[security] Security updates

Lorenzo Iannuzzi nakis a libero.it
Gio 6 Maggio 2004 22:20:46 CEST 

http://lwn.net/Articles/83669/

OpenPKG has issued an update to kolab fixing an information disclosure
vulnerability. 

Slackware, meanwhile, has updated lha to close a number of buffer
overflow and directory traversal vulnerabilities.

http://www.sco.com/support/security/index.html

        The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned the following names to these issues.

        CAN-2003-0192: Apache 2 before 2.0.47, and certain versions
        of mod_ssl for Apache 1.3, do not properly handle "certain
        sequences of per-directory re-negotiations and the
        SSLCipherSuite directive being used to upgrade from a weak
        cipher suite to a strong one," which could cause Apache
        to use the weak cipher suite. 

        CAN-2003-0542: Multiple stack-based buffer overflows in 
        mod_alias and mod_rewrite for Apache before 1.3.29 may allow 
        attackers to create configuration files to cause a denial of 
        service or execute arbitrary code via a regular expression
        with more than 9 captures.

http://www.freebsd.org/security/

Some versions of Heimdal do not perform appropriate checking of the
`transited' field.

An input validation error was discovered in the k5admind code that
handles the framing of Kerberos 4 compatibility administration
requests.  The code assumed that the length given in the framing was
always two or more bytes.  Smaller lengths will cause k5admind to read
an arbitrary amount of data into a minimally-sized buffer on the heap.

Note that this code is not present unless k5admind has been compiled
with Kerberos 4 support.  This will occur if a FreeBSD system is
compiled with both of the WITH_KERBEROS4 and WITH_KERBEROS5 build flags.
These flags are never simultaneously set during the FreeBSD binary
release process; consequently, binary installs of FreeBSD (even with
Kerberos support installed) are not affected.

http://www.sgi.com/support/security/

It has been reported thru various channel that there are several
security issues affecting IRIX networking.

 * various fixes to mitigate the non-network consequences of
   extreme UDP/interrupt DoS attacks (SGI BUG 773203, 897764)

 * blocking SYN+FIN and illogical TCP flags combos from achieving
   3-way handshake                   (SGI BUG 871383)
   http://online.securityfocus.com/archive/1/296558/2002-10-19/2002-10-25/1

 * ifconfig "-arp" argument does not disable arp requests being
   sent or received                  (SGI BUG 890567)

 * arp DOS vulnerability             (SGI BUG 902072)
   http://www.auscert.org.au/render.html?it=3489&cid=1
-- 

Ciao e alla prossima!
Lorenzo

Maggiori informazioni sulla lista security