+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| September 10th, 2004 Volume 5, Number 36a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@linuxsecurity.com ben@linuxsecurity.com
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.
It includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for imlib, krb5, and kernel. The
distributors include Fedora, Mandrake, and Suse.
-----
Internet Productivity Suite: Open Source Security <<
Trust Internet Productivity Suite's open source architecture to give you
the best security and productivity applications available. Collaborating
with thousands of developers, Guardian Digital security engineers
implement the most technologically advanced ideas and methods into their
design.
http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=gdn10
-----
BIOS Security
The BIOS is the lowest level of software that configures or manipulates
your x86-based hardware.
LILO and other Linux boot methods access the BIOS to determine how to boot
up your Linux machine. Other hardware that Linux runs on has similar
software (OpenFirmware on Macs and new Suns, Sun boot PROM, etc...). You
can use your BIOS to prevent attackers from rebooting your machine and
manipulating your Linux system.
Most PC BIOSs let you set a boot password. This doesn't provide all that
much security (the BIOS can be reset, or removed if someone can get into
the case), but might be a good deterrent (i.e. it will take time and leave
traces of tampering). Similarly, on SPARC/Linux (Linux for SPARC(tm)
processor machines), your EEPROM can be set to require a boot-up password.
This might slow attackers down.
Many PC BIOSs also allow you to specify various other good security
settings. Check your BIOS manual or look at it the next time you boot up.
For example, most BIOSs disallow booting from floppy drives and some
require passwords to access some BIOS features.
Note: If you have a server machine, and you set up a boot password, your
machine will not boot up unattended. Keep in mind that you will need to
come in and supply the password in the event of a power failure.
Security Tip Written by Dave Wreski (dave@linuxsecurity.com)
Additional tips are available at the following URL:
http://www.linuxsecurity.com/tips/
-----
AIDE and CHKROOTKIT
Network security is continuing to be a big problem for companies and home
users. The problem can be resolved with an accurate security analysis. In
this article I show how to approach security using aide and chkrootkit.
http://www.linuxsecurity.com/feature_stories/feature_story-173.html
---------------------------------------------------------------------
An Interview with Gary McGraw, Co-author of Exploiting Software:
How to Break Code
Gary McGraw is perhaps best known for his groundbreaking work on securing
software, having co-authored the classic Building Secure Software
(Addison-Wesley, 2002). More recently, he has co-written with Greg Hoglund
a companion volume, Exploiting Software, which details software security
from the vantage point of the other side, the attacker. He has graciously
agreed to share some of his insights with all of us at LinuxSecurity.com
http://www.linuxsecurity.com/feature_stories/feature_story-171.html
------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
9/10/2004 - imlib-1.9.13-15.fc Security update (core1)
Several heap overflow vulnerabilities have been found in the imlib
BMP image handler. An attacker could create a carefully crafted
BMP file in such a way that it would cause an application linked
with imlib to execute arbitrary code when the file was opened by a
victim.
http://www.linuxsecurity.com/advisories/fedora_advisory-4731.html
+---------------------------------+
| Distribution: Mandrake | ----------------------------//
+---------------------------------+
9/1/2004 - krb5
multiple vulnerabilities
A double-free vulnerability exists in the MIT Kerberos 5's KDC
program that could potentially allow a remote attacker to execute
arbitrary code on the KDC host.
http://www.linuxsecurity.com/advisories/mandrake_advisory-4726.html
+---------------------------------+
| Distribution: Suse | ----------------------------//
+---------------------------------+
9/1/2004 - kernel
vulnerabilities
Various signedness issues and integer overflows have been fixed
within kNFSd and the XDR decode functions of kernel 2.6.
http://www.linuxsecurity.com/advisories/suse_advisory-4728.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
_________________________________________
Donate online for the Ron Santo Walk to Cure Diabetes -
http://www.c4i.org/ethan.html
