---

Home Security

Advisories: April 25, 2005

By

Gentoo Lnux

Gentoo Linux Security Advisory GLSA 200504-24

http://security.gentoo.org/

Severity: Normal
Title: eGroupWare: XSS and SQL injection vulnerabilities
Date: April 25, 2005
Bugs: #89517
ID: 200504-24

Synopsis

eGroupWare is affected by several SQL injection and cross-site
scripting (XSS) vulnerabilities.

Background

eGroupWare is a suite of web-based group applications including
calendar, address book, messenger and email.

Affected packages

     Package              /   Vulnerable   /                Unaffected

  1  www-apps/egroupware      < 1.0.0.007                 >= 1.0.0.007

Description

Multiple SQL injection and cross-site scripting vulnerabilities
have been found in several eGroupWare modules.

Impact

An attacker could possibly use the SQL injection vulnerabilites
to gain information from the database. Furthermore the cross-site
scripting issues give an attacker the ability to inject and execute
malicious script code or to steal cookie based authentication
credentials, potentially compromising the victim’s browser.

Workaround

There is no known workaround at this time.

Resolution

All eGroupWare users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/egroupware-1.0.0.007"

References

[ 1 ] GulfTech Security Research Advisory


http://www.gulftech.org/?node=research&article_id=00069-04202005

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200504-24.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Trustix Secure Linux

Trustix Secure Linux Security Advisory #2005-0015

Package name: postgresql
Summary: Buffer overflows
Date: 2005-04-25
Affected versions: Trustix Secure Linux 2.1 Trustix Secure Linux
2.2 Trustix Operating System – Enterprise Server 2

Package description:

PostgreSQL is an advanced Object-Relational database management
system (DBMS) that supports almost all SQL constructs (including
transactions, subselects and user-defined types and functions). The
postgresql package includes the client programs and libraries that
you’ll need to access a PostgreSQL DBMS server. These PostgreSQL
client programs are programs that directly manipulate the internal
structure of PostgreSQL databases on a PostgreSQL server. These
client programs can be located on the same machine with the
PostgreSQL server, or may be on a remote machine which accesses a
PostgreSQL server over a network connection. This package contains
the docs in HTML for the whole package, as well as command-line
utilities for managing PostgreSQL databases on a PostgreSQL
server.

Problem description:
From the CVE entry:
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and
earlier may allow attackers to execute arbitrary code via
(1) a large number of variables in a SQL statement being handled by
the read_sql_construct function,
(2) a large number of INTO variables in a SELECT statement being
handled by the make_select_stmt function,
(3) a large number of arbitrary variables in a SELECT statement
being handled by the make_select_stmt function, and
(4) a large number of INTO variables in a FETCH statement being
handled by the make_fetch_stmt function, a different set of
vulnerabilities than CAN-2005-0245.

The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-0247 to this issue.

Action:
We recommend that all systems with this package installed be
upgraded. Please note that if you do not need the functionality
provided by this package, you may want to remove it from your
system.

Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>

<URI:ftp://ftp.trustix.org/pub/trustix/updates/>

About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers.
With focus on security and stability, the system is painlessly kept
safe and up to date from day one using swup, the automated software
updater.

Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using ‘swup –upgrade’.

Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>

Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>

The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.1/>
and
<URI:http://www.trustix.org/errata/trustix-2.2/>

or directly at
<URI:http://www.trustix.org/errata/2005/0015/>

MD5sums of the packages:

ae97590cbbfaf9ddb499df4b7ff8a724
2.2/rpms/postgresql-8.0.2-1tr.i586.rpm
96bd050e6c13f95783bbb14db1b7f823
2.2/rpms/postgresql-contrib-8.0.2-1tr.i586.rpm
385f140f0f0ed8afd4a50f4fc0e7168c
2.2/rpms/postgresql-devel-8.0.2-1tr.i586.rpm
47d777b28ca7fd9d6d1f6d70bdeee1bd
2.2/rpms/postgresql-docs-8.0.2-1tr.i586.rpm
e21977a6c00ce833535f87dd83a2cb81
2.2/rpms/postgresql-libs-8.0.2-1tr.i586.rpm
0fb04aefeefebfb7b605e89df69decf6
2.2/rpms/postgresql-plperl-8.0.2-1tr.i586.rpm
6246eaa848f220d26a42d038e5d279a5
2.2/rpms/postgresql-python-8.0.2-1tr.i586.rpm
6c62ac731ebb66bad7918071b09c502f
2.2/rpms/postgresql-server-8.0.2-1tr.i586.rpm
3c6cd09af1e3a5da689e5ac8ee7312e6
2.2/rpms/postgresql-test-8.0.2-1tr.i586.rpm

fc12e7b85fcf0203181746fb68464d4b
2.1/rpms/postgresql-7.4.7-2tr.i586.rpm
bb112681b6c053ee79da62fd78381b06
2.1/rpms/postgresql-contrib-7.4.7-2tr.i586.rpm
79c6ce642a138572f9bdc8ddc1c281a5
2.1/rpms/postgresql-devel-7.4.7-2tr.i586.rpm
bd95677c56aa3121478591b75c0136b5
2.1/rpms/postgresql-docs-7.4.7-2tr.i586.rpm
47341fb3293df9adb831ed62dc04cacd
2.1/rpms/postgresql-libs-7.4.7-2tr.i586.rpm
0088b2bc60c155058abe33e1961a4218
2.1/rpms/postgresql-plperl-7.4.7-2tr.i586.rpm
5860f3f6a307f82fe0873cb02cf555ee
2.1/rpms/postgresql-python-7.4.7-2tr.i586.rpm
75d4cff5f7137f4fe7868d40e43dee75
2.1/rpms/postgresql-server-7.4.7-2tr.i586.rpm
a23c22e957cc5a55fb9ded24d96d83ec
2.1/rpms/postgresql-test-7.4.7-2tr.i586.rpm

Trustix Security Team

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.