| |
|
|
Trustix Secure Linux Information for VU#356409
Vendor Statement-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 - -------------------------------------------------------------------------- Trustix Secure Linux Security Advisory #2005-0003 Package name: bind clamav cpio cups mod_python perl postgresql python squid Summary: Security fixes Date: 2005-02-11 Affected versions: Trustix Secure Linux 1.5 Trustix Secure Linux 2.1 Trustix Secure Linux 2.2 Trustix Operating System - Enterprise Server 2 - -------------------------------------------------------------------------- Package description: bind: BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. clamav: Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with package, which you can use with your own software. Most importantly, the virus database is kept up to date . cpio: GNU cpio copies files into or out of a cpio or tar archive. Archives are files which contain a collection of other files plus information about them, such as their file name, owner, timestamps, and access permissions. The archive can be another file on the disk, a magnetic tape, or a pipe. GNU cpio supports the following archive formats: binary, old ASCII, new ASCII, crc, HPUX binary, HPUX old ASCII, old tar and POSIX.1 tar. By default, cpio creates binary format archives, so that they are compatible with older cpio programs. When it is extracting files from archives, cpio automatically recognizes which kind of archive it is reading and can read archives created on machines with a different byte-order. cups: The Common UNIX Printing System provides a portable printing layer for UNIX(R) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. mod_python: Mod_python is a module that embeds the Python language interpreter within the server, allowing Apache handlers to be written in Python. perl: Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications (and what it excels at) are probably system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts. postgresql: PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the docs in HTML for the whole package, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. python: Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries. squid: Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Problem description: bind: A bug in the dnssec validator can result in an internal consistency check failing and thus causing the named to exit abnormally. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0034 to this issue. clamav: An attacker can crash the ClamAV daemon by sending a specially crafted ZIP file and thus causing a DoS. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0133 to this issue. cpio: cpio reset the umask to 0 when writing files with the -O flag. This left the files both readable and writeable by all. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-1999-1572 to this issue. cups: A buffer overflow was found in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allowed remote attackers to execute arbitrary code via a PDF file. xpdf is not part of TSL, but a number of projects have reused this code. Of those, cups is included in TSL. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0064 to this issue. mod_python: Graham Dumpleton discovered a flaw affecting the publisher handler of mod_python, used to make objects inside modules callable via URL. A remote user could visit a carefully crafted URL that would gain access to objects that should not be visible, leading to an information leak. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0088 to this issue. perl: When executing a setuid-root perl, the file pointed to by the PERLIO_DEBUG environment varibale would be overwritten. This has now been fixed by ignoring PERLIO_DEBUG for setuid perl scripts. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0155 to this issue. Executing a setuid root perl script with a very long path caused a buffer overflow if the PERLIO_DEBUG environment variable was set. This bug could be exploited to gain root privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0156 to this issue. postgresql: New upstream. Fixes local privilege escalation discovered by John Heasman Any user could use the LOAD extention to load any shared library into the server. This could be used to execute commands as the postgresql user. python: From the Python advisory: The Python development team has discovered a flaw in the SimpleXMLRPCServer library module which can give remote attackers access to internals of the registered object or its module or possibly other modules. The flaw only affects Python XML-RPC servers that use the register_instance() method to register an object without a _dispatch() method. Servers using only register_function() are not affected. On vulnerable XML-RPC servers, a remote attacker may be able to view or modify globals of the module(s) containing the registered instance's class(es), potentially leading to data loss or arbitrary code execution. If the registered object is a module, the danger is particularly serious. For example, if the registered module imports the os module, an attacker could invoke the os.system() function. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0089 to this issue. squid: A buffer overflow in the Gopher responses parser can be exploited remotely in a denial of service attack. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0094 to this issue.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
 | |||||||||||||||||||
 |
||||||||||||||||||||||
