Daniel Ahlberg | 2 Dec 14:39 2002
Picon

GLSA: pine


--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-1
--------------------------------------------------------------------

PACKAGE : pine
SUMMARY : remote DOS
DATE    : 2002-12-02 13:12 UTC
EXPLOIT : remote

--------------------------------------------------------------------

An attacker can send a fully legal email message with a crafted
From-header and thus forcing pine to core dump on startup.
The only way to launch pine is manually removing the bad message
either directly from the spool, or from another MUA. Until the
message has been removed or edited there is no way of accessing
the INBOX using pine.

Read the full advisory at
http://marc.theaimsgroup.com/?l=bugtraq&m=103668430620531&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-mail/pine-4.44-r5 and earlier update their systems as follows:

emerge rsync
emerge pine
emerge clean
(Continue reading)

stephen joseph butler | 2 Dec 15:20 2002
Picon

Re: GLSA: pine

On Mon, 2 Dec 2002, Daniel Ahlberg wrote:
> It is recommended that all Gentoo Linux users who are running
> net-mail/pine-4.44-r5 and earlier update their systems as follows:

Are there any plans to update the net-mail/pine-maildir ebuild as well?

--

-- 
Stephen J. Butler              | Documentation is like sex: when it is
Computer Engineering           | good, it is very, very good; and when
sbutler1 <at> uiuc.edu              | it is bad, it is better than nothing.
www.uiuc.edu/~sbutler1/pgp.asc |	-- Dick Brandon

--
gentoo-security <at> gentoo.org mailing list

Henti Smith | 6 Dec 12:04 2002
Picon

Re: net-analyser/cacti digest mismatch

On Fri, 29 Nov 2002 18:45:29 +0100 (CET)
"Christian Skarby" <christian <at> skarby.no> wrote:

> cacti-0.6.8a.tar.gz is incremented with 17 bytes from the time the digest
> was created until today. Would it be safe to create a new digest? Or are
> there good reasons to believe there is a trojan in the new tar.gz?

if only 18 bytes .. why not extract and diff to see what the diff is ? 

Henti 

--
gentoo-security <at> gentoo.org mailing list

Christian Skarby | 6 Dec 13:12 2002
Picon

Re: net-analyser/cacti digest mismatch

Henti Smith, received Fri, December 6, 2002 12:04
> if only 18 bytes .. why not extract and diff to see what the diff is ?
(...)

I do not have both of them, but I believe Daniel Alhberg did do a diff, at
least this is what he replied.

Daniel Alhberg, received Fri, November 29, 2002 21:04
> My preliminary conclustion is that it's safe to make a new digest. The file
> downloaded from the packages homepage is 207214 bytes, same as the file on
> ibiblio. I found a version of the file that was 202197 bytes from Debian
but
> I have not been able to find any differences in the unpacked files between
> the two.

Christian

--
gentoo-security <at> gentoo.org mailing list

Çağıl Şeker | 12 Dec 17:04 2002
Picon

Fast MD5 cracker program?


While testing our security we've found out that md5 hashing mechanism that was used some of our software is
vulnerable to brute-force attacks. To test that we are trying md5 cracking programs on our software.
We've used mdcracker and john-the-ripper.

mdcracker is really fast (~3 million tries a second on optimized gentoo-linux athlon-xp 2000+) but it
lacks dictionary based and more clever tries.

jtr is better but really slow. Are there other utilities that have some probabilistic or dictionary-based
mechanism and still not very slow? 

Regards,

Cagil SEKER
-----------------

--
gentoo-security <at> gentoo.org mailing list

Çağıl Şeker | 13 Dec 07:35 2002
Picon

RE: Fast MD5 cracker program?

> -----Original Message-----
> From: Joachim Blaabjerg [mailto:styx <at> gentoo.org]
> Sent: 12 Aralık 2002 Perşembe 20:16
> To: Çağıl Şeker
> Cc: gentoo-security <at> gentoo.org
> Subject: Re: [gentoo-security] Fast MD5 cracker program?
> 
> 
> On Thursday 12 December 2002 17:04, Çağıl Şeker wrote:
> > While testing our security we've found out that md5 hashing 
> mechanism that
> > was used some of our software is vulnerable to brute-force 
> attacks. To test
> > that we are trying md5 cracking programs on our software. We've used
> > mdcracker and john-the-ripper.
> 
> Just curious, where can I find this mdcracker? I can't find 
> it in portage, and 
> even google can't help.
> 
> Regards,
> 

You can find mdcrack at "http://membres.lycos.fr/mdcrack/index2.html" with its sources.

Regards

--
gentoo-security <at> gentoo.org mailing list

(Continue reading)

Daniel Ahlberg | 15 Dec 13:25 2002
Picon

GLSA: mysql


--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-2
--------------------------------------------------------------------

PACKAGE : mysql
SUMMARY : remote DOS and arbitrary code execution
DATE    : 2002-12-15 12:12 UTC
EXPLOIT : remote

--------------------------------------------------------------------

From e-matters advisory:

"We have discovered two flaws within the MySQL server that can be used
by any MySQL user to crash the server. Furthermore one of the flaws can
be used to bypass the MySQL password check or to execute arbitrary code
with the privileges of the user running mysqld.
   
We have also discovered an arbitrary size heap overflow within the mysql
client library and another vulnerability that allows to write '\0' to any
memory address. Both flaws could allow DOS attacks against or arbitrary
code execution within anything linked against libmysqlclient."

Read the full advisory at
http://security.e-matters.de/advisories/042002.html

SOLUTION

It is recommended that all Gentoo Linux users who are running
(Continue reading)

Daniel Ahlberg | 15 Dec 14:07 2002
Picon

GLSA: fetchmail


--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-3
--------------------------------------------------------------------

PACKAGE : fetchmail
SUMMARY : buffer overflow
DATE    : 2002-12-15 13:12 UTC
EXPLOIT : remote

--------------------------------------------------------------------

From e-matters advisory:

"In the light of recent discoveries we reaudited Fetchmail and found
another bufferoverflow within the default configuration. This heap
overflow can be used by remote attackers to crash it or to execute 
arbitrary code with the privileges of the user running fetchmail. 
Depending on the configuration this allows a remote root compromise."

Read the full advisory at
http://security.e-matters.de/advisories/052002.html

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-mail/fetchmail-6.1.2 and earlier update their systems as follows:

emerge rsync
emerge fetchmail
(Continue reading)

Daniel Ahlberg | 15 Dec 15:56 2002
Picon

GLSA: mysql


--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-2.1
--------------------------------------------------------------------

PACKAGE : mysql
SUMMARY : remote DOS and arbitrary code execution
DATE    : 2002-12-15 12:12 UTC
EXPLOIT : remote

--------------------------------------------------------------------

The original advisory sent by me contained a typo (net-misc/freeswan
should have been dev-db/mysql). This re-issue has the correct text.

From e-matters advisory:

"We have discovered two flaws within the MySQL server that can be used
by any MySQL user to crash the server. Furthermore one of the flaws can
be used to bypass the MySQL password check or to execute arbitrary code
with the privileges of the user running mysqld.
   
We have also discovered an arbitrary size heap overflow within the mysql
client library and another vulnerability that allows to write '\0' to any
memory address. Both flaws could allow DOS attacks against or arbitrary
code execution within anything linked against libmysqlclient."

Read the full advisory at
http://security.e-matters.de/advisories/042002.html

(Continue reading)

Daniel Ahlberg | 15 Dec 15:38 2002
Picon

GLSA: squirrelmail


--------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-4
--------------------------------------------------------------------

PACKAGE : squirrelmail
SUMMARY : cross site scripting
DATE    : 2002-12-15 14:12 UTC
EXPLOIT : remote

--------------------------------------------------------------------

euronymous <just-a-user <at> yandex.ru> found that read_body.php didn't 
filter out user input for 'filter_dir' and 'mailbox', making a xss
attack possible.

Read the full advisory at
http://f0kp.iplus.ru/bz/008.txt

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-mail/squirrelmail-1.2.9 and earlier update their systems as follows:

emerge rsync
emerge squirrelmail
emerge clean

--------------------------------------------------------------------
aliz <at> gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
(Continue reading)


Gmane