Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Trustix Secure Linux Advisories: kerberos5, apache

Jun 03, 2004, 12:58 (0 Talkback[s])

Trustix Secure Linux Security Advisory #2004-0032

Package name: kerberos5
Summary: buffer overflows in krb5_aname_to_localname
Date: 2004-06-02
Affected versions: Trustix Secure Linux 2.1 Trustix Secure Enterprise Linux 2


Package description:
(MIT) Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.

Problem description:
The krb5_aname_to_localname() library function contains multiple buffer overflows which could be exploited to gain unauthorized root access. Exploitation of these flaws requires an unusual combination of factors, including successful authentication to a vulnerable service and a non-default configuration on the target service. (See MITIGATING FACTORS below.) No exploits are known to exist yet.

Action:
We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system.

Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>

About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater.

Automatic updates:
Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'.

Public testing:
Most updates for Trustix Secure Linux are made available for public testing some time before release.
If you want to contribute by testing the various packages in the testing tree, please feel free to share your findings on the tsl-discuss mailinglist.
The testing tree is located at
<URI:http://tsldev.trustix.org/horizon/>

You may also use swup for public testing of updates:

  site {
      class = 0
      location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
      regexp = ".*"
  }

Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>

Verification:
This advisory along with all Trustix packages are signed with the TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>

The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.1/>
or directly at
<URI:http://www.trustix.org/errata/2004/0032>

MD5sums of the packages:


fb2a416813354ef72793e307109384fc tsel-2/kerberos5-1.3.3-1tr.i586.rpm
3f891b8401083dbd82c1e29214a62093 tsel-2/kerberos5-devel-1.3.3-1tr.i586.rpm
497a9d37c85dc96d54adf6a72aa98d59 tsel-2/kerberos5-libs-1.3.3-1tr.i586.rpm

d4ad236619b37fbca2f87df1db67f914 2.1/rpms/kerberos5-1.3.3-1tr.i586.rpm
c862afd9f44da7f5c422ba57a09d63d0 2.1/rpms/kerberos5-devel-1.3.3-1tr.i586.rpm
23d5c42a1e4bb14a4737af80909f8915 2.1/rpms/kerberos5-libs-1.3.3-1tr.i586.rpm


Trustix Security Team


Trustix Secure Linux Security Advisory #2004-0031

Package name: apache
Summary:
Date: 2004-06-02
Affected versions: Trustix Secure Linux 1.5 Trustix Secure Linux 2.0 Trustix Secure Linux 2.1 Trustix Secure Enterprise Linux 2


Package description:
Apache is a full featured web server that is freely available, and also happens to be the most widely used. Built with loadable modules (all standard modules enabled). This verion is intended as a replacement for a standard apache, the configuration files provided with apache and apache-ssl are unchanged.

Problem description:
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488

Action:
We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system.

Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>

About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater.

Automatic updates:
Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'.

Public testing:
Most updates for Trustix Secure Linux are made available for public testing some time before release.
If you want to contribute by testing the various packages in the testing tree, please feel free to share your findings on the tsl-discuss mailinglist.
The testing tree is located at
<URI:http://tsldev.trustix.org/horizon/>

You may also use swup for public testing of updates:

  site {
      class = 0
      location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
      regexp = ".*"
  }

Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>

Verification:
This advisory along with all Trustix packages are signed with the TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>

The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-1.5/>,
<URI:http://www.trustix.org/errata/trustix-2.0/> and
<URI:http://www.trustix.org/errata/trustix-2.1/>
or directly at
<URI:http://www.trustix.org/errata/2004/0031>

MD5sums of the packages:


3ed253daf8927be60212442a3050f691 tsel-2/apache-2.0.49-7tr.i586.rpm
9fb3d9424f6fc1ec4289712a20899fa7 tsel-2/apache-dbm-2.0.49-7tr.i586.rpm
9fe83b2b8894d2980f7854b42d5c026b tsel-2/apache-devel-2.0.49-7tr.i586.rpm
36b13c423f17d903616a7483264370eb tsel-2/apache-manual-2.0.49-7tr.i586.rpm

79942721f12067c42160376c853d4f49 2.1/rpms/apache-2.0.49-7tr.i586.rpm
c6cb07a964b4147f208b20fd6f4ab5ba 2.1/rpms/apache-dbm-2.0.49-7tr.i586.rpm
8b3739ca31dc03d0e48771ea220f21b1 2.1/rpms/apache-devel-2.0.49-7tr.i586.rpm
a9f53eed9b923741c77432bdfbfc91e4 2.1/rpms/apache-manual-2.0.49-7tr.i586.rpm

9e142f0ccbc2978e76cfeb0aa6085143 2.0/rpms/apache-2.0.49-2tr.i586.rpm
c9fc1991963a238c48c9b82c0c00def4 2.0/rpms/apache-devel-2.0.49-2tr.i586.rpm
8bad2bf97c4fb5e8cb65aec53b0dec31 2.0/rpms/apache-manual-2.0.49-2tr.i586.rpm

1b6c4c97d574094142525409a75dc706 1.5/rpms/apache-1.3.31-2tr.i586.rpm
9c0db86b4fe6f0d689bfcb7a404a8530 1.5/rpms/apache-devel-1.3.31-2tr.i586.rpm


Trustix Security Team