Benchmark-Perl-Formance-Cargo
view release on metacpan or search on metacpan
share/SpamAssassin/easy_ham_2/01345.c40d5798193a4a060ec9f3d2321e37e4 view on Meta::CPAN
for <jm@localhost>; Tue, 6 Aug 2002 12:21:00 -0400 (EDT)
Received: from phobos [127.0.0.1]
by localhost with IMAP (fetchmail-5.9.0)
for jm@localhost (single-drop); Tue, 06 Aug 2002 17:21:00 +0100 (IST)
Received: from outgoing.securityfocus.com (outgoing3.securityfocus.com
[66.38.151.27]) by dogma.slashnull.org (8.11.6/8.11.6) with ESMTP id
g76GLIk09510 for <legit-lists-secfocus@jmason.org>; Tue, 6 Aug 2002
17:21:18 +0100
Received: from lists.securityfocus.com (lists.securityfocus.com
[66.38.151.19]) by outgoing.securityfocus.com (Postfix) with QMQP id
9D913A30D7; Tue, 6 Aug 2002 10:12:42 -0600 (MDT)
Mailing-List: contact linux-secnews-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <linux-secnews.list-id.securityfocus.com>
List-Post: <mailto:linux-secnews@securityfocus.com>
List-Help: <mailto:linux-secnews-help@securityfocus.com>
List-Unsubscribe: <mailto:linux-secnews-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:linux-secnews-subscribe@securityfocus.com>
Delivered-To: mailing list linux-secnews@securityfocus.com
Delivered-To: moderator for linux-secnews@securityfocus.com
Received: (qmail 14854 invoked from network); 6 Aug 2002 16:05:02 -0000
Date: Tue, 6 Aug 2002 10:03:52 -0600 (MDT)
From: John Boletta <jboletta@securityfocus.com>
To: linux-secnews@securityfocus.com
Subject: SecurityFocus Linux Newsletter #92
Message-Id: <Pine.LNX.4.43.0208061003200.9767-100000@mail.securityfocus.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
SecurityFocus Linux Newsletter #92
----------------------------------
This newsletter is sponsored by: SecurityFocus DeepSight Threat Management
System
>>From June 24th - August 31st, 2002, SecurityFocus announces a FREE
two-week trial of the DeepSight Threat Management System: the only early
warning system providing customizable and comprehensive early warning of
cyber attacks and bulletproof countermeasures to prevent attacks before
they hit your network.
With the DeepSight Threat Management System, you can focus on proactively
deploying prioritized and specific patches to protect your systems from
attacks, rather than reactively searching dozens of Web sites or hundreds
of emails frantically trying to gather information on the attack and how
to recover from it.
Sign up today!
http://www.securityfocus.com/corporate/products/promo/tmstrial-lx.shtml
-------------------------------------------------------------------------------
I. FRONT AND CENTER
1. Advanced Log Processing
2. Assessing Internet Security Risk, Part Three: an Internet...
3. Copyright, Security, and the Hollywood Hacking Bill
4. SecurityFocus DPP Program
II. LINUX VULNERABILITY SUMMARY
1. OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow...
2. Abyss Web Server HTTP GET Request Directory Contents Disclosure...
3. DotProject User Cookie Authentication Bypass Vulnerability
4. OpenSSL SSLv3 Session ID Buffer Overflow Vulnerability
5. phpBB2 Gender Mod Remote SQL Injection Vulnerability
6. ShoutBox Form Field HTML Injection Vulnerability
7. Sympoll File Disclosure Vulnerability
8. OpenSSL ASN.1 Parsing Error Denial Of Service Vulnerability
9. William Deich Super SysLog Format String Vulnerability
10. Frederic Tyndiuk Eupload Plain Text Password Storage...
11. Util-linux File Locking Race Condition Vulnerability
12. OpenSSL Kerberos Enabled SSLv3 Master Key Exchange Buffer...
13. OpenSSL ASCII Representation Of Integers Buffer Overflow...
14. ParaChat Phantom User Denial Of Service Vulnerability
15. OpenSSH Trojan Horse Vulnerability
16. Bharat Mediratta Gallery Remote File Include Vulnerability
17. John G. Myers MUnpack Malformed MIME Encoded Message Buffer...
18. Dispair Remote Command Execution Vulnerability
19. Mailreader Session Hijacking Vulnerability
20. John G. Myers MPack/MUnpack Malformed Filename Vulnerability
21. Fake Identd Client Query Remote Buffer Overflow Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. LDAP Auth? (Thread)
2. LDAP auth (Thread)
3. Administrivia: Gone Fishin' (Thread)
IV. NEW PRODUCTS FOR LINUX PLATFORMS
1. Gateway Guardian
2. PakSecured Linux
3. Progressive Systems VPN
V. NEW TOOLS FOR LINUX PLATFORMS
1. Astaro Security Linux (Stable 3.x) v3.202
2. FCheck 2.07.59
3. The @stake Sleuth Kit (TASK) v1.50
VI. SPONSORSHIP INFORMATION
I. FRONT AND CENTER
-------------------
1. Advanced Log Processing
By Anton Chuvakin
Reading logs is a crucial part of incident detection and response.
However, it is easy for security personnel to be overwhelmed by the sheer
volume of logs. This article will offer a brief overview of log analysis,
particularly: log transmission, log collection and log analysis. It will
also briefly touch upon log storing and archival.
http://online.securityfocus.com/infocus/1613
2. Assessing Internet Security Risk, Part Three: an Internet Assessment
Methodology Continued
by Charl van der Walt
This article is the third in a series that is designed to help readers to
assess the risk that their Internet-connected systems are exposed to. In
the first installment, we established the reasons for doing a technical
risk assessment. In the second part, we started to discuss the methodology
that we follow in performing this kind of assessment. In this installment,
we will continue to discuss methodology, particularly visibility and
vulnerability scanning.
http://online.securityfocus.com/infocus/1612
share/SpamAssassin/easy_ham_2/01345.c40d5798193a4a060ec9f3d2321e37e4 view on Meta::CPAN
Remote: Yes
Date Published: Jul 30 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/5363
Summary:
OpenSSL is an open source implementation of the SSL protocol. It is used
by a number of other projects, including but not restricted to Apache,
Sendmail, Bind, etc.. It is commonly found on Linux and Unix based
systems.
A buffer overflow vulnerability has been reported in some versions of
OpenSSL.
When initiating an OpenSSL session, some information is shared between the
client and the server, including key data. The reported vulnerability lies
in the handling of the client key value during the negotiation of the
SSLv2 protocol.
A malicious client may exploit this vulnerability by transmitting a
malformed key to the vulnerable server. Careful exploitation may result in
execution of arbitrary code as the server process, and the attacker
gaining local access to the vulnerable system. More primitive attacks may
result in the server process crashing, possibly producing a denial of
service condition.
The consequences of exploitation may vary with the nature of the
application using OpenSSL.
Oracle reports that CorporateTime Outlook Connector is only vulnerable
under Microsoft Windows 98, NT, 2K, and XP.
** This vulnerability was originally part of BID 5353, Multiple OpenSSL
Buffer Overflow Vulnerabilities. It has now been reissued as a separate
vulnerability.
2. Abyss Web Server HTTP GET Request Directory Contents Disclosure Vulnerability
BugTraq ID: 5345
Remote: Yes
Date Published: Jul 29 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/5345
Summary:
Abyss Web Server is a freely available personal web server. It is
maintained by Aprelium Technologies and runs on Microsoft Windows
operating systems, as well as Linux.
A vulnerability has been reported for Abyss Web Server 1.0.3 running on a
Microsoft Windows platform. It is possible for an attacker to make a
request such that the contents of the specified directory are revealed.
The vulnerability occurs due to the manner in which excessive '/'
characters are handled in web requests. An attacker making a GET request
followed by 256 '/' characters will cause Abyss Web Server to return an
error page containing the directory listing of the specified directory.
An attacker may be able to use this information to launch further,
potentially damaging attacks, against a vulnerable system.
3. DotProject User Cookie Authentication Bypass Vulnerability
BugTraq ID: 5347
Remote: Yes
Date Published: Jul 29 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/5347
Summary:
dotproject is web-based project management software, written in PHP. It
is designed to run on Unix and Linux variants.
dotproject is prone to an issue which may allow remote attackers to bypass
authentication and gain administrative access to the software.
This may be accomplished by submitting a maliciously crafted 'user_cookie'
value either manually or via manipulation of URI parameters. For example,
the attacker may manually craft a cookie with a 'user_cookie' value of 1
and submit it to the project management system. An attacker may also
submit a malicious web request with the 'user_cookie' URI parameter set to
1. In both instances, the attacker will gain administrative access to the
project management system.
This problem is due to the software relying on the 'user_cookie' value to
authenticate the user.
4. OpenSSL SSLv3 Session ID Buffer Overflow Vulnerability
BugTraq ID: 5362
Remote: Yes
Date Published: Jul 30 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/5362
Summary:
OpenSSL is an open source implementation of the SSL protocol. It is used
by a number of other projects, including but not restricted to Apache,
Sendmail, Bind, etc.. It is commonly found on Linux and Unix based
systems.
A vulnerability has been reported for OpenSSL. The vulnerability affects
SSLv3 session IDs.
When initiating contact with SSLv3 servers, clients and servers alike
exchange information. Session information is stored in a session key with
a unique session ID.
Reportedly when a an oversized SSL version 3 session ID is supplied to a
client from a malicious server, it is possible to overflow a buffer on the
remote system. This could result in key memory areas on the vulnerable,
remote system being overwritten, including stack frame data.
An attacker may be able to take advantage of this vulnerability to execute
malicious code on a vulnerable SSLv3 client machine.
Oracle reports that CorporateTime Outlook Connector is only vulnerable
under Microsoft Windows 98, NT, 2K, and XP.
** This vulnerability was originally part of BID 5353, Multiple OpenSSL
Buffer Overflow Vulnerabilities. It has now been reissued as a separate
vulnerability.
5. phpBB2 Gender Mod Remote SQL Injection Vulnerability
( run in 2.903 seconds using v1.01-cache-2.11-cpan-cdf2f3d4e48 )