Skip to main content

Linux Advisory Watch - September 14th 2001

posted onSeptember 14, 2001
by hitbsecnews

This week, advisories were released for fetchmail, sendmail, xinetd, bugzilla,
apache-contrib, uucp, and xloadimage. The vendors include Caldera, Conectiva, Red Hat,
and SuSE. It has been a tragic week. Our own Dave Wreski writes, "Today's events mark
more than a display of courage by Americans, an effort to exact retribution on those who
committed this senseless act, and how this country will be changed as a result. It directly
impacts us all on an international scale as individual architects of the global Internet."

L33tdawg: The full report is in the readmore.

By LinuxSecurity.com Contributors
Posted By: Benjamin D. Thomas.
9/14/2001 2:09.

Special: International Security, Privacy and Solidarity
http://www.linuxsecurity.com/feature_stories/feature_story-92.html

Packages Vendors fetchmail Red Hat sendmail Red Hat xinetd Red Hat bugzilla Red Hat apache-contrib SuSE uucp Caldera, Conectiva xloadimage Mandrake

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Linux Advisory Watch is a comprehensive newsletter that outlinesthe security vulnerabilities that have been announced throughout the week.It includes pointers to updated packages and descriptions of each vulnerability.

fetchmail

Fetchmail versions up to 5.8.9 are susceptible to remote attacks from malicious servers. When fetchmail attempts to create an index of messages in the remote mailbox being polled, it uses index numbers sent by the server as an index into an internal array. If a server sends fetchmail a negative number, fetchmail will attempt to write data outside the bounds of the array.

Red Hat 7.1: i386:
ftp://updates.redhat.com/7.1/en/os/i386/
fetchmail-5.9.0-0.7.1.i386.rpm
50d7a9d1276701fc425a6bc42d9e4e95

ftp://updates.redhat.com/7.1/en/os/i386/
fetchmailconf-5.9.0-0.7.1.i386.rpm
77e22d5c9d02d26ba9013df9e25ee71d

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1601.html

sendmail

An input validation error in the debugging functionality of all currently released versions of sendmail can enable a local user to gain root access. New packages that fix this problem are available for Red Hat Linux 5.2, 6.2, 7.0, and 7.1.

i386:
ftp://updates.redhat.com/7.1/en/os/i386/
sendmail-8.11.6-1.7.1.i386.rpm
15237d7b23d9108f8dd1c42e3091d37a

ftp://updates.redhat.com/7.1/en/os/i386/
sendmail-cf-8.11.6-1.7.1.i386.rpm
8768f3d21e52716dfb6af035fe0760ff

ftp://updates.redhat.com/7.1/en/os/i386/
sendmail-doc-8.11.6-1.7.1.i386.rpm
2e167dfbeade1d2cb6641ce3a901ed43

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1602.html

xinetd

A security audit has been done by Solar Designer on xinetd, and the results are now being made available as a preemptive measure. Also, memsetting too much memory to 0 would eventually lead to segfaults when executing services. This internal bug was fixed.

Red Hat 7.1: i386:
ftp://updates.redhat.com/7.1/en/os/i386/
xinetd-2.3.3-1.i386.rpm
548a0c82a06b69d1c24ed6f23dfd14f3

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1603.html

bugzilla

The updated bugzilla package fixes numerous security issues which were present in previous releases of bugzilla.

Red Hat 7.1 i386:
ftp://updates.redhat.com/7.1/en/powertools/i386/
perl-Chart-0.99c.pre3-1.i386.rpm
90dd575efe9bb5fa967b78be84f2bcd9

ftp://updates.redhat.com/7.1/en/powertools/i386/
perl-GD-1.33-1.i386.rpm
1e1babf666f35b529dd4831e8d4f49a6

ftp://updates.redhat.com/7.1/en/powertools/i386/
perl-DBD-MySQL-1.2215-1.i386.rpm
2867be3dbdc4c2fdc3d026578d55b4aa

Red Hat Vendor Advisory:
http://www.linuxsecurity.com/advisories/redhat_advisory-1604.html

apache-contrib

The Apache module mod_auth_mysql 1.4,which is shipped since SuSE Linux 7.1, was found vulnerable to possible bypass authentication by MySQL command injection. An adversary could insert MySQL commands along with a password and these commands will be interpreted by MySQL while mod_auth_mysql is doing the password lookup in the database. A positive authentication could be returned.

SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/
apache-contrib-1.0.9-94.i386.rpm
7c84f6c3f8aaf2b96a312fea4d36abce

SuSE Vendor Advisory:
http://www.linuxsecurity.com/advisories/suse_advisory-1605.html

uucp

There is a argument handling problem which allows a local attacker to gain access to the uucp group. Using this access the attacker could use badly written scripts to gain access to the root account.

PLEASE SEE VENDOR ADVISORY

Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-1606.html

Conectiva Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-1608.html

xloadimage

A buffer overflow exists in xli due to missing boundary checks. This could be triggered by an external attacker to execute commands on the
victim's machine. An exploit is publically available. xli is an image viewer that is used by Netscape's plugger to display TIFF, PNG, and
Sun-Raster images.

Mandrake Linux 8.0:
8.0/RPMS/xli-1.17.0-1.1mdk.i586.rpm
f1eff4c239eaebb0ff41f169de8ccd3e

http://www.linux-mandrake.com/en/ftp.php3

Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-1609.html

Linux Security.

Source

Tags

Red Hat

You May Also Like

Recent News

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th

Thursday, June 6th