Security Linux News for Jan 29, 2001
Debian Security Advisory: New version of BIND 8 released (Jan 29, 2001, 23:20)
"BIND 8 suffered from several buffer overflows. It is possible
to construct an inverse query that allows the stack to be read
remotely exposing environment variables."
Red Hat Security Advisory: Updated bind packages available (Jan 29, 2001, 23:19)
"Several security problems have been found in the bind 8.2.2
FreeOS.com: Intrusion Detection Systems for your network: Part I (Jan 29, 2001, 22:56)
"In this series, we will lay a framework that will help you
understand the need for an Intrusion Detection System (IDS) and
what security measures it would put in place. This includes
measures that will help you conduct a postmortem on your system in
case of breach of security measures either internally or
LinuxSecurity.com: Security is an Interactive Sport - Lessons learned from Ramen (Jan 29, 2001, 21:52)
"This article outlines the importance of monitoring vendor
advisories and applying appropriate software patches when
necessary. It uses the Ramen epidemic as an example showing the
possible effects of poor system administration."
COVERT Labs Security Advisory: Vulnerabilities in BIND 4 and 8 (Jan 29, 2001, 21:29)
"BIND versions 4 and 8 contain a buffer overflow that allows a
remote attacker to execute arbitrary code."
Trustix Security Advisory - bind, openldap (Jan 29, 2001, 21:20)
"A silly bug in the rpm spec file for openldap makes the server
run by default, which violates Trustix' standard of no running
services by default. Note that there are no known remote security
holes in openldap as shipped by Trustix."
LinuxPR: Ramen "in-the-wild" -- NASA, Texas A&M, Supermicro Sites Hit
(Jan 29, 2001, 18:00)
"The discovery of the Ramen worm 'in-the-wild' is a very
significant moment in computer history. ... During the past 8 years
since Linux was first developed, there have been discovered about
50 malicious programs for this operating system, but none of them
had yet to be sighted "in-the-wild."
LinuxSecurity.com: Linux Security Week - January 29th 2001 (Jan 29, 2001, 09:27)
"This week, advisories were released for icecast, MySQL, kdesu,
glibc, splitvt, micq, sash, wu-ftpd, jazip, tinyproxy, squid, php,
apache, exmh, ipfw, ip6fw, XFree86, crontab, and bind."
Security Portal: Weekly Linux Security Digest 2001/01/22 to 2001/01/28 (Jan 29, 2001, 09:22)
"Root hacks were found in a number of packages, icecast; and
buffer overflows and format string attacks in a number of other
programs (doesn't anyone proactively audit code?)."
Debian Security Advisory: New sparc packages of OpenSSH released (Jan 29, 2001, 09:00)
"A former security upload of OpenSSH was linked against the
wrong version of libssl (providing an API to SSL), that version was
not available on sparc."
Debian Security Advisory: New version of cron released (Jan 29, 2001, 08:51)
"The FreeBSD team has found a bug in the way new crontabs were
handled which allowed malicious users to display arbitrary crontab
files on the local system."
Debian Security Advisory: New version of inn2 released (Jan 29, 2001, 08:46)
"An attacker could overwrite any file owned by the news system
administrator, i.e. owned by news.news."