Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Gentoo Linux Advisory: mindi, gallery, phpwebsite, eroaster, atari800, vmware, pam_smb, horde

Sep 03, 2003, 01:10 (0 Talkback[s])

GENTOO LINUX SECURITY ANNOUNCEMENT 200309-05
PACKAGE : mindi
SUMMARY : insecure file creations
DATE : 2003-09-02 10:37 UTC
EXPLOIT : local

VERSIONS AFFECTED : <mindi-0.86
FIXED VERSION : >=mindi-0.86
CVE : CAN-2003-0617


Mindi creates files in /tmp which could allow local user to overwrite arbitrary files.

SOLUTION

It is recommended that all Gentoo Linux users who are running sys-apps/mindi upgrade to mindi-0.86 as follows:

emerge sync
emerge mindi
emerge clean


aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz

GENTOO LINUX SECURITY ANNOUNCEMENT 200309-06
PACKAGE : gallery
SUMMARY : cross site scripting
DATE : 2003-09-02 11:11 UTC
EXPLOIT : remote

VERSIONS AFFECTED : <gallery-1.3.4_p1
FIXED VERSION : >=gallery-1.3.4_p1
CVE : CAN-2003-0614


quote from cve:

"Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter."

SOLUTION

It is recommended that all Gentoo Linux users who are running app-misc/gallery upgrade to gallery-1.3.4_p1 as follows:

emerge sync
emerge gallery
emerge clean


aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz

GENTOO LINUX SECURITY ANNOUNCEMENT 200309-03
PACKAGE : phpwebsite
SUMMARY : SQL Injection, DoS and XSS Vulnerabilities
DATE : 2003-09-02 08:54 UTC
EXPLOIT : remote

VERSIONS AFFECTED : <phpwebsite-0.9.3_p1
FIXED VERSION : >=phpwebsite-0.9.3_p1
CVE :


phpwebsite contains an sql injection vulnerability in the calendar module which allows the attacker to execute sql queries.

In addition phpwebsite is also vulnerable to XSS, more information can be found in the full advisory.

Read the full advisory at:
http://marc.theaimsgroup.com/?l=bugtraq&m=106062021711496&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running net-www/phpwebsite upgrade to phpwebsite-0.9.3_p1 as follows:

emerge sync
emerge phpwebsite
emerge clean


aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz

GENTOO LINUX SECURITY ANNOUNCEMENT 200309-04
PACKAGE : eroaster
SUMMARY : symlink attack
DATE : 2003-09-02 09:57 UTC
EXPLOIT : local

VERSIONS AFFECTED : <eroaster-2.1.0-r2
FIXED VERSION : >=eroaster-2.1.0-r2
CVE : CAN-2003-0656


Previous eroaster versions allowwed local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.

SOLUTION

It is recommended that all Gentoo Linux users who are running app-cdr/eroaster upgrade to eroaster-2.1.0-r2 as follows:

emerge sync
emerge eroaster
emerge clean


aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz

GENTOO LINUX SECURITY ANNOUNCEMENT 200309-07
PACKAGE : atari800
SUMMARY : buffer overflow
DATE : 2003-09-02 14:03 UTC
EXPLOIT : local

VERSIONS AFFECTED : <atari800-1.3.0-r1
FIXED VERSION : >=atari800-1.3.0-r1
CVE : CAN-2003-0630


atar800 contains a buffer overflow which could be used by an attacker to gain root privileges. Altough the atari800 package in Gentoo does not install any files suid root we encourage our users to upgrade.

SOLUTION

It is recommended that all Gentoo Linux users who are running app-emulation/atari800 upgrade to atari800-1.3.0-r1 as follows:

emerge sync
emerge atari800
emerge clean


aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz

GENTOO LINUX SECURITY ANNOUNCEMENT 200308-03.1
PACKAGE : vmware
SUMMARY : insecure symbolic links
DATE : 2003-09-01 13:42 UTC
EXPLOIT : local

VERSIONS AFFECTED : <vmware-workstation-4.0.2.5592
FIXED VERSION : >=vmware-workstation-4.0.2.5592
CVE :


The previous GLSA 200308-03 was wrong when it stated that vmware-workstation-4.0.1-5289 would fix the problems described in the advisory.

SOLUTION

It is recommended that all Gentoo Linux users who are running app-emulation/vmware-workstation-4.x upgrade to vmware-workstation-4.0.1-5289 as follows

emerge sync
emerge =app-emulation/vmware-workstation/vmware-workstation-4.0.2.5592
emerge clean


aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz

GENTOO LINUX SECURITY ANNOUNCEMENT 200309-01
PACKAGE : pam_smb
SUMMARY : buffer overflow
DATE : 2003-09-01 12:46 UTC
EXPLOIT : remote

VERSIONS AFFECTED : <pam_smb-2.0.0_rc5
FIXED VERSION : >=pam_smb-2.0.0_rc5
CVE : CAN-2003-0686


quote from Debian DSA-374-1:

"If a long password is supplied, this can cause a buffer overflow which could be exploited to execute arbitrary code with the privileges of the process which invokes PAM services."

SOLUTION

It is recommended that all Gentoo Linux users who are running net-misc/pam_smb upgrade to pam_smb-2.0.0_rc5 as follows

emerge sync
emerge pam_smb
emerge clean


aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz

GENTOO LINUX SECURITY ANNOUNCEMENT 200309-02
PACKAGE : horde
SUMMARY : session hijacking
DATE : 2003-09-01 14:28 UTC
EXPLOIT : remote

VERSIONS AFFECTED : <vmware-workstation-4.0.2.5592
FIXED VERSION : >=vmware-workstation-4.0.2.5592
CVE :


quote from advisory:
"An attacker could send an email to the victim who ago use of HORDE MTA in order to push it to visit a website. The website in issue log all the accesses and describe in the particular the origin of every victim."

Read the full advisory at:
http://marc.theaimsgroup.com/?l=bugtraq&m=106081310531567&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running net-www/horde upgrade to horde-2.2.4_rc2 as follows:

emerge sync
emerge horde
emerge clean


aliz@gentoo.org - GnuPG key is available at http://dev.gentoo.org/~aliz