Gentoo patches galore

Today’s bug patches and security alerts:

Gentoo has released a number of updates over the past couple weeks, we recap them here for you:

Horde-Chora

Two vulnerabilities exist in the Horde-Chora package. First, a flaw in the diff viewer in Chora could be exploited to inject shell code. Second, a flaw in the Horde file upload capability could be used to upload malicious binary files to the affected server. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=186038

Squirrelmail

The SquirrelMail application does not properly “sanitize” user input, which could be exploit in a cross-scripting attack to access Webmail accounts on the affected machine. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=186037

Gallery

A flaw in the Gallery photo viewer application could be exploited by a malicious user to gain administrator privileges on the affected machine. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=186040

Webmin

Two security flaws in the Webmin Web-based administration tool for Linux could be exploited in a denial-of-service attack against the affected machine. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=186339

Horde-IMP

A flaw in the Horde-IMP application for Gentoo could be exploited by a malicious user to run scripts on the affected machine. A target user would have to open an e-mail containing the code in order for the exploit to happen. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=186332

Squid

According to Gentoo, “If Squid is configured to use NTLM authentication, an attacker could exploit this vulnerability by sending a very long password. This could lead to arbitrary code execution with the permissions of the user running Squid.” For more, go to:

https://forums.gentoo.org/viewtopic.php?t=186764

Aspell

Aspell, a spell checker application, uses word-list-compress files for checking custom words. A flaw in the way the word-list-compress files are handles could be exploited by a malicious user to run arbitrary scripts on the affected machine. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=187089

Usermin

Two flaws exist in the Gentoo usermin implementation. One flaw could be used to lock a legitimate user out of the affected machine. A second, more serious, flaw could be exploited by using a specially-crafted e-mail message containing malicious scripts. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=187326

IPSec-Tools

A flaw in the racoon implementation of IPSec-Tools leaves the system vulnerable to a man-in-the-middle attack, which could be used to make unauthorized connection to the affected machine. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=188869

giFT-FastTrack

A flaw in the giFT-FastTrack plug-in could be exploited in a remote denial-of-service attack against the giFT server daemon. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=189870

Gzip

A flaw in the way temporary files are handled by gzip could result in arbitrary code being run on the affected machine. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=189767

FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling

According to a Gentoo alert, “With a carefully crafted certificate payload an attacker can successfully authenticate against FreeS/WAN, Openswan, strongSwan or Super-FreeS/WAN, or make the daemon go into an endless loop.” For more, go to:

https://forums.gentoo.org/viewtopic.php?t=190289

**********

Today’s roundup of virus alerts:

W32/Korgo-R – A Korgo variant that tries to exploit the Windows LSASS vulnerability. It infects the Windows System directory using a random filename and may download malicious code to the affected machine. (Sophos)

W32/Korgo-S – Similar to Korgo-R with added fun of trying to delete the “FTPUPD.EXE” file and other Windows System utilities. (Sophos)

W32/NetskyP-Dam – Fortunately, this is a damaged version of Netsky-P and does not seem to cause any real damage. (Sophos)

**********

From the interesting reading department:

Network World Fusion Radio: Designing network security

Security challenges take center stage this week as Merike Kaeo, author of “Designing Network Security, Second Edition” and chief network security architect at Double Shot Security, joins us to discuss protecting corporate networks. Network World Fusion, 06/24/04.

https://www.nwfusion.com/research/2004/0624radio.html?nl

Akamai attack underscores DNS risks

An attack earlier this month aimed at DNS services for high-profile Akamai Technologies customers should be a wakeup call for enterprise users to ensure they have contingency plans to deal with a growing number of Internet threats, analysts say. Network World, 06/28/04.

https://www.nwfusion.com/news/2004/062804akamaifolo.html

Security appliance protects corp. gateways

Attempting to give corporations a low-cost way to fight spam and viruses, WorkGroup Solutions last week released a new version of its security appliance with enhancements to its reporting and virus-detection capabilities and added a directory harvest defense mechanism. Network World, 06/28/04.

https://www.nwfusion.com/news/2004/062804workgroup.html?nl

VeriSign announces security, anti-phishing services

VeriSign this week plans to announce two sets of services to combat spam as well as fraud caused when criminals set up phony Web sites that mimick legitimate ones to gain victims’ personal data. Network World, 06/28/04.

https://www.nwfusion.com/news/2004/062804verisign.html?nls

Anti-phishing efforts need teeth

As phishing quickly becomes the next big headache for consumers and businesses wanting to communicate with them via e-mail, a number of industry groups have emerged to combat the problem. However, until technology is implemented to authenticate e-mail sources, observers say little can be done to fight this form of electronic fraud. Network World, 06/28/04.

https://www.nwfusion.com/news/2004/062804phishing.html

Enterasys delivers switch-based security

Enterasys Networks this week is scheduled to announce capabilities on its LAN edge switches that will let administrators effectively cut off virus-infected or virus-vulnerable machines trying to access corporate resources. Network World, 06/28/04.

https://www.nwfusion.com/news/2004/0628enterasys.html?nl

Juniper SSL boxes ease net access

Juniper is adding support for Security Assertion Markup Language to its remote-access gear, technology that lets users sign on once to a Secure Sockets Layer remote-access gateway and reach network resources without further authentication. Network World, 06/28/04.

https://www.nwfusion.com/news/2004/062804juniper.html?nl

Earthquakes, fire and lightning: Must be a NEBS test

At NTS, telecom gear needs to survive the flame test and an earthquake simulator that tops 7 on the Richter scale, plus make it through chambers that determine whether equipment can handle extreme hot and cold temperatures as well as lightning strikes and high altitudes. Sometimes testers, armed with shotguns, even take boxes out back and try to shoot through their cabinets with No. 6 steel shot from 50 feet away. Network World, 06/28/04.

https://www.nwfusion.com/news/2004/062804widernetnebs.html?nl