Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs



Top White Papers




More on LinuxToday

Security Linux News for Apr 19, 2001

  • Help-Net Security: Starting points of a secure Linux system (Apr 19, 2001, 18:30)
    Aleksandar Stancin has a lot of good advice for both newbies and Linux vets regarding system security. As he reminds us: "Remember, there's no absolute security, so keep your eyes open, subscribe yourself to good sec-related mailing lists, and keep your software up-to-date."

  • Caldera Security Advisory: samba security problems (Apr 19, 2001, 17:00)
    "During our security audits we found several places within the Samba server code which could lead to a local attacker gaining root access."

  • LinuxPR: Guardian Digital Presents EnGarde Secure Linux (Apr 19, 2001, 14:22)
    "Engineered from the ground up with specific regard to security, EnGarde Secure Linux incorporates intrusion detection capabilities, ability to manage thousands of e-mail and DNS domains, a complete suite of e-business applications using AllCommerce, improved authentication and access control methods, strong cryptography, and complete SSL secure Web-based administration capabilities."

  • SuSE Security Announcement: sudo (SuSE-SA:2001:13) (Apr 19, 2001, 11:40)
    "The setuid application sudo(8) allows a user to execute commands under the privileges of another user (including root). sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise."

  • SuSE Security Announcement: nedit (SuSE-SA:2001:14) (Apr 19, 2001, 11:37)
    "When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root."

  • Debian Security Advisory: exuberant-ctags for sparc was incorrectly built (Apr 19, 2001, 11:32)
    'The updated exuberant-ctags that was mentioned in DSA-046-1 was unfortunately compiled incorrectly: the stable chroot we used turned out to be running unstable instead."

  • Debian Security Advisory: samba for sparc was incorrectly built (Apr 19, 2001, 11:18)
    "The updated samba packages that were mentioned in DSA-048-1 were unfortunately compiled incorrectly: the stable chroot we used turned out to be running unstable instead."

  • Debian Security Advisory: remote cfingerd exploit (Apr 19, 2001, 03:46)
    "Megyer Laszlo report on Bugtraq that the cfingerd Debian as distributed with Debian GNU/Linux 2.2 was not careful in its logging code. By combining this with an off-by-one error in the code that copied the username from an ident response cfingerd could exploited by a remote user. Since cfingerd does not drop its root privileges until after it has determined which user to finger an attacker can gain root privileges."

  • Microsoft Patches ISA Server Denial-of-Service Bug (Apr 19, 2001, 01:32)
    Yeah, we know that Linux isn't better just because a Microsoft product fails. But this sort of news is important for anyone deciding between Linux and Windows: security is a legitimate issue that should be addressed.