the "from" option which can be associated with a key, thereby allowing key-based logins from hosts which should not be allowed access. Fixed packages are available from updates.redhat.com.

November 02, 2001 02:07 Red Hat: New squid packages available to fix FTP-based DoS

0
Certain FTP requests could cause the Squid daemon to abort, making it unavailable for a period of seconds. If enough of these requests are sent in a short period of time, the Squid daemon will not be restarted. Fixed packages are available from updates.redhat.com.

November 02, 2001 02:05 Red Hat: Printing exposes system files to reading.

0
Ghostscript, a postscript interpreter, possess various 'file', 'run', etc., commands internally. It also provides a -dSAFER flag to restrict the use of the commands. However, the -dSAFER flag is meant to protect a user from malicious postscript, not to protect a system from inappropriate snooping by a user, and so it is still possible to _read_ files in the SAFER mode. Fixed packages are available from updates.redhat.com.

November 02, 2001 02:02 Red Hat: Updated OpenLDAP packages available

0
When subjected to the PROTOS LDAPv3 test suite, versions of OpenLDAP 1.2 through 1.2.11 and 2.0 through 2.0.7 were found tohave vulnerabilities which could be exploited by causing them to attempt to decode an improperly encoded request. Fixed packages are available from updates.redhat.com.

October 31, 2001 12:36 SuSE: local privilege escalations in uucp

0
UUCP is a well known tool suite for copying data between unix-like systems. Zen-Parse reported that the higher privileges of uux (UID uucp) aren't dropped if long options instead of normal (short) options are used. An attacker could exploit this hole, by specifying a malicious configuration file to execute and/or access arbitrary data with the privilege of user uucp. Fixed packages are available from ftp.suse.com.

October 30, 2001 09:02 SuSE: squid remote denial of service

0
The squid proxy server can be crashed with a malformed request, resulting in a denial of service attack. After the crash, the squid proxy must be restarted. The weakness can only be triggered from an address that is allowed to send requests, as configured in the squid configuration file. Fixed packages are available from ftp.suse.com.

No avatar October 27, 2001 00:00 Why Time-Restricted Books Are Our Enemy

14
Announcements have been made recently by online publishers that the first few time-restricted books have been made available. This new business model is based on the purchase of a key that lets you decipher an electronic book and read it for, say, 10 hours. After this time has elapsed, you can no longer read the book. In this editorial, I will try to demonstrate that this has terrible implications for the worlds of Free software and free speech.

October 26, 2001 13:53 SuSE: local privilege escalation in kernel

0
The SuSE Linux kernel is a standard kernel, enhanced with a set of additional drivers and other improvements, to suit the end-user's demand for a great variety of drivers for all kind of hardware. Two security related problems have been found in both the 2.2 and 2.4 series kernels which can lead to a) a local DoS and b) can allow a local attacker to gain root privileges. Fixed packages are available from ftp.suse.com, further workarounds are available in the body of this advisory.

October 24, 2001 07:45 SuSE: local privilege escalation/remote DoS in htdig

0
ht://Dig is a powerfull indexing and information gathering tool for the web. ht://Dig's search engine htsearch could be run by a http server as CGI program or standalone as commandline tool. Due to insufficient checking of the running environment it is possible to use commandline options via CGI. An remote attacker could use the -c option to specify /dev/zero as an alternate config file to causes a denial of service for some minutes. To read files with the privilege of the http server by abusing the -c option an attacker needs write access to the server running htsearch. Fixed packages are available from ftp.suse.com

October 23, 2001 13:15 SuSE: local privilege escalation in shadow/login

0
Multiple Linux vendors have issued security announcements about failures of the /bin/login program to properly initialize the privileges of an authenticated user if the PAM module pam_limits is enabled. SuSE developers did not succeed in reproducing the error on SuSE Linux installations since SuSE distributions do not come with the standard login implementation from the util-linux collection. Instead, a version maintained by Thorsten Kukuk is used. This login implementation may cause wrong group IDs to be set in very rare cases. The harm of this bug is therefore considerably small on SuSE Linux. Fixed packages are available from ftp.suse.com.

October 21, 2001 10:39 Debian: New nvi packages fix format string vulnerability

0
Takeshi Uno found a very stupid format string vulnerability in all versions of nvi (in both, the plain and the multilingualized version). When a filename is saved, it ought to get displayed on the screen. The routine handling this didn't escape format strings. Fixed packages are available from security.debian.org.

No avatar October 20, 2001 00:00 Programming Linux Games

2
I really enjoyed reading this book. John "Overcode" Hall obviously likes playing and programming games, and his enthusiasm is contagious. His book is both an entertaining read and a useful tutorial and reference for people who want to do game programming on Linux.

October 19, 2001 01:00 Debian: New gftp packages won't display the password

0
Stephane Gaudreault told us that version 2.0.6a of gftp displays the password in plain text on the screen within the log window when it is logging into an ftp server. A malicious collegue who is watching the screen could gain access to the users shell on the remote machine. Fixed packages are available from security.debian.org.

October 18, 2001 09:47 Debian: New procmail packages fix insecure signal handling

0
Using older versions of procmail it was possible to make procmail crash by sending it signals. On systems where procmail is installed setuid this could be exploited to obtain unauthorized privileges. Fixed packages are available from security.debian.org.

October 18, 2001 09:39 Debian: New Xvt packages fix buffer overflow

0
Christophe Bailleux reported on bugtraq that Xvt is vulnerable to a buffer overflow in its argument handling. Since Xvt is installed setuid root, it was possible for a normal user to pass carefully-crafted arguments to xvt so that xvt executed a root shell. Fixed packages are available from security.debian.org.

October 18, 2001 09:29 Debian: New w3m packages fix buffer overflow

0
In SNS Advisory No. 32 a buffer overflow vulnerability has been reported in the routine which parses MIME headers that are returned from web servers. A malicious web server administrator could exploit this and let the client web browser execute arbitrary code. W3m handles MIME headers included in the request/response message of HTTP communication like any other we bbrowser. A buffer overflow will be occur when w3m receives a MIME encoded header with base64 format. Fixed packages are available from security.debian.org.

October 17, 2001 02:53 Debian: New ht://Dig packages fix vulnerability

0
Nergal reported a vulnerability in the htsearch program which is distributed as part of the ht://Dig package, a indexing and searching system for small domains or intranets. Using former versions it was able to pass the parameter `-c' to the cgi program in order to use a different configuration file. A malicious user could point htsearch to a file like `/dev/zero' and let the server run in an endless loop, trying to read config parameters. If the user has write permission on the server he can point the program to it and retrive any file readable by the webserver user id. Fixed packages are available from security.debian.org.

No avatar October 13, 2001 00:00 It's Always the User's Fault

51
Here I am, checking a new Web application for bugs. I am one of five people who will use this software, and all five of us have found bugs or missing features. As requested, we email our bug reports and feature requests to the development team, and what we hear back on almost every bug report is, "It's your fault. You didn't do [insert action here] correctly. It worked fine for me!"

October 10, 2001 14:35 SuSE: local privilege escalation in lprold

0
ISS X-Force reported an overflow in BSD's lineprinter daemon shipped with the lprold package in SuSE Linux. Due to missing bounds checks in the lockfile processing function, internal buffers may overflow. Bounds checks have been added to fix that problem. Updated packages are available from ftp.suse.com.

No avatar October 06, 2001 00:00 Non-SQL Databases for Linux

13
The best-known databases these days are based on SQL, but are often overkill for what you need to do. This review discusses lighterweight alternatives, including xBase, DBM, and ISAM systems.

No avatar September 30, 2001 00:00 SQL Databases for Linux

22
So you find you need to store some data on your Linux system, and are wondering what program to use... There are a vast array of database systems available for use on Linux. Some are simple, some sophisticated, some cheap, some expensive. One of the first things you ought to do is ask yourself what you need to do with the database, as that is critical to bringing the number of choices down from "stupendously bewildering" to merely "astoundingly many."

September 25, 2001 03:31 Red Hat: Updated man package fixing GID security problems

0
Updated man packages are available for Red Hat Linux fixing a local GID man exploit and a potential GID man to root exploit, as well as a problem with the man paths of Red Hat Linux 5.x and 6.x. The packages are available from updates.redhat.com.
Screenshot

Project Spotlight

Jolokia

A JMX remoting alternative to JSR-160 connectors.

Screenshot

Project Spotlight

MSS Code Factory

A rule-based expert system for manufacturing source code.