Americas

  • United States

Another sendmail vulnerability

Opinion
Mar 31, 20037 mins
NetworkingPatch Management SoftwareSecurity

* Patches from Microsoft, Debian, Mandrake Linux, others * Beware e-mail with the subject line "Re: Your password!" * Microsoft failure to patch NT 4.0 raises support issue, and other interesting reading

Today’s bug patches and security alerts:

Sendmail flaw puts systems at risk, again

Systems running sendmail are at risk of hacker attacks because of a flaw in the way the commonly used e-mail server software handles long e-mail addresses, experts warned Saturday. This is the second serious bug announced this month, which is causing some sendmail users to look for alternatives.IDG News Service, 03/31/03.

Story:

http://www.nwfusion.com/news/2003/0331sendmflaw.html

More info from Sendmail:https://www.sendmail.com/security/index.shtmlCERT advisory:

https://www.cert.org/advisories/CA-2003-12.html

Related patches:

FreeBSD:

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc

Slackware (download new packages from here):

https://www.slackware.com/packages/

**********

Glitch in Windows XP SP1 could slow systems

Microsoft has acknowledged and patched a glitch with its Windows XP Service Pack 1 update that can cause system slowdowns, but has not yet made its still-developing fix widely available. IDG News Service, 03/27/03.

Story:

https://www.nwfusion.com/news/2003/0327glitch.html

Related Microsoft Knowledge Base article:

https://support.microsoft.com/default.aspx?scid=kb;[LN];815411

**********

Additional Linux kernel updates

A number of Linux vendors have released update kernels to fix a variety of problems. The most serious could lead to a local user gaining root privileges on the affected system. For more, go to:

Debian:

https://www.debian.org/security/2003/dsa-270

Mandrake Linux:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:038

Mandrake Linux (kernel22):

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:039

**********

Debian patches krb4

Weak cryptography in Debian’s Kerberos 4 implementation could allow “an attacker to use a chosen-plaintext attack to impersonate any principal in a realm.” For more, go to:

https://www.debian.org/security/2003/dsa-273

The heimdal package is also affected by Kerberos 4’s weak encryption:

https://www.debian.org/security/2003/dsa-269

Debian releases patch for lpr

A buffer overflow in lpr, a line printer spooling system, can be exploited to gain root privileges on the affected system. For more, go to:

https://www.debian.org/security/2003/dsa-267

Debian issues mutt patch

Certain versions of mutt, an e-mail client, contain a buffer overflow in the IMAP client code. For more, go to:

https://www.debian.org/security/2003/dsa-268

New ecartis (listar) package available

According to an alert from Debian, “A problem has been discovered in ecartis, a mailing list manager, formerly known as listar.  This vulnerability enables an attacker to reset the password of any user defined on the list server, including the list admins.” For more, go to:

https://www.debian.org/security/2003/dsa-271

**********

More openssl patches available

A flaw in the openssl package used in many Unix/Linux implementations could allow TSL/SSL communications to be passed in plain text. For more on the patch, go to:

Trustix:

https://www.trustix.net/errata/misc/2003/TSL-2003-0013-openssl.asc.txt

Immunix packages:

https://www.networkworld.com/ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/

Gentoo (stunnel):

https://forums.gentoo.org/viewtopic.php?t=43711

**********

NetBSD, Gentoo release zlib patches

A buffer overflow in zlib’s gzprintf() function could be exploited in a denial-of-service attack or possibly run arbitrary code on the affected machine. For more, go to:

NetBSD:

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-004.txt.asc

Gentoo:

https://forums.gentoo.org/viewtopic.php?t=44382

**********

Mandrake Linux patches rxvt

A number of issues have been found in the escape sequence handling of rxvt, a color VT102 terminal emulator for X Windows. These could be potentially exploited if an attacker can cause carefully crafted escape sequences to be displayed on a rxvt terminal being used by their victim. For more, go to:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:034

Mandrake Linux issues fix for netpbm

According to an alert from Mandrake Linux, “Several math overflow errors were found in NetPBM by Al Viro and Alan Cox.  While these programs are not installed suid root, they are often used to prepare data for processing.  These errors may permit remote attackers to cause a denial of service or execute arbitrary code in any programs or scripts that use these graphics conversion tools.” For more, go to:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:036

**********

Additional glibc and XDR/RPC patches available

A flaw in the XDR/RPC code used in the standard C library (glibc) of many Linux implementations could be exploited to crash the affected machine, resulting in a denial of service. For more, go to:

Trustix:

https://www.trustix.net/errata/misc/2003/TSL-2003-0014-glibc.asc.txt

Debian (dietlibc):

https://www.debian.org/security/2003/dsa-272

**********

Slackware releases samba update

A flaw in the open-source Samba file server could be exploited to run arbitrary code on the affected machine. Slackware has issues a fix for this problem. Download it from:

Slackware 8.1:

ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/samba-2.2.8-i386-1.tgz

Slackware -current:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-2.2.8-i386-1.tgz

**********

Gentoo patches bitchx

A buffer overflow vulnerability in the bitchx chat client has been patched by Gentoo. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=43403

**********

RealNetworks issues patch for RealPlayer

A flaw in the way RealNetworks’ RealPlayer client decompresses PNG images could be exploited to run arbitrary code on the affected machine, according to an alert from Core Security Technologies. A fix is available:

https://service.real.com/help/faq/security/securityupdate_march2003.html

Core Security advisory:

https://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10

**********

Today’s roundup of virus alerts:

W32/Frethem-T – A variant of the W32/Frethem-B virus that adds some backdoor capabilities. The virus spreads via e-mail with a subject line of “Re: Your password!”. It takes advantage of a Outlook/Internet Explorer IFrame vulnerability. (Sophos)

Rolark – This virus takes advantage of the WebDav vulnerability in Windows 2000 and IIS 5.0. It exploited a buffer overflow to infect the system and allow outside access by hackers. (Panda Software)

SFC – A Word macro virus that spreads via chat programs IRC and PIRCH as well as e-mail. The virus disables macro protection in the Word application and infects all opened documents. (Panda Software)

**********

From the interesting reading department:

Microsoft failure to patch NT 4.0 raises support issue

Microsoft’s statement Wednesday that it would not offer a version of a security patch for NT 4.0 has called into question an earlier promise to continue supporting the operating system through the end of 2004 and raised concern among its customers. IDG News Service, 03/28/03.

https://www.nwfusion.com/news/2003/0328msfailu.html

Al-Jazeera domain hijacked

The bad news continued on Thursday for Arab satellite television network Al-Jazeera. A hacker hijacked the network’s domain, pointing visitors to another site that displayed a pro-war message. IDG News Service, 03/27/03.

https://www.nwfusion.com/news/2003/0327aljadomai.html

Software bug may cause Patriot missile errors

U.S. Central Command said that the U.S. military is investigating the possibility that a software problem in the Patriot Missile defense system may be responsible for targeting two friendly aircraft, but that other scenarios could just as likely be responsible for the mishaps. IDG News Service, 03/27/03.

https://www.nwfusion.com/news/2003/0327softwbugm.html

High Insecurity

Feeling anxious these days? You probably have good reason to. Not only do we feel physically threatened by possibilities of terrorist attacks, but all of our personal information – much of it stored in digital form – seems to be vulnerable too. A Newsweek interview with Bruce  Schneier, founder and CTO of Counterpane. Newsweek, 03/24/03.

https://www.msnbc.com/news/885421.asp

Secrecy Rarely Works

Last month some researchers at England’s Cambridge University made a disturbing discovery about certain bank ATMs: it’s possible to steal from them from your account. Don’t panic – the flaw they found could be exploited only by an insider, and many U.S. banks don’t use the hardware systems in question. But this was small comfort to a Diners Club cardholder and his wife, who were shocked to find themselves charged for about $80,000 in withdrawals from London ATMs. Newsweek, 03/24/03.

https://www.msnbc.com/news/884696.asp