Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Advisories: April 25, 2005

Apr 26, 2005, 04:45 (0 Talkback[s])

Gentoo Lnux


Gentoo Linux Security Advisory GLSA 200504-24

http://security.gentoo.org/


Severity: Normal
Title: eGroupWare: XSS and SQL injection vulnerabilities
Date: April 25, 2005
Bugs: #89517
ID: 200504-24


Synopsis

eGroupWare is affected by several SQL injection and cross-site scripting (XSS) vulnerabilities.

Background

eGroupWare is a suite of web-based group applications including calendar, address book, messenger and email.

Affected packages


     Package              /   Vulnerable   /                Unaffected

  1  www-apps/egroupware      < 1.0.0.007                 >= 1.0.0.007

Description

Multiple SQL injection and cross-site scripting vulnerabilities have been found in several eGroupWare modules.

Impact

An attacker could possibly use the SQL injection vulnerabilites to gain information from the database. Furthermore the cross-site scripting issues give an attacker the ability to inject and execute malicious script code or to steal cookie based authentication credentials, potentially compromising the victim's browser.

Workaround

There is no known workaround at this time.

Resolution

All eGroupWare users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/egroupware-1.0.0.007"

References

[ 1 ] GulfTech Security Research Advisory

http://www.gulftech.org/?node=research&article_id=00069-04202005

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200504-24.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Trustix Secure Linux


Trustix Secure Linux Security Advisory #2005-0015

Package name: postgresql
Summary: Buffer overflows
Date: 2005-04-25
Affected versions: Trustix Secure Linux 2.1 Trustix Secure Linux 2.2 Trustix Operating System - Enterprise Server 2


Package description:

PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the docs in HTML for the whole package, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server.

Problem description:
From the CVE entry:
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via
(1) a large number of variables in a SQL statement being handled by the read_sql_construct function,
(2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function,
(3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and
(4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CAN-2005-0245.

The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0247 to this issue.

Action:
We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system.

Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>

About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater.

Automatic updates:
Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'.

Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>

Verification:
This advisory along with all Trustix packages are signed with the TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>

The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.1/> and
<URI:http://www.trustix.org/errata/trustix-2.2/>
or directly at
<URI:http://www.trustix.org/errata/2005/0015/>

MD5sums of the packages:


ae97590cbbfaf9ddb499df4b7ff8a724 2.2/rpms/postgresql-8.0.2-1tr.i586.rpm
96bd050e6c13f95783bbb14db1b7f823 2.2/rpms/postgresql-contrib-8.0.2-1tr.i586.rpm
385f140f0f0ed8afd4a50f4fc0e7168c 2.2/rpms/postgresql-devel-8.0.2-1tr.i586.rpm
47d777b28ca7fd9d6d1f6d70bdeee1bd 2.2/rpms/postgresql-docs-8.0.2-1tr.i586.rpm
e21977a6c00ce833535f87dd83a2cb81 2.2/rpms/postgresql-libs-8.0.2-1tr.i586.rpm
0fb04aefeefebfb7b605e89df69decf6 2.2/rpms/postgresql-plperl-8.0.2-1tr.i586.rpm
6246eaa848f220d26a42d038e5d279a5 2.2/rpms/postgresql-python-8.0.2-1tr.i586.rpm
6c62ac731ebb66bad7918071b09c502f 2.2/rpms/postgresql-server-8.0.2-1tr.i586.rpm
3c6cd09af1e3a5da689e5ac8ee7312e6 2.2/rpms/postgresql-test-8.0.2-1tr.i586.rpm

fc12e7b85fcf0203181746fb68464d4b 2.1/rpms/postgresql-7.4.7-2tr.i586.rpm
bb112681b6c053ee79da62fd78381b06 2.1/rpms/postgresql-contrib-7.4.7-2tr.i586.rpm
79c6ce642a138572f9bdc8ddc1c281a5 2.1/rpms/postgresql-devel-7.4.7-2tr.i586.rpm
bd95677c56aa3121478591b75c0136b5 2.1/rpms/postgresql-docs-7.4.7-2tr.i586.rpm
47341fb3293df9adb831ed62dc04cacd 2.1/rpms/postgresql-libs-7.4.7-2tr.i586.rpm
0088b2bc60c155058abe33e1961a4218 2.1/rpms/postgresql-plperl-7.4.7-2tr.i586.rpm
5860f3f6a307f82fe0873cb02cf555ee 2.1/rpms/postgresql-python-7.4.7-2tr.i586.rpm
75d4cff5f7137f4fe7868d40e43dee75 2.1/rpms/postgresql-server-7.4.7-2tr.i586.rpm
a23c22e957cc5a55fb9ded24d96d83ec 2.1/rpms/postgresql-test-7.4.7-2tr.i586.rpm


Trustix Security Team