Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


LBA-Linux Advisories: samba, krb5, httpd

Sep 27, 2004, 15:14 (0 Talkback[s])

LBA-Linux Security Advisory

Subject: Updated samba package for LBA-Linux R1
Advisory ID: LBASA-2004:37
Date: Friday, September 24, 2004
Product: LBA-Linux R1


Problem description:

Two vulnerabilities were discovered in samba 3.0.x; the first is a defect in smbd's ASN.1 parsing that allows an attacker to send a specially crafted packet during the authentication request which will send the newly spawned smbd process into an infinite loop. As a result, it is possible to use up all available memory on the server.

The second vulnerability is in nmbd's processing of mailslot packets which could allow an attacker to anonymously crash nmbd.

Updated packages:

LBA-Linux R1:

i386:
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/samba-3.0.7-2.lba.1.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/samba-client-3.0.7-2.lba.1.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/samba-common-3.0.7-2.lba.1.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/samba-swat-3.0.7-2.lba.1.i386.rpm

Upgrading your system:

To apply this security update to your LBA-Linux system, run the Updater tool from the LBA-Linux root desktop:

  1. Log in to your LBA-Linux desktop as the root user.
  2. Click on the penguin icon at the lower left of the display, and select the menu item SYSTEM TOOLS>UPDATER.
  3. Click on the item named samba to highlight it.
  4. Click on the PACKAGE menu in the menu bar, and select the UPGRADE action.
  5. Confirm the upgrade by clicking the APPLY button in Updater's main toolbar.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808

Copyright(c) 2001-2004 SOT


LBA-Linux Security Advisory

Subject: Updated krb5 package for LBA-Linux R1
Advisory ID: LBASA-2004:38
Date: Friday, September 24, 2004
Product: LBA-Linux R1


Problem description:

A double-free vulnerability exists in the MIT Kerberos 5's KDC program that could potentially allow a remote attacker to execute arbitrary code on the KDC host. As well, multiple double-free vulnerabilities exist in the krb5 library code, which makes client programs and application servers vulnerable. The MIT Kerberos 5 development team believes that exploitation of these bugs would be difficult and no known vulnerabilities are believed to exist. The vulnerability in krb524d was discovered by Marc Horowitz; the other double-free vulnerabilities were discovered by Will Fiveash and Nico Williams at Sun.

Will Fiveash and Nico Williams also found another vulnerability in the ASN.1 decoder library. This makes krb5 vulnerable to a DoS (Denial of Service) attack causing an infinite loop in the decoder. The KDC is vulnerable to this attack.

Updated packages:

LBA-Linux R1:

i386:
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/krb5-devel-1.3.4-6.lba.1.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/krb5-libs-1.3.4-6.lba.1.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/krb5-server-1.3.4-6.lba.1.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/krb5-workstation-1.3.4-6.lba.1.i386.rpm

Upgrading your system:

To apply this security update to your LBA-Linux system, run the Updater tool from the LBA-Linux root desktop:

  1. Log in to your LBA-Linux desktop as the root user.
  2. Click on the penguin icon at the lower left of the display, and select the menu item SYSTEM TOOLS>UPDATER.
  3. Click on the item named krb5 to highlight it.
  4. Click on the PACKAGE menu in the menu bar, and select the UPGRADE action.
  5. Confirm the upgrade by clicking the APPLY button in Updater's main toolbar.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0644
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0772

Copyright(c) 2001-2004 SOT


LBA-Linux Security Advisory

Subject: Updated httpd package for LBA-Linux R1
Advisory ID: LBASA-2004:39
Date: Sunday, September 26, 2004
Product: LBA-Linux R1


Problem description:

CAN-2004-0747
The Swedish IT Incident Centre (SITIC) reported a buffer overflow in the expansion of environment variables during configuration file parsing. This issue could allow a local user to gain the privileges of a httpd child if a server can be forced to parse a carefully crafted .htaccess file written by a local user.

CAN-2004-0786
Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash.

CAN-2004-0809
An issue was discovered in the mod_dav module which could be triggered for a location where WebDAV authoring access has been configured. A malicious remote client which is authorized to use the LOCK method could force an httpd child process to crash by sending a particular sequence of LOCK requests. This issue does not allow execution of arbitrary code and will only result in a denial of service where a threaded process model is in use.

Updated packages:

LBA-Linux R1:

i386:
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/httpd-2.0.48-16.lba.10.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/httpd-devel-2.0.48-16.lba.10.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/httpd-manual-2.0.48-16.lba.10.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/mod_ssl-2.0.48-16.lba.10.i386.rpm

Upgrading your system:

To apply this security update to your LBA-Linux system, run the Updater tool from the LBA-Linux root desktop:

  1. Log in to your LBA-Linux desktop as the root user.
  2. Click on the penguin icon at the lower left of the display, and select the menu item SYSTEM TOOLS>UPDATER.
  3. Click on the item named httpd to highlight it.
  4. Click on the PACKAGE menu in the menu bar, and select the UPGRADE action.
  5. Confirm the upgrade by clicking the APPLY button in Updater's main toolbar.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0747
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0809
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0786

Copyright(c) 2001-2004 SOT