Security Linux News for Apr 27, 2001
SecurityFocus: "lpdw0rm" Worm Analysis (Apr 27, 2001, 18:43)
This worm exploits unpatched Red Hat 7.0 servers running lprng,
as the recent Lion worm did. According to this analysis, though, it
remains a threat.
LinuxSecurity.com: Linux Advisory Watch - April 27th 2001
(Apr 27, 2001, 17:15)
"This week, advisories were released for mgetty, netscape,
nedit, zope, sendfile, samba, hylafax, licq, slrn, and sudo. The
vendors include Debian, FreeBSD, Mandrake, Progeny, Red Hat, and
SuSE. This was still a pretty active week. The samba vulnerability
and others such as sendfile and sudo are pretty serious. As always,
it is important to stay current with all software you choose to
Progeny Security Advisory: Older versions of NEdit make insecure use of temp files (Apr 27, 2001, 15:42)
"NEdit, a popular GUI editor, insecurely opens a file in /tmp
for printing purposes. This vulnerability could be used by a local
attacker to cause a privileged user to unwittingly overwrite a file
(via a symbolic link) to which the user has write access."
Debian Security Advisory: nedit symlink attack (Apr 27, 2001, 12:02)
"The nedit (Nirvana editor) package as shipped in the non-free
section accompanying Debian GNU/Linux 2.2/potato had a bug in its
printing code: when printing text it would create a temporary file
with the to be printed text and pass that on to the print system.
The temporary file was not created safely, which could be exploited
by an attacked to make nedit overwrite arbitrary files."
Progeny Security Advisory: Vulnerabilities in FTP daemons (Apr 27, 2001, 02:13)
This advisory discusses issues that could impact multiple FTP
daemons from multiple sources and vendors. All related and similar
software in Progeny Debian is summarized here.