Mandrake Linux Advisory: pam, snort
Apr 29, 2003, 14:25 (0 Talkback[s])
______________________________________________________________________
Mandrake Linux Security Update Advisory
______________________________________________________________________
Package name: pam
Advisory ID: MDKSA-2003:017-1
Date: April 28th, 2003
Original Advisory Date: February 18th, 2003
Affected versions: 8.2, 9.0, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Andreas Beck discovered that the pam_xauth module would forward
authorization information from the root account to unprivileged users.
This can be exploited by a local attacker to gain access to the root
user's X session. In order for it to be successfully exploited, the
attacker would have to somehow get the root user to su to the account
belonging to the attacker.
Update:
The previous fix was incorrect because certain applications, such as
userdrake and net_monitor could not be executed as root, although they
could be executed as users who successfully authenticated as root.
______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1160
______________________________________________________________________
Updated Packages:
Corporate Server 2.1:
642e1ead88ac4679f9bbad1d8174a79b corporate/2.1/RPMS/pam-0.75-25.2mdk.i586.rpm
47879bd2cd7468565296c804214e7fa4 corporate/2.1/RPMS/pam-devel-0.75-25.2mdk.i586.rpm
e421f141318950a00d5efd745726643a corporate/2.1/RPMS/pam-doc-0.75-25.2mdk.i586.rpm
aeddf8bd57bf469e2a1ff293471c7585 corporate/2.1/SRPMS/pam-0.75-25.2mdk.src.rpm
Mandrake Linux 8.2:
709506d5d500486efcc5d35a543fe9b3 8.2/RPMS/pam-0.75-25.2mdk.i586.rpm
9371a15d63964d3dce4181482afdbed5 8.2/RPMS/pam-devel-0.75-25.2mdk.i586.rpm
44e824293900efca4d55d659d4d5a217 8.2/RPMS/pam-doc-0.75-25.2mdk.i586.rpm
aeddf8bd57bf469e2a1ff293471c7585 8.2/SRPMS/pam-0.75-25.2mdk.src.rpm
Mandrake Linux 8.2/PPC:
525eed58c1581c301a57489164d7a698 ppc/8.2/RPMS/pam-0.75-25.2mdk.ppc.rpm
7db1aed626b2413e0f3c1b4c555de6dd ppc/8.2/RPMS/pam-devel-0.75-25.2mdk.ppc.rpm
88ce92857b13e18100cf42091f3f0fee ppc/8.2/RPMS/pam-doc-0.75-25.2mdk.ppc.rpm
aeddf8bd57bf469e2a1ff293471c7585 ppc/8.2/SRPMS/pam-0.75-25.2mdk.src.rpm
Mandrake Linux 9.0:
642e1ead88ac4679f9bbad1d8174a79b 9.0/RPMS/pam-0.75-25.2mdk.i586.rpm
47879bd2cd7468565296c804214e7fa4 9.0/RPMS/pam-devel-0.75-25.2mdk.i586.rpm
e421f141318950a00d5efd745726643a 9.0/RPMS/pam-doc-0.75-25.2mdk.i586.rpm
aeddf8bd57bf469e2a1ff293471c7585 9.0/SRPMS/pam-0.75-25.2mdk.src.rpm
Multi Network Firewall 8.2:
709506d5d500486efcc5d35a543fe9b3 mnf8.2/RPMS/pam-0.75-25.2mdk.i586.rpm
aeddf8bd57bf469e2a1ff293471c7585 mnf8.2/SRPMS/pam-0.75-25.2mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of
FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig <filename>
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:
https://www.mandrakesecure.net/RPM-GPG-KEYS
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
______________________________________________________________________
Mandrake Linux Security Update Advisory
______________________________________________________________________
Package name: snort
Advisory ID: MDKSA-2003:052
Date: April 28th, 2003
Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
An integer overflow was discovered in the Snort stream4 preprocessor
by the Sourcefire Vulnerability Research Team. This preprocessor
(spp_stream4) incorrectly calculates segment size parameters during
stream reassembly for certainm sequence number ranges. This can
lead to an integer overflow that can in turn lead to a heap overflow
that can be exploited to perform a denial of service (DoS) or even
remote command excution on the host running Snort.
Disabling the stream4 preprocessor will make Snort invulnerable to
this attack, and the flaw has been fixed upstream in Snort version
2.0. Snort versions 1.8 through 1.9.1 are vulnerable.
______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0209
http://www.snort.org/advisories/snort-2003-04-16-1.txt
______________________________________________________________________
Updated Packages:
Corporate Server 2.1:
97c817bc7ddb5e1a89f4479668cf59f0 corporate/2.1/RPMS/snort-2.0.0-2.1mdk.i586.rpm
ca9dec4bc5ba46f80a0724f6e0f5a138 corporate/2.1/RPMS/snort-bloat-2.0.0-2.1mdk.i586.rpm
0262bcb71eea556cbee8c421e4ad1511 corporate/2.1/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.i586.rpm/
8dd41f46553707dc3adc6a82855df2ba corporate/2.1/RPMS/snort-mysql-2.0.0-2.1mdk.i586.rpm
46ad883dad9f77ce6d978171eb03de67 corporate/2.1/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.i586.rpm/
3dd354f0c849c9765451b51fa93a0b4e corporate/2.1/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.i586.rpm/
8735c537e40937a7b3ae3f3c38d55162 corporate/2.1/RPMS/snort-postgresql-2.0.0-2.1mdk.i586.rpm
73a866acec5d6e1abdde902d0d893968 corporate/2.1/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.i586.rpm/
cc0a606a5409213934b0c06fe2d44433 corporate/2.1/RPMS/snort-snmp-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181 corporate/2.1/SRPMS/snort-2.0.0-2.1mdk.src.rpm
Mandrake Linux 8.2:
a4514c067f2409606fe7706a35d8f3f7 8.2/RPMS/snort-2.0.0-2.1mdk.i586.rpm
5c2f61da6ce991e630a23dffbeee2814 8.2/RPMS/snort-bloat-2.0.0-2.1mdk.i586.rpm
242237fafcc77f29b9b6cdc71db27cdc 8.2/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.i586.rpm/
75a9dc76a726e93e1876c35d7eafa543 8.2/RPMS/snort-mysql-2.0.0-2.1mdk.i586.rpm
9230a8bf2966eda057b4903edb2e6e8c 8.2/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.i586.rpm/
08efb60f8fa7f117903f3267e92c1937 8.2/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.i586.rpm/
a993826c9b4a74cfde1a36f3b209c3a9 8.2/RPMS/snort-postgresql-2.0.0-2.1mdk.i586.rpm
9700de212e797fb49d59859bd0faeef8 8.2/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.i586.rpm/
781cafab6d9ca1e7de0d53a9f0a6ad20 8.2/RPMS/snort-snmp-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181 8.2/SRPMS/snort-2.0.0-2.1mdk.src.rpm
Mandrake Linux 8.2/PPC:
2961264210fb026e70c76bc20db4a109 ppc/8.2/RPMS/snort-2.0.0-2.1mdk.ppc.rpm
4efd69038a64483af014ed3da0bda40e ppc/8.2/RPMS/snort-bloat-2.0.0-2.1mdk.ppc.rpm
1618da9f7f393f384f2fa3620d5756ab ppc/8.2/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.ppc.rpm/
26772c8ca76f47d33d75a2bae9c4b030 ppc/8.2/RPMS/snort-mysql-2.0.0-2.1mdk.ppc.rpm
1954dd955a26e4fafe053e1ed418fe7f ppc/8.2/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.ppc.rpm/
84f600f2013d88faecc4a19613a16cf2 ppc/8.2/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.ppc.rpm/
a32214c7f3ab03681956054f61d4071f ppc/8.2/RPMS/snort-postgresql-2.0.0-2.1mdk.ppc.rpm
76b030fb690c654ff008ee0d2bfdee95 ppc/8.2/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.ppc.rpm/
d365692eb1fd386fb9f1fb4b87973f2a ppc/8.2/RPMS/snort-snmp-2.0.0-2.1mdk.ppc.rpm
2efb9950c70248f94b561f76bef88181 ppc/8.2/SRPMS/snort-2.0.0-2.1mdk.src.rpm
Mandrake Linux 9.0:
97c817bc7ddb5e1a89f4479668cf59f0 9.0/RPMS/snort-2.0.0-2.1mdk.i586.rpm
ca9dec4bc5ba46f80a0724f6e0f5a138 9.0/RPMS/snort-bloat-2.0.0-2.1mdk.i586.rpm
0262bcb71eea556cbee8c421e4ad1511 9.0/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.i586.rpm/
8dd41f46553707dc3adc6a82855df2ba 9.0/RPMS/snort-mysql-2.0.0-2.1mdk.i586.rpm
46ad883dad9f77ce6d978171eb03de67 9.0/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.i586.rpm/
3dd354f0c849c9765451b51fa93a0b4e 9.0/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.i586.rpm/
8735c537e40937a7b3ae3f3c38d55162 9.0/RPMS/snort-postgresql-2.0.0-2.1mdk.i586.rpm
73a866acec5d6e1abdde902d0d893968 9.0/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.i586.rpm/
cc0a606a5409213934b0c06fe2d44433 9.0/RPMS/snort-snmp-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181 9.0/SRPMS/snort-2.0.0-2.1mdk.src.rpm
Mandrake Linux 9.1:
3436f5a3ec275a9e8d38b32a3e885b20 9.1/RPMS/snort-2.0.0-2.1mdk.i586.rpm
c63d4e80b2b69dc8469a401d62e65de2 9.1/RPMS/snort-bloat-2.0.0-2.1mdk.i586.rpm
0e12b7b79706198f6351c1d55d6c29a6 9.1/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.i586.rpm/
501bbbcfb86e0dbc5a1450f97d5df972 9.1/RPMS/snort-mysql-2.0.0-2.1mdk.i586.rpm
b4151478633c30590a605e8fe110852e 9.1/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.i586.rpm/
7f58e498e92d7b32bfa6c4b7a85c36c1 9.1/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.i586.rpm/
b576a20571664d450504b3a51aae0417 9.1/RPMS/snort-postgresql-2.0.0-2.1mdk.i586.rpm
76cb1fc010b384ef5ba0c236d85ce6e5 9.1/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.i586.rpm/
fca545c28a94eaabc6f10d7528d0e82c 9.1/RPMS/snort-snmp-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181 9.1/SRPMS/snort-2.0.0-2.1mdk.src.rpm
Mandrake Linux 9.1/PPC:
6fedffede24c0334a8eeb858a826482f ppc/9.1/RPMS/snort-2.0.0-2.1mdk.ppc.rpm
753051524999ae9f082e124bfc949ec2 ppc/9.1/RPMS/snort-bloat-2.0.0-2.1mdk.ppc.rpm
905246e8240c13006760bbd56c0fbe9b ppc/9.1/RPMS/snort-mysql+flexresp-2.0.0-2.1mdk.ppc.rpm/
b8adb28a28341780014339e9cd1f4b8a ppc/9.1/RPMS/snort-mysql-2.0.0-2.1mdk.ppc.rpm
d1537b80ce0d15e290d129edf9b6f02e ppc/9.1/RPMS/snort-plain+flexresp-2.0.0-2.1mdk.ppc.rpm/
16b0bbbc4729f8fdaf7d0554b45cd0e5 ppc/9.1/RPMS/snort-postgresql+flexresp-2.0.0-2.1mdk.ppc.rpm/
972676cf613c1d1313a6bf68d7f9f0d6 ppc/9.1/RPMS/snort-postgresql-2.0.0-2.1mdk.ppc.rpm
7c79443a574b81db3345bac3c11c2f16 ppc/9.1/RPMS/snort-snmp+flexresp-2.0.0-2.1mdk.ppc.rpm/
4df4eef406078666a682a01935975678 ppc/9.1/RPMS/snort-snmp-2.0.0-2.1mdk.ppc.rpm
2efb9950c70248f94b561f76bef88181 ppc/9.1/SRPMS/snort-2.0.0-2.1mdk.src.rpm
Multi Network Firewall 8.2:
a4514c067f2409606fe7706a35d8f3f7 mnf8.2/RPMS/snort-2.0.0-2.1mdk.i586.rpm
2efb9950c70248f94b561f76bef88181 mnf8.2/SRPMS/snort-2.0.0-2.1mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of
FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig <filename>
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:
https://www.mandrakesecure.net/RPM-GPG-KEYS
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
