Gentoo Linux Security Advisory - NVIDIA drivers, Aug 23, 2007

A vulnerability has been discovered in the NVIDIA graphic drivers, allowing for a Denial of Service.

When asked about Windows vs. Linux security, Gagne says: "Frankly, it seems incredible that this is even open to debate. To suggest that Windows is inherently more or as secure is almost too silly to even comment on. One need only read the newspapers, listen to the radio, watch television or work in an office where Windows is widely used. Of course Linux is more secure, and it has nothing to do with Microsoft's market penetration. It has to do with a better approach to software development. It doesn't hurt that at its very core, Linux is designed with security in mind. No need here for launching a security initiative after years of neglect."

Frank Denis reported a bug in unpatched versions of MySQL prior to version 3.23.58. Passwords for MySQL users are stored in the Password field of the user table. Under this bug, a Password field with a value greater than 16 characters can cause a buffer overflow. It may be possible for an attacker with the ability to modify the user table to exploit this buffer overflow to execute arbitrary code as the MySQL user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0780 to this issue.

Founding father of Trustix Secure Linux, Erlend Midttun, along with Trustix Secure Linux developer, Christian Toldnes now offers development, maintenance and support for community and commercial customers from the newly started company - Tawie Technologies AS.

Webmaster's note: Other vendors and distribution developers have also released new packages for sendmail

Two vulnerabilities were reported in sendmail.

- CAN-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

- CAN-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Early today we received a note that there are rumblings in the underground related to a new OpenSSH vulnerability. The official web site says that a new version of OpenSSH was released and the following security advisory was published. Below the official OpenSSH patch, you can see the vendor advisories on this issue.

3. Problem description:

The Apache HTTP server is a powerful, full-featured, efficient, and freely-available Web server.

Ben Laurie found a bug in the optional renegotiation code in mod_ssl included with Apache 2 versions 2.0.35 through 2.0.46 that can cause cipher suite restrictions to be ignored. This is triggered if optional renegotiation is used (SSLOptions +OptRenegotiate) along with verification of client certificates and a change to the cipher suite over the renegotiation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0192 to this issue.

 SuSE Security Announcement

        Package:                kernel
        Announcement-ID:        SuSE-SA:2003:034
        Date:                   Tue Aug 12 18:15:00 CEST 2003
        Affected products:      7.2, 7.3, 8.0, 8.1, 8.2
                                SuSE Linux Database Server,
                                SuSE eMail Server III, 3.1
                                SuSE Linux Enterprise Server 7, 8
                                SuSE Linux Firewall on CD/Admin host
                                SuSE Linux Connectivity Server
                                SuSE Linux Office Server
                                SuSE Linux Openexchange Server
                                SuSE Linux Desktop 1.0
                                United Linux 1.0
        Vulnerability Type:     local privilege escalation,
                                remote Denial of Service (DoS)
        Severity (1-10):        7
        SuSE default package:   yes
        Cross References:       CAN-2003-0476
                                CAN-2003-0501
                                CAN-2003-0464

Webmaster's note: Mastering Red Hat 9 is currently Linux Online's featured book

What advice do you have for people that are considering switching to Linux?

Start small and experiment. There are several simple ways to start with Linux. If you don't have a spare computer, you can start with a dual-boot with Microsoft Windows. You can install Linux inside a VMWare machine. With the Knoppix distribution, you can even try Linux from your CD.

It's OK to start your journey from the GUI. If you're a regular user, open your documents and spreadsheets in one of the Linux Office suites. Check out your graphics in The GIMP. Download the games that you desire. In most cases, you'll be pleasantly surprised with the results. And then you can count all the money that you're saving.

If you want to participate as an administrator in the coming Linux boom, experiment with the graphical Red Hat system administration tools. See what these tools do to your configuration files. This can help you learn the basics of Linux administration quickly. But remember, these are just basics. You can do so much more when you edit a configuration file directly. Linux administrators do need to learn to work at the command line interface.

                Mandrake Linux Security Update Advisory
_________________________________________________________

Package name:           kernel
Advisory ID:            MDKSA-2003:074
Date:                   July 15th, 2003

Affected versions:	8.2, 9.0, Corporate Server 2.1,
			Multi Network Firewall 8.2
__________________________________________________________

3. Problem description:

Mozilla is an open source web browser.

A heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL referencing a malformed .jar file, which overflows a buffer during decompression. This issue affects versions Mozilla packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0.

These errata packages upgrade Mozilla to version 1.0.2, which is not vulnerable to this issue. Mozilla 1.0.2 also contains a number of other stability and security enhancements.

Webmaster's note: Other Linux distributions have issued this same advisory. Please check your particular distribution's security pages for more information

The logging code in nfs-utils contains an off-by-one buffer overrun when adding a newline to the string being logged. This vulnerability may allow an attacker to execute arbitrary code or cause a denial of service condition by sending certain RPC requests.

After a number of technology preview and beta versions, Trustix Secure Linux announced the release of Trustix Secure Linux 2.0. Trustix Secure Linux is a Linux distribution aimed towards the server market. It's packages are carefully selected to provide the services in the most secure manner. According to Erlend Midttun, TSL project manager, this is the best Trustix Secure Linux ever.

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server.

This update contains fixes for a number of bugs discovered in the version of PHP included in Red Hat Linux 8.0 and 9. These bugs include the use of a PHP script as an ErrorDocument and possible POST body corruption in some configurations.