+----------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| April 19th, 2002 Volume 3, Number 16a |
+----------------------------------------------------------------+
Editors: Dave Wreski Benjamin Thomas
dave@linuxsecurity.com ben@linuxsecurity.com
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week.It
includes pointers to updated packages and descriptions of each
vulnerability.
This week, advisories were released for libsafe, imp, syncache/syncookies,
squid, webalizer, xpilot, and demarc. The vendors include Debian,
FreeBSD, and Mandrake.
* FREE SSL Guide from Thawte - Are you planning your Web Server Security?
Click here to get a FREE Thawte SSL guide and find the answers to all your
SSL security issues.
http://www.gothawte.com/rd247.html
Build Complete Internet Presence Quickly and Securely!
EnGarde Secure Linux has everything necessary to create thousands of
virtual Web sites, manage e-mail, DNS, firewalling, and database functions
for an entire organization, all using a secure Web-based front-end.
Engineered to be secure and easy to use!Don't jeopardize your organization
with an off-the shelf Linux!
http://www.guardiandigital.com/promo/ls150402.html
+---------------------------------+
| libsafe | ----------------------------//
+---------------------------------+
Wojciech Purczynski discovered that format string protection in libsafe
can be easily bypassed by using flag characters that are implemented in
glibc but are not implemented in libsafe. It was also discovered that
*printf function wrappers incorrectly parse argument indexing in format
strings, making some incorrect assumptions on the number of arguments and
conversion specifications.
Mandrake Linux 8.2:
http://www.mandrakesecure.net/en/ftp.php
8.2/RPMS/libsafe-2.0.13-1.2mdk.i586.rpm
4de44dea8f94c02d3f4350479dafe4e5
Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-2018.html
+---------------------------------+
| imp | ----------------------------//
+---------------------------------+
A cross-site scripting (CSS) problem was discovered in Horde and IMP (a
web based IMAP mail package).
Debian: Architecture independent archives:
http://security.debian.org/dists/stable/updates/main/
binary-all/horde_1.2.6-0.potato.5_all.deb
MD5 checksum: df0fe8f732da4edee3f78202c9e2127a
http://security.debian.org/dists/stable/updates/main/
binary-all/imp_2.2.6-0.potato.5_all.deb
MD5 checksum: ffd216c15b27c1c3449512a5ccaa5af2
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2019.html
Caldera Vendor Advisory:
http://www.linuxsecurity.com/advisories/caldera_advisory-2020.html
+---------------------------------+
| syncache/syncookies | ----------------------------//
+---------------------------------+
Legitimate TCP/IP traffic may cause the machine to crash. Two related
problems with syncache were triggered when syncookies were implemented.
FreeBSD:
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/
SA-02:20/syncache.patch
FreeBSD Vendor Advisory:
http://www.linuxsecurity.com/advisories/freebsd_advisory-2021.html
+---------------------------------+
| squid | ----------------------------//
+---------------------------------+
A security issue has recently been found and fixed in the Squid-2.X
releases up to and including 2.4.STABLE4. Error and boundary conditions
were not checked when handling compressed DNS answer messages in the
internal DNS code (lib/rfc1035.c). A malicous DNS server could craft a
DNS reply that causes Squid to exit with a SIGSEGV.
Mandrake Linux 8.2:
8.2/RPMS/squid-2.4.STABLE6-1.1mdk.i586.rpm
48854ffb620b739d98bf2a4d93aa761e
http://www.mandrakesecure.net/en/ftp.php
Mandrake Vendor Advisory:
http://www.linuxsecurity.com/advisories/mandrake_advisory-2022.html
+---------------------------------+
| webalizer | ----------------------------//
+---------------------------------+
The webalizer has the ability to perform reverse DNS lookups. This ability
is disabled by default, but if enabled, an attacker with command over his
own DNS service, has the ability to gain remote root acces to a machine,
due to a remote buffer overflow in the reverse resolving code.
PLEASE SEE VENDOR ADVISORY
Webalizer Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-2023.html
+---------------------------------+
| xpilot | ----------------------------//
+---------------------------------+
An internal audit by the xpilot (a multi-player tactical manoeuvring game
for X) maintainers revealed a buffer overflow in xpilot server.
This overflow can be abused by remote attackers to gain access to the
server under which the xpilot server is running.
Debian: Intel IA-32 architecture:
http://security.debian.org/dists/stable/updates/main/binary-i386/
xpilot-client-nas_4.1.0-4.U.4alpha2.4.potato1_i386.deb/
MD5 checksum: f0d1306de990f6160ba5cc3e1580b2b2
http://security.debian.org/dists/stable/updates/main/binary-i386/
xpilot-client-nosound_4.1.0-4.U.4alpha2.4.potato1_i386.deb/
MD5 checksum: 28b1c0e638e142f93eb2af7ca71f80d5
http://security.debian.org/dists/stable/updates/main/binary-i386/
xpilot-client-rplay_4.1.0-4.U.4alpha2.4.potato1_i386.deb/
MD5 checksum: 4bb509a8a5711bc570c9e2645b926a35
http://security.debian.org/dists/stable/updates/main/binary-i386/
xpilot-server_4.1.0-4.U.4alpha2.4.potato1_i386.deb/
MD5 checksum: b2c7cf184d6ff9b9b52e7e5a324ff3d7
Debian Vendor Advisory:
http://www.linuxsecurity.com/advisories/debian_advisory-2024.html
+---------------------------------+
| demarc | ----------------------------//
+---------------------------------+
Earlier today we were informed indirectly via a bugtraq posting, of a
security issue in the 1.05 version of our software. While were already
scheduled to release version 1.6 of the software tomorrow, it is advised
that you apply the following official patch to your current installation.
On untrusted networks, the bug could lead to acquisition of administrative
privileges within the Console.
PLEASE SEE VENDOR ADVISORY
Demarc Vendor Advisory:
http://www.linuxsecurity.com/advisories/other_advisory-2025.html
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.