From security em unicamp.br Tue Aug 3 16:00:11 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 3 Aug 2004 16:00:11 -0300 Subject: [SECURITY-L] Vulnerabilidades de seguranca Message-ID: <20040803190011.GB40929@unicamp.br> Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Anúncio de Segurança do Conectiva Linux --------------------------------------- 30/07/2004 - CLA-2004:855 Assunto: Vulnerabilidade de estouro de buffer no pacote sox. http://www.security.unicamp.br/docs/bugs/2004/07/v108.txt CAIS-Alerta ----------- 03/08/2004 Assunto: Atualizacao do Boletim de Seguranca Microsoft MS04-025. http://www.security.unicamp.br/docs/bugs/2004/08/v3.txt 30/07/2004 Assunto: Patch acumulativo para MS Internet Explorer (MS04-025). http://www.security.unicamp.br/docs/bugs/2004/07/v113.txt Gentoo Linux Security Advisory ------------------------------ 01/08/2004 - GLSA 200408-01 Assunto: MPlayer: GUI filename handling overflow. http://www.security.unicamp.br/docs/bugs/2004/08/v1.txt 30/07/2004 - GLSA 200407-23 Assunto: SoX: Multiple buffer overflows. http://www.security.unicamp.br/docs/bugs/2004/07/v107.txt 29/07/2004 - GLSA 200407-22 Assunto: phpMyAdmin: Multiple vulnerabilities. http://www.security.unicamp.br/docs/bugs/2004/07/v105.txt Mandrakelinux Security Update Advisory -------------------------------------- 29/07/2004 - MDKSA-2004:077 Assunto: vulnerabilidades de seguranca no pacote wv. http://www.security.unicamp.br/docs/bugs/2004/07/v106.txt Microsoft Security Bulletins: ----------------------------- 01/08/2004 - Microsoft Security Bulletin Re-release, August 2004 http://www.security.unicamp.br/docs/bugs/2004/08/v2.txt 30/07/2004 - UPDATE: Microsoft Security Bulletin Summary for July 2004 http://www.security.unicamp.br/docs/bugs/2004/07/v114.txt SCO Security Advisory --------------------- 29/07/2004 - SCOSA-2004.12 Assunto: OpenServer 5.0.6 OpenServer 5.0.7 : uudecode does not check for symlink or pipe. http://www.security.unicamp.br/docs/bugs/2004/07/v112.txt 29/07/2004 - SCOSA-2004.10 Assunto: OpenServer 5.0.6 OpenServer 5.0.7 : OpenSSL Multiple Vulnerabilities. http://www.security.unicamp.br/docs/bugs/2004/07/v111.txt 29/07/2004 - SCOSA-2004.3 Assunto: OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges. http://www.security.unicamp.br/docs/bugs/2004/07/v110.txt 29/07/2004 - SCOSA-2004.2 Assunto: UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges. http://www.security.unicamp.br/docs/bugs/2004/07/v109.txt US-CERT Technical Cyber Security Alert: --------------------------------------- 30/07/2004 - TA04-212A Assunto: Critical Vulnerabilities in Microsoft Windows. http://www.security.unicamp.br/docs/bugs/2004/07/v115.txt -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security em unicamp.br http://www.security.unicamp.br From security em unicamp.br Wed Aug 4 16:22:20 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 4 Aug 2004 16:22:20 -0300 Subject: [SECURITY-L] Vulnerabilidades de seguranca Message-ID: <20040804192220.GA43015@unicamp.br> Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Debian Security Advisory ------------------------ 02/08/2004 - DSA 535-1 Assunto: vulnerabilidade de seguranca no pacote squirrelmail. http://www.security.unicamp.br/docs/bugs/2004/08/v4.txt Fedora Update Notification -------------------------- 04/08/2004 - FEDORA-2004-239 Assunto: Fedora Core 2: libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v8.txt 04/08/2004 - FEDORA-2004-238 Assunto: Fedora Core 2: libpng10. http://www.security.unicamp.br/docs/bugs/2004/08/v7.txt 04/08/2004 - FEDORA-2004-237 Assunto: Fedora Core 1: libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v6.txt 04/08/2004 - FEDORA-2004-236 Assunto: Fedora Core 1: libpng10. http://www.security.unicamp.br/docs/bugs/2004/08/v5.txt SUSE Security Announcement -------------------------- 04/08/2004 - SUSE-SA:2004:023 Assunto: vulnerabilidade de seguranca no pacote libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v10.txt US-CERT Technical Cyber Security Alert: --------------------------------------- 04/08/2004 - TA04-217A Assunto: Multiple Vulnerabilities in libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v9.txt -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security em unicamp.br http://www.security.unicamp.br From security em unicamp.br Thu Aug 5 15:21:14 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 5 Aug 2004 15:21:14 -0300 Subject: [SECURITY-L] Vulnerabilidades de seguranca Message-ID: <20040805182113.GA48783@unicamp.br> Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: CAIS-Alerta ----------- 04/08/2004 Assunto: Multiplas vulnerabilidades no libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v14.txt Debian Security Advisory: ------------------------- 04/08/2004 - DSA 536-1 Assunto: vulnerabilidade de seguranca no pacote libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v15.txt Gentoo Linux Security Advisory ------------------------------ 05/08/2004 - GLSA 200408-04 Assunto: PuTTY: Pre-authentication arbitrary code execution. http://www.security.unicamp.br/docs/bugs/2004/08/v17.txt 05/08/2004 - GLSA 200408-03 Assunto: libpng: Numerous vulnerabilities. http://www.security.unicamp.br/docs/bugs/2004/08/v16.txt 04/08/2004 - GLSA 200408-02 Assunto: Courier: Cross-site scripting vulnerability in SqWebMail. http://www.security.unicamp.br/docs/bugs/2004/08/v12.txt Mandrakelinux Security Update Advisory -------------------------------------- 04/08/2004 - MDKSA-2004:079 Assunto: vulnerabilidade de seguranca no pacote libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v13.txt OpenPKG Security Advisory ------------------------- 04/08/2004 - OpenPKG-SA-2004.035 Assunto: vulnerabilidade de seguranca no pacote png. http://www.security.unicamp.br/docs/bugs/2004/08/v11.txt -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security em unicamp.br http://www.security.unicamp.br From security em unicamp.br Wed Aug 11 16:00:50 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 11 Aug 2004 16:00:50 -0300 Subject: [SECURITY-L] Vulnerabilidades de seguranca Message-ID: <20040811190048.GF58549@unicamp.br> Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Anúncio de Segurança do Conectiva Linux: ---------------------------------------- 06/08/2004 - CLA-2004:857 Assunto: Vulnerabilidade de formatação de string no módulo mod_ssl. http://www.security.unicamp.br/docs/bugs/2004/08/v23.txt 06/08/2004 - CLA-2004:856 Assunto: Vulnerabilidades diversas na libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v22.txt Fedora Update Notification: --------------------------- 10/08/2004 - FEDORA-2004-251 Assunto: Fedora Core 1: kernel. http://www.security.unicamp.br/docs/bugs/2004/08/v31.txt Gentoo Linux Security Advisory: ------------------------------- 10/08/2004 - GLSA 200408-07 Assunto: Horde-IMP: Input validation vulnerability for Internet Explorer users. http://www.security.unicamp.br/docs/bugs/2004/08/v30.txt 09/08/2004 - GLSA 200408-06 Assunto: SpamAssassin: Denial of Service vulnerability. http://www.security.unicamp.br/docs/bugs/2004/08/v27.txt 05/08/2004 - GLSA 200408-05 Assunto: Opera: Multiple new vulnerabilities. http://www.security.unicamp.br/docs/bugs/2004/08/v19.txt HP Security Bulletin: --------------------- 08/08/2004 - HPSBUX01068 Assunto: HP-UX Apache Remote arbitrary code execution. http://www.security.unicamp.br/docs/bugs/2004/08/v33.txt 08/08/2004 - HPSBUX01065 Assunto: HP-UX Process Resource Manager (PRM) potential data corruption. http://www.security.unicamp.br/docs/bugs/2004/08/v32.txt 06/08/2004 - HPSBUX01062 Assunto: HP-UX CIFS Server potential remote root access. http://www.security.unicamp.br/docs/bugs/2004/08/v21.txt 02/08/2004 - HPSBUX01064 Assunto: HP-UX Apache, PHP remote code execution, Denial of Service. http://www.security.unicamp.br/docs/bugs/2004/08/v20.txt Mandrakelinux Security Update Advisory: --------------------------------------- 09/08/2004 - MDKSA-2004:080 Assunto: vulnerabilidade de seguranca no pacote shorewall. http://www.security.unicamp.br/docs/bugs/2004/08/v28.txt Microsoft Security Bulletins: ----------------------------- 10/08/2004 Assunto: Microsoft Security Bulletin Re-release, August 2004. http://www.security.unicamp.br/docs/bugs/2004/08/v38.txt OpenPKG Security Advisory: -------------------------- 06/08/2004 - OpenPKG-SA-2004.036 Assunto: vulnerabilidade de seguranca no pacote cvstrac. http://www.security.unicamp.br/docs/bugs/2004/08/v24.txt Slackware Security Advisory: ---------------------------- 10/08/2004 - SSA:2004-223-03 Assunto: vulnerabilidade de seguranca no pacote sox. http://www.security.unicamp.br/docs/bugs/2004/08/v37.txt 10/08/2004 - SSA:2004-223-02 Assunto: vulnerabilidade de seguranca no pacote imagemagick. http://www.security.unicamp.br/docs/bugs/2004/08/v36.txt 10/08/2004 - SSA:2004-223-01 Assunto: vulnerabilidade de seguranca no pacote Mozilla. http://www.security.unicamp.br/docs/bugs/2004/08/v35.txt 10/08/2004 - SSA:2004-222-01b Assunto: Slackware 9.0, libpng correction. http://www.security.unicamp.br/docs/bugs/2004/08/v34.txt 09/08/2004 - SSA:2004-222-01 Assunto: vulnerabilidade de seguranca no pacote libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v29.txt SUSE Security Announcement: --------------------------- 09/08/2004 - SUSE-SA:2004:024 Assunto: vulnerabilidade de seguranca no kernel. http://www.security.unicamp.br/docs/bugs/2004/08/v25.txt Trustix Secure Linux Security Advisory: --------------------------------------- 09/08/2004 - #2004-0041 Assunto: vulnerabilidade de seguranca no kernel. http://www.security.unicamp.br/docs/bugs/2004/08/v26.txt 05/08/2004 - #2004-0040 Assunto: vulnerabilidade de seguranca no pacote libpng. http://www.security.unicamp.br/docs/bugs/2004/08/v18.txt -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br From security em unicamp.br Thu Aug 12 09:49:56 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 12 Aug 2004 09:49:56 -0300 Subject: [SECURITY-L] Press Release / Convite Message-ID: <20040812124951.GB60960@unicamp.br> ----- Forwarded message from Denny Roger ----- From: "Denny Roger" Subject: Press Release / Convite To: Date: Wed, 11 Aug 2004 16:45:34 -0300 X-Mailer: Microsoft Outlook Express 6.00.2800.1437 Prezados, Política de segurança da informação, gerenciamento de segurança em grandes redes, problemas da legislação, questões legais relativas ao spam, perfil de quem comete fraudes financeiras através dos computadores e as principais vulnerabilidades encontradas nas aplicações atuais relacionadas ao desenvolvimento de softwares serão alguns dos temas a serem apresentados durante o 1º Batori Security Day, evento que se realiza em São Paulo, no próximo dia 18. ............ Press Release Evento vai discutir segurança da informação e aspectos legais relacionados aos crimes eletrônicos Cerca de 500 profissionais ligados às áreas de Tecnologia da Informação, Direito e Segurança da Informação, e estudantes universitários, deverão participar do 1º Batori Security Day, no próximo dia 18, em São Paulo. O objetivo do evento, organizado pela Batori Software & Security, é informar e atualizar gestores de segurança da informação diante do crescimento da rápida disseminação de vírus de computador, do roubo de informações confidenciais e dos crescentes riscos envolvendo negócios realizados através da rede mundial. O programa inclui uma série de palestras, que abordarão desde o perfil do estelionatário e a identificação de fraudes via internet banking, a prevenção em relação aos spams, as questões legais envolvidas e as principais vulnerabilidades encontradas nas aplicações atuais. Também serão discutidos os fundamentos e as mais recentes aplicações da certificação digital, o gerenciamento da segurança de grandes redes, os crimes eletrônicos, a privacidade e controle de usuários, bem como a responsabilidade dos gestores de sistemas e decisões judiciais nacionais e internacionais. Vários cases serão apresentados durante o evento, que terá como palestrantes Alberto Afonso e Emerson Miron, do Banco Real - ABN AMRO, Paulo Eduardo Outa, do Serasa, Nelson Corrêa, da Lucent Technologies, Ricardo Kiyoshi, da Batori, e do advogado Renato Opice Blum, especialista em crimes eletrônicos, entre outros. Denny Roger, diretor da Batori Software & Security, deverá abordar os vários aspectos da atuação da máfia eletrônica, apresentando técnicas utilizadas por estelionatários para aplicar fraudes financeiras através dos computadores nos dias de hoje e demonstrando como a implantação de um projeto customizado de Segurança da Informação pode auxiliar as organizações a prevenir esse tipo de risco. "As diferenças entre as atividades do hacker, do cracker e do lammer, e a demonstração, na prática, de algumas técnicas de invasão e do esquema de fraudes através dos computadores certamente serão um dos pontos que despertarão grande interesse", completa Roger, que também está organizando o evento. Um pouco sobre a Batori Software & Security Fundada em 1997, a empresa dedicou-se inicialmente ao desenvolvimento de softwares corporativos. Nos anos seguintes, passa a atender seus clientes na área de infra-estrutura. Em 2002, começa a atuar em desenvolvimento de projetos na área de Segurança da Informação, área que rapidamente se transforma em sua atividade principal. A Batori também realiza regularmente vários cursos de especialização em desenvolvimento de softwares e segurança da informação, geralmente ministrados a pequenos grupos, em sua própria sede, na região central de São Paulo. Desde a sua criação a Batori vem apresentando um crescimento superior a 100% ao ano em seu faturamento. Conta, atualmente com 87 clientes, performance que está levando a Empresa a mirar alguns países de língua hispânica da América Latina e da Europa para ampliação de seus negócios. Serviço: Evento: 1º Batori Security Day Data: 18 de agosto de 2004, 4a. feira, das 8h30 às 18h00hs. Local: Teatro Paulo Autran Av. João Dias, 2046 - Santo Amaro (próx. à Ponte João Dias, da Marginal Pinheiros). Estacionamento disponível no local com manobrista. Inscrições gratuitas pelo tel. (11) 3105-1619 Mais informações podem ser encontradas no site www.batori.com.br/securityday Mais informações para a imprensa/ entrevistas: Valentina Meyer Consultoria & Comunicação Tel. (11) 3168-3166 Cel. (11) 9981-5001 e-mail: v.meyer em valentinameyer.com.br ----- End forwarded message ----- From security em unicamp.br Fri Aug 13 16:29:55 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 13 Aug 2004 16:29:55 -0300 Subject: [SECURITY-L] Vulnerabilidades de seguranca Message-ID: <20040813192955.GA64334@unicamp.br> Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Anúncio de Segurança do Conectiva Linux: ---------------------------------------- 12/08/2004 - CLA-2004:858 Assunto: Vulnerabilidades diversas no SquirrelMail. http://www.security.unicamp.br/docs/bugs/2004/08/v45.txt CAIS-Alerta: ------------ 11/08/2004 Assunto: Vulnerabilidade no Exchange Server 5.5 Outlook Web Access (MS04-026). http://www.security.unicamp.br/docs/bugs/2004/08/v40.txt Gentoo Linux Security Advisory: ------------------------------- 12/08/2004 - GLSA 200408-13 Assunto: kdebase, kdelibs: Multiple security issues. http://www.security.unicamp.br/docs/bugs/2004/08/v47.txt 12/08/2004 - GLSA 200408-12 Assunto: Gaim: MSN protocol parsing function buffer overflow. http://www.security.unicamp.br/docs/bugs/2004/08/v46.txt 12/08/2004 - GLSA 200408-11 Assunto: Nessus: "adduser" race condition vulnerability. http://www.security.unicamp.br/docs/bugs/2004/08/v44.txt 12/08/2004 - GLSA 200408-10 Assunto: gv: Exploitable Buffer Overflow. http://www.security.unicamp.br/docs/bugs/2004/08/v42.txt 11/08/2004 - GLSA 200408-09 Assunto: Roundup filesystem access vulnerability. http://www.security.unicamp.br/docs/bugs/2004/08/v41.txt KDE Security Advisories: ------------------------ 11/08/2004 Assunto: Temporary File and Konqueror Frame Injection Vulnerabilities. http://www.security.unicamp.br/docs/bugs/2004/08/v39.txt SUSE Security Announcement: --------------------------- 12/08/2004 - SUSE-SA:2004:025 Assunto: vulnerabilidade de seguranca no pacote gaim. http://www.security.unicamp.br/docs/bugs/2004/08/v43.txt -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br From security em unicamp.br Tue Aug 17 14:53:56 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 17 Aug 2004 14:53:56 -0300 Subject: [SECURITY-L] Vulnerabilidades de seguranca Message-ID: <20040817175353.GA80531@unicamp.br> Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Debian Security Advisory: ------------------------- 16/08/2004 - DSA 537-1 Assunto: vulnerabilidade de seguranca no pacote ruby. http://www.security.unicamp.br/docs/bugs/2004/08/v54.txt Gentoo Linux Security Advisory: ------------------------------- 15/08/2004 - GLSA 200408-15 Assunto: Tomcat: Insecure Installation. http://www.security.unicamp.br/docs/bugs/2004/08/v53.txt 15/08/2004 - GLSA 200408-14 Assunto: acroread: UUDecode filename buffer overflow. http://www.security.unicamp.br/docs/bugs/2004/08/v52.txt Mandrakelinux Security Update Advisory: --------------------------------------- 12/08/2004 - MDKSA-2004:082 Assunto: vulnerabilidade de seguranca no pacote mozilla. http://www.security.unicamp.br/docs/bugs/2004/08/v49.txt 12/08/2004 - MDKSA-2004:081 Assunto: vulnerabilidade de seguranca no pacote gaim. http://www.security.unicamp.br/docs/bugs/2004/08/v48.txt SGI Security Advisory: ---------------------- 13/08/2004 - 20040803-01-U Assunto: SGI Advanced Linux Environment 2.4 security update #24. http://www.security.unicamp.br/docs/bugs/2004/08/v51.txt 13/08/2004 - 20040802-01-U Assunto: SGI Advanced Linux Environment 3 Security Update #9. http://www.security.unicamp.br/docs/bugs/2004/08/v50.txt SUSE Security Announcement: --------------------------- 16/08/2004 - SUSE-SA:2004:026 Assunto: vulnerabilidade de seguranca no pacote rsync. http://www.security.unicamp.br/docs/bugs/2004/08/v55.txt -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br From security em unicamp.br Wed Aug 18 09:59:47 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 18 Aug 2004 09:59:47 -0300 Subject: [SECURITY-L] OpenSSH 3.9 released Message-ID: <20040818125947.GA84587@unicamp.br> ----- Forwarded message from Markus Friedl ----- From: Markus Friedl Subject: [S] OpenSSH 3.9 released To: misc em openbsd.org Date: Wed, 18 Aug 2004 10:58:46 +0200 OpenSSH 3.9 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support to the project, especially those who contributed source and bought T-shirts or posters. We have a new design of T-shirt available, more info on http://www.openbsd.org/tshirts.html#18 For international orders use http://https.openbsd.org/cgi-bin/order and for European orders, use http://https.openbsd.org/cgi-bin/order.eu Changes since OpenSSH 3.8: ============================ * Added new "IdentitiesOnly" option to ssh(1), which specifies that it should use keys specified in ssh_config, rather than any keys in ssh-agent(1) * Make sshd(8) re-execute itself on accepting a new connection. This security measure ensures that all execute-time randomisations are reapplied for each connection rather than once, for the master process' lifetime. This includes mmap and malloc mappings, shared library addressing, shared library mapping order, ProPolice and StackGhost cookies on systems that support such things * Add strict permission and ownership checks to programs reading ~/.ssh/config NB ssh(1) will now exit instead of trying to process a config with poor ownership or permissions * Implemented the ability to pass selected environment variables between the client and the server. See "AcceptEnv" in sshd_config(5) and "SendEnv" in ssh_config(5) for details * Added a "MaxAuthTries" option to sshd(8), allowing control over the maximum number of authentication attempts permitted per connection * Added support for cancellation of active remote port forwarding sessions. This may be performed using the ~C escape character, see "Escape Characters" in ssh(1) for details * Many sftp(1) interface improvements, including greatly enhanced "ls" support and the ability to cancel active transfers using SIGINT (^C) * Implement session multiplexing: a single ssh(1) connection can now carry multiple login/command/file transfer sessions. Refer to the "ControlMaster" and "ControlPath" options in ssh_config(5) for more information * The sftp-server has improved support for non-POSIX filesystems (e.g. FAT) * Portable OpenSSH: Re-introduce support for PAM password authentication, in addition to the keyboard-interactive driver. PAM password authentication is less flexible, and doesn't support pre-authentication password expiry but runs in-process so Kerberos tokens, etc are retained * Improved and more extensive regression tests * Many bugfixes and small improvements Checksums: ========== - MD5 (openssh-3.9.tgz) = 93f48bfcc1560895ae53de6bfc41689b - MD5 (openssh-3.9p1.tar.gz) = 8e1774d0b52aff08f817f3987442a16e Reporting Bugs: =============== - please read http://www.openssh.com/report.html and http://bugzilla.mindrot.org/ OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Ben Lindstrom, Darren Tucker and Tim Rice. ----- End forwarded message ----- From security em unicamp.br Fri Aug 20 11:18:19 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 20 Aug 2004 11:18:19 -0300 Subject: [SECURITY-L] CAIS-Alerta: Vulnerabilidade no protocolo OSPF do Cisco IOS Message-ID: <20040820141818.GA88922@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Vulnerabilidade no protocolo OSPF do Cisco IOS To: rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Thu, 19 Aug 2004 11:44:52 -0300 (BRST) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS esta' repassando o alerta da Cisco, intitulado "Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload", que trata de uma vulnerabilidade que expoe dispositivos Cisco que usam IOS configurados para roteamento OSPF (Open Shortest Path First) a ataques de Negacao de Servico (DoS). A vulneabilidade ocorre no processamento de pacotes OSPF, um protocolo de roteamento intra-AS. Como e' necessario processar pacotes OSPF Unicast e Multicast, esta vulnerabilidade pode ser explorada remotamente. A exploracao da vulnerabilidade se da com o envio de um pacote mal formado para um dispositivo vulneravel, o que resulta no reload e consequente condicao de DoS do dispositivo. Entretanto, o atacante precisa conhecer algumas informacoes sobre as configuracoes do sistema atacado para ter sucesso: numero de area do OSPF, netmask da rede e configuracoes de alguns timers do sistema, por exemplo. O protocolo OSPF nao e' habilitado por padrao e deve ser configurado explicitamente. Sistemas afetados: . Todas as revisoes das versoes 12.0S, 12.2, e 12.3 Sistemas nao afetados: . Todas as versoes anteriores a 12.0 e as revisoes das versoes 12.0 e 12.1 nao sao afetadas pela vulnerabilidade. Correcoes disponiveis: Recomenda-se entrar em contato com seu representante da Cisco para obter as atualizacoes corretas para os seus equipamentos. Alem disso, a Cisco recomenda algumas solucoes para contornar o problema: . Utilizar autenticacao MD5 no protocolo OSPF: com isso os pacotes que nao tiverem uma chave valida nao serao processados. . Bloquear trafego utilizando ACLs: Deve ser bloqueado trafego de maquinas que nao tem permissao para acessar os equipamentos de infra estrutura diretamente. Mais informacoes: . Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml . Cisco OSPF Authentication http://www.cisco.com/warp/public/104/25.shtml . Cisco IOS OSPF Packet Handling Denial of Service Vulnerability http://secunia.com/advisories/12322/ O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as ultimas versoes e correcoes oferecidas pelos fabricantes. Os Alertas do CAIS tambem sao oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload Revision 1.0 For Public Release 2004 August 18 15:00 UTC (GMT) - ---------------------------------------------------------------------------- Contents Summary Affected Products Details Impact Software Versions and Fixes Obtaining Fixed Software Workarounds Exploitation and Public Announcements Status of This Notice: FINAL Distribution Revision History Cisco Security Procedures - ---------------------------------------------------------------------------- Summary ======= A Cisco device running Internetwork Operating System (IOS) and enabled for the Open Shortest Path First (OSPF) protocol is vulnerable to a Denial of Service (DoS) attack from a malformed OSPF packet. The OSPF protocol is not enabled by default. The vulnerability is only present in Cisco IOS release trains based on 12.0S, 12.2, and 12.3. Releases based on 12.0, 12.1 mainlines, and all Cisco IOS images prior to 12.0 are not affected. Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects. This advisory is available at http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml. Affected Products ================= Vulnerable Products This vulnerability was introduced by a code change that was committed to the 12.0S, 12.2, and 12.3 based release trains, causing these trains to be vulnerable. All Cisco devices running a vulnerable release train and running OSPF process are vulnerable. Some release trains that are not vulnerable are explicitly listed below for clarification. The release trains that are not mentioned below are not vulnerable. +---------------------------------------------+ | Release Train | Vulnerable | | | Versions | |-------------------------------+-------------| | 10.x based releases | Not | | | vulnerable | |-------------------------------+-------------| | 11.x based releases | Not | | | vulnerable | |-------------------------------+-------------| | 12.0 based releases (except | Not | | for 12.0.S based releases) | vulnerable | |-------------------------------+-------------| | 12.1 based releases | Not | | | vulnerable | |-------------------------------+-------------| | 12.0.S | 12.0(22)S | | | and later | |-------------------------------+-------------| | 12.0.SX | 12.0(23)SX | | | and later | |-------------------------------+-------------| | 12.0.SY | 12.0(22)SY | | | and later | |-------------------------------+-------------| | 12.0.SZ | 12.0(23)SZ | | | and later | |-------------------------------+-------------| | 12.2 mainline | Not | | | vulnerable | |-------------------------------+-------------| | 12.2.B | 12.2(15)B | | | and later | |-------------------------------+-------------| | 12.2.BC | 12.2(15)BC | | | and later | |-------------------------------+-------------| | 12.2.BX | 12.2(15)BX | | | and later | |-------------------------------+-------------| | 12.2.BZ | 12.2(15)BZ | | | and later | |-------------------------------+-------------| | 12.2.CX | 12.2(15)CX | | | and later | |-------------------------------+-------------| | 12.2.EW | 12.2(18)EW | | | and later | |-------------------------------+-------------| | 12.2.MC | 12.2(15)MC1 | | | and later | |-------------------------------+-------------| | 12.2.S | 12.2(18)S | | | and later | |-------------------------------+-------------| | 12.2.SE | 12.2(18)SE | | | and later | |-------------------------------+-------------| | 12.2.SV | 12.2(18)SV | | | and later | |-------------------------------+-------------| | 12.2.SW | 12.2(18)SW | | | and later | |-------------------------------+-------------| | 12.2.SZ | 12.2(14)SZ | | | and later | |-------------------------------+-------------| | 12.2.T | 12.2(15)T | | | and later | |-------------------------------+-------------| | 12.2.YU | 12.2(11)YU | | | and later | |-------------------------------+-------------| | 12.2.YV | 12.2(11)YV | | | and later | |-------------------------------+-------------| | 12.2.ZD | 12.2(13)ZD | | | and later | |-------------------------------+-------------| | 12.2.ZE | 12.2(13)ZE | | | and later | |-------------------------------+-------------| | 12.2.ZF | 12.2(13)ZF | | | and later | |-------------------------------+-------------| | 12.2.ZG | 12.2(13)ZG | | | and later | |-------------------------------+-------------| | 12.2.ZH | 12.2(13)ZH | | | and later | |-------------------------------+-------------| | 12.2.ZJ | 12.2(15)ZJ | | | and later | |-------------------------------+-------------| | 12.2.ZK | 12.2(15)ZK | | | and later | |-------------------------------+-------------| | 12.2.ZL | 12.2(15)ZL | | | and later | |-------------------------------+-------------| | 12.2.ZN | 12.2(15)ZN | | | and later | |-------------------------------+-------------| | 12.2.ZO | 12.2(15)ZO | | | and later | |-------------------------------+-------------| | 12.3 | All 12.3 | | | releases | |-------------------------------+-------------| | 12.3.B | All 12.3.B | | | releases | |-------------------------------+-------------| | 12.3.BW | All 12.3.BW | | | releases | |-------------------------------+-------------| | 12.3.T | All 12.3.T | | | releases | |-------------------------------+-------------| | 12.3.XA | All 12.3.XA | | | releases | |-------------------------------+-------------| | 12.3.XB | All 12.3.XB | | | releases | |-------------------------------+-------------| | 12.3.XC | All 12.3.XC | | | releases | |-------------------------------+-------------| | 12.3.XE | All 12.3.XE | | | releases | +---------------------------------------------+ A Cisco device which is running an OSPF process will have a line in the configuration defining the process number, which can be seen by issuing the command show running-config: router ospf {process number} To determine the software running on a Cisco product, log in to the device and issue the show version command to display the system banner. Cisco IOS software will identify itself as "Internetwork Operating System Software" or simply "IOS." On the next line of output, the image name will be displayed between parentheses, followed by "Version" and the Cisco IOS release name. Other Cisco devices will not have the show version command, or will give different output. The following example identifies a Cisco product running Cisco IOS release 12.0 (3) with an installed image name of C2500-IS-L: Cisco Internetwork Operating System Software IOS (TM) 2500 Software (C2500-IS-L), Version 12.0(3), RELEASE SOFTWARE The release train label is "12.0." The next example shows a product running Cisco IOS release 12.0(2a)T1 with an image name of C2600-JS-MZ: Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-JS-MZ), Version 12.0(2a)T1, RELEASE SOFTWARE (fc1) Additional information about Cisco IOS release naming can be found at http://www.cisco.com/warp/public/620/1.html. Products Confirmed Not Vulnerable * Products that are not running Cisco IOS are not affected. * Products running Cisco IOS versions 12.0 and earlier (excluding 12.0 S), 12.1 mainline and 12.2 mainline are not vulnerable. * Products running IOS release trains that are not mentioned in the above table are not vulnerable. * Products running any version of Cisco IOS that do not have OSPF configured are not vulnerable. Details ======= OSPF is a routing protocol defined by RFC 2328. It is designed to manage IP routing inside an Autonomous System (AS). OSPF packets use IP protocol number 89. A vulnerability exists in the processing of an OSPF packet that can be exploited to cause the reload of a system. Several parameters need to be known by an attacker to successfully exploit this vulnerability. These are the OSPF area number, netmask, hello, and dead timers that are configured on the targeted interface. Since OSPF needs to process unicast packets as well as multicast packets, this vulnerability can be exploited remotely. It is also possible for an attacker to target multiple systems on the local segment at a time. Using OSPF Authentication as described in the workarounds section can be used to mitigate the effects of this vulnerability. Using OSPF Authentication is a highly recommended security best practice A Cisco device receiving a malformed OSPF packet will reset and may take several minutes to become fully functional. This vulnerability may be exploited repeatedly resulting in an extended DOS attack. This issue is documented in bug ID CSCec16481. Impact ====== Successful exploitation of this vulnerability results in a reload of the device. Repeated exploitation could result in a sustained DoS attack. Software Versions and Fixes =========================== +--------------------------------------------------+ | Major | Availability of Repaired Releases* | | Release | | |------------+-------------------------------------| | Affected | | | | | 12.0-Based | Rebuild | Interim** | Maintenance | | Release | | | | |------------+-----------+-----------+-------------| | | 12.0(22) | | | | |S6 | |-------------| | | | | | | |-----------| |-------------| | | 12.0(23) | | | | | S5 | | | | |-----------+-----------+-------------| | | 12.0(24) | | | | | S2c | | | | |-----------+-----------+-------------| | 12.0(22)S | 12.0(24) | | | | and later | S4 | | | | |-----------+-----------+-------------| | | 12.0(25) | | | | | S1d | | | | |-----------+-----------+-------------| | | 12.0(25) | | | | | S2 | | | | |-----------+-----------+-------------| | | 12.0(26) | | | | |S1 |-----------|12.0(27)S | | | | | | |------------+-----------+-----------+-------------| | 12.0(23)SX | 12.0(25) | | | | and later | SX2 | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.0(22)SY | to 12.0 | | | | and later | (23)S5 or | | | | | later | | | |------------+-----------+-----------+-------------| | 12.0(23)SZ | | | 12.0(27)SZ | | and later | | | | |------------+-----------+-----------+-------------| | Affected | | | | | 12.2-Based | Rebuild | Interim** | Maintenance | | Release | | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(15)B | to 12.3 | | | | and later | (4)T or | | | | | later | | | |------------+-----------+-----------+-------------| | | 12.2(15) | | | | 12.2(15)BC | BC1c | | | |and later |-----------| | | | | 12.2(15) | | | | | BC2 | | | |------------+-----------+-----------+-------------| | | 12.2(16) | | | | | BX | | | | 12.2(15)BX | Migrate | | | | and later | to 12.3 | | | | | (7)XI1 or | | | | | later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(15)BZ | to 12.3 | | | | and later | (7)XI1 or | | | | | later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(15)CX | to 12.2 | | | | and later | (15)BC2 | | | | | or later | | | |------------+-----------+-----------+-------------| | 12.2(18)EW | 12.2(18) | | | | | EW1 | | | |------------+-----------+-----------+-------------| | | 12.2(15) | | | | 12.2(15) | MC2a | | | | MC1 and | available | | | | later | upon | | | | | request | | | |------------+-----------+-----------+-------------| | 12.2(18)S | 12.2(18) | | 12.2(20)S | | and later | S5 | | | |------------+-----------+-----------+-------------| | 12.2(18)SE | | | 12.2(20)SE | | and later | | | | |------------+-----------+-----------+-------------| | 12.2(18)SV | | | 12.2(22)SV | | and later | | | | |------------+-----------+-----------+-------------| | 12.2(18)SW | | | 12.2(20)SW | | and later | | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(14)SZ | to 12.2 | | | | and later | (20)S4 or | | | | | later | | | |------------+-----------+-----------+-------------| | 12.2(15)T | 12.2(15) | | | | and later | T8 | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(11)YU | to 12.3 | | | | and later | (4)T or | | | | | later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(11)YV | to 12.3 | | | | and later | (4)T or | | | | | later | | | |------------+-----------+-----------+-------------| | 12.2(13)ZD | Migrate | | | | and later | to 12.3T | | | | | or later | | | |------------+-----------+-----------+-------------| | 12.2(13)ZE | Migrate | | | | and later | to 12.3 | | | | | or later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(13)ZF | to 12.3 | | | | and later | (4)T or | | | | | later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(13)ZG | to 12.3 | | | | and later | (4)T or | | | | | later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(13)ZH | to 12.3 | | | | and later | (4)T or | | | | | later | | | |------------+-----------+-----------+-------------| | 12.2(15)ZJ | Migrate | | | | and later | to 12.3T | | | | | or later | | | |------------+-----------+-----------+-------------| | 12.2(15)ZK | 12.2(15) | | | | and later | ZK2 | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(15)ZL | to 12.3 | | | | and later | (7)T or | | | | | later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(15)ZN | to 12.3 | | | | and later | (2)T4 or | | | | | later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.2(15)ZO | to 12.2 | | | | and later | (15)T8 or | | | | | later | | | |------------+-----------+-----------+-------------| | Affected | | | | | 12.3-Based | Rebuild | Interim** | Maintenance | | Release | | | | |------------+-----------+-----------+-------------| | 12.3 | 12.3(3f) | | 12.3(5) | |------------+-----------+-----------+-------------| | 12.3B | 12.3(5a)B | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.3BW | to 12.3B | | | | | or later | | | |------------+-----------+-----------+-------------| | 12.3T | 12.3(2)T4 | | 12.3(4)T | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.3XA | to 12.3 | | | | | (7)T or | | | | | later | | | |------------+-----------+-----------+-------------| | 12.3XB | 12.3(2) | | | | | XB3 | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.3XC | to 12.3 | | | | | (8)T or | | | | | later | | | |------------+-----------+-----------+-------------| | | Migrate | | | | 12.3XE | to 12.3 | | | | | (8)T or | | | | | later | | | +--------------------------------------------------+ Obtaining Fixed Software ======================== Customers with Service Contracts Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers using Third-party Support Organizations Customers whose Cisco products are provided or maintained through prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers should contact that support organization for assistance with the upgrade, which should be free of charge. Customers without Service Contracts Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac em cisco.com Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Please do not contact either "psirt em cisco.com" or "security-alert em cisco.com" for software upgrades. Workarounds =========== The effectiveness of any workaround is dependent on specific customer situations such as product mix, network topology, traffic behavior, and organizational mission. Due to the variety of affected products and releases, customers should consult with their service provider or support organization to ensure any applied workaround is the most appropriate for use in the intended network before it is deployed. There are multiple workarounds available to mitigate the effects of this vulnerability. Using OSPF Authentication OSPF authentication may be used as a workaround. OSPF packets without a valid key will not be processed. MD5 authentication is highly recommended, due to inherent weaknesses in plain text authentication. With plain text authentication, the authentication key will be sent unencrypted over the network, which can allow an attacker on a local network segment to capture the key by sniffing packets. Refer to http://www.cisco.com/warp/public/104/25.shtml for more information about OSPF authentication. Infrastructure Access Control Lists Although it is often difficult to block traffic transiting your network, it is possible to identify traffic which should never be allowed to target your infrastructure devices and block that traffic at the border of your network. Infrastructure ACLs are considered a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The white paper "Protecting Your Core: Infrastructure Protection Access Control Lists" presents guidelines and recommended deployment techniques for infrastructure protection ACLs: http://www.cisco.com/warp/public/707/iacl.html. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. Status of This Notice: FINAL ============================ THIS ADVISORY IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY. YOUR USE OF THE INFORMATION ON THE ADVISORY OR MATERIALS LINKED FROM THE ADVISORY IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS NOTICE AT ANY TIME. Distribution ============ This advisory will be posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20040818-ospf.shtml. In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce em cisco.com * first-teams em first.org (includes CERT/CC) * bugtraq em securityfocus.com * vulnwatch em wulnwatch.org * cisco em spot.colorado.edu * cisco-nsp em puck.nether.net * full-disclosure em lists.netsys.com * comp.dcom.sys.cisco em newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +---------------------------------------------+ | Revision | 2004-August-18 | Initial public | | 1.0 | | release. | +---------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/warp/public/707/sec_incident_response.shtml. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt. -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQCVAwUBQSS9Hekli63F4U8VAQGEnwQAqbzbTJOz1ivhPQh1EsXZbsmj8R4tbpX6 EQW4ulcE3rXVdvt0D93xJtnQoexmURNxU6Sud9sHCtgXtkokGTdczJLt5XV+EGGv HKRp5YskSWes58b+KWbYcZeufXjax//HS4H4tQFWv6AVtDXm3PoMOfu1il2dMHJQ ikzmN7ha0UY= =SonE -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Fri Aug 20 16:01:11 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 20 Aug 2004 16:01:11 -0300 Subject: [SECURITY-L] Vulnerabilidades de seguranca Message-ID: <20040820190111.GB89316@unicamp.br> Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: CAIS-Alerta: ------------ 19/08/2004 Assunto: Vulnerabilidade no protocolo OSPF do Cisco IOS. http://www.security.unicamp.br/docs/bugs/2004/08/v70.txt Cisco Security Advisory: ------------------------ 18/08/2004 Assunto: Cisco IOS Malformed OSPF Packet Causes Reload. http://www.security.unicamp.br/docs/bugs/2004/08/v66.txt Debian Security Advisory: ------------------------- 18/08/2004 - DSA 540-1 Assunto: vulnerabilidade de seguranca no pacote mysql. http://www.security.unicamp.br/docs/bugs/2004/08/v65.txt 17/08/2004 - DSA 539-1 Assunto: vulnerabilidade de seguranca no pacote kdelibs. http://www.security.unicamp.br/docs/bugs/2004/08/v58.txt 17/08/2004 - DSA 538-1 Assunto: vulnerabilidade de seguranca no pacote rsync. http://www.security.unicamp.br/docs/bugs/2004/08/v56.txt Fedora Update Notification: --------------------------- 19/08/2004 - FEDORA-2004-269 Assunto: Fedora Core 2: rsync. http://www.security.unicamp.br/docs/bugs/2004/08/v72.txt 19/08/2004 - FEDORA-2004-268 Assunto: Fedora Core 1: rsync. http://www.security.unicamp.br/docs/bugs/2004/08/v71.txt Gentoo Linux Security Advisory: ------------------------------- 17/08/2004 - GLSA 200408-18 Assunto: xine-lib: VCD MRL buffer overflow. http://www.security.unicamp.br/docs/bugs/2004/08/v63.txt 17/08/2004 - GLSA 200408-17 Assunto: rsync: Potential information leakage. http://www.security.unicamp.br/docs/bugs/2004/08/v61.txt 16/08/2004 - GLSA 200408-16 Assunto: glibc: Information leak with LD_DEBUG. http://www.security.unicamp.br/docs/bugs/2004/08/v60.txt HP Security Bulletin: --------------------- 17/08/2004 - HPSBUX0306-264 Assunto: SSRT3460 rev.3 HP-UX Network traffic can cause programs to fail. http://www.security.unicamp.br/docs/bugs/2004/08/v62.txt Mandrakelinux Security Update Advisory: --------------------------------------- 18/08/2004 - MDKSA-2004:085 Assunto: vulnerabilidade de seguranca no pacote qt3. http://www.security.unicamp.br/docs/bugs/2004/08/v68.txt 18/08/2004 - MDKSA-2004:084 Assunto: vulnerabilidade de seguranca no pacote spamassassin. http://www.security.unicamp.br/docs/bugs/2004/08/v67.txt 17/08/2004 - MDKSA-2004:083 Assunto: vulnerabilidade de seguranca no pacote rsync. http://www.security.unicamp.br/docs/bugs/2004/08/v64.txt Netwosix Linux Security Advisory: --------------------------------- 17/08/2004 - #2004-0017 Assunto: vulnerabilidade de seguranca no pacote rsync. http://www.security.unicamp.br/docs/bugs/2004/08/v59.txt SUSE Security Announcement: --------------------------- 19/08/2004 - SUSE-SA:2004:027 Assunto: vulnerabilidade de seguranca nos pacotes qt3/qt3-non-mt/qt3-32bit/ qt3-static. http://www.security.unicamp.br/docs/bugs/2004/08/v69.txt Trustix Secure Linux Security Advisory: --------------------------------------- 17/08/2004 - #2004-0042 Assunto: vulnerabilidade de seguranca no pacote rsync. http://www.security.unicamp.br/docs/bugs/2004/08/v57.txt -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br From security em unicamp.br Wed Aug 25 10:16:24 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 25 Aug 2004 10:16:24 -0300 Subject: [SECURITY-L] Vulnerabildades de seguranca Message-ID: <20040825131624.GA786@unicamp.br> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Debian Security Advisory: - ------------------------- 24/08/2004 - DSA 541-1 Assunto: vulnerabilidade de seguranca no pacote icecast-server. http://www.security.unicamp.br/docs/bugs/2004/08/v85.txt Fedora Update Notification: - --------------------------- 23/08/2004 - FEDORA-2004-271 Assunto: Fedora Core 2: qt. http://www.security.unicamp.br/docs/bugs/2004/08/v78.txt 23/08/2004 - FEDORA-2004-270 Assunto: Fedora Core 1: qt. http://www.security.unicamp.br/docs/bugs/2004/08/v77.txt Gentoo Linux Security Advisory: - ------------------------------- 24/08/2004 - GLSA 200408-23 Assunto: kdelibs: Cross-domain cookie injection vulnerability. http://www.security.unicamp.br/docs/bugs/2004/08/v86.txt 23/08/2004 - ERRATA: GLSA 200408-21 Assunto: Cacti: SQL injection vulnerability. http://www.security.unicamp.br/docs/bugs/2004/08/v83.txt 23/08/2004 - ERRATA: GLSA 200406-14 Assunto: aspell: Buffer overflow in word-list-compress. http://www.security.unicamp.br/docs/bugs/2004/08/v82.txt 23/08/2004 - GLSA 200408-22 Assunto: Mozilla, Firefox, Thunderbird: New releases fix vulnerabilities. http://www.security.unicamp.br/docs/bugs/2004/08/v81.txt 23/08/2004 - GLSA 200408-21 Assunto: Cacti: SQL injection vulnerability. http://www.security.unicamp.br/docs/bugs/2004/08/v80.txt 22/08/2004 - GLSA 200408-20 Assunto: Qt: Image loader overflows. http://www.security.unicamp.br/docs/bugs/2004/08/v76.txt 19/08/2004 - GLSA 200408-19 Assunto: courier-imap: Remote Format String Vulnerability. http://www.security.unicamp.br/docs/bugs/2004/08/v74.txt KDE Security Advisories: - ------------------------ 23/08/2004 Assunto: Konqueror Cross-Domain Cookie Injection. http://www.security.unicamp.br/docs/bugs/2004/08/v79.txt Mandrakelinux Security Update Advisory: - --------------------------------------- 20/08/2004 - MDKSA-2004:086 Assunto: vulnerabilidade de seguranca no pacote kdelibs/kdebase. http://www.security.unicamp.br/docs/bugs/2004/08/v75.txt NetBSD Security Advisory: - ------------------------- 17/08/2004 - 2004-009 Assunto: ftpd root escalation. http://www.security.unicamp.br/docs/bugs/2004/08/v73.txt Slackware Security Advisory: - ---------------------------- 23/08/2004 - SSA:2004-236-01 Assunto: vulnerabilidade de seguranca no pacote Qt. http://www.security.unicamp.br/docs/bugs/2004/08/v84.txt - -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br GnuPG Public Key: http://www.security.unicamp.br/security.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFBLJDl/UMb1l3gm8IRAthNAJ4unWzP3/vsZhx9Da4nhkCfbqFg4gCeOS5l 8v56WcNrogGXeBbLlj6m+xI= =fBKV -----END PGP SIGNATURE----- From security em unicamp.br Fri Aug 27 15:44:54 2004 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 27 Aug 2004 15:44:54 -0300 Subject: [SECURITY-L] Vulnerabilidades de seguranca Message-ID: <20040827184454.GA5196@unicamp.br> Srs. Usuarios, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Cisco Security Advisory: ------------------------ 25/08/2004 Assunto: Multiple Vulnerabilities in Cisco Secure Access Control Server. http://www.security.unicamp.br/docs/bugs/2004/08/v87.txt Fedora Update Notification: --------------------------- 26/08/2004 - FEDORA-2004-278 Assunto: Fedora Core 1: gaim. http://www.security.unicamp.br/docs/bugs/2004/08/v91.txt Gentoo Linux Security Advisory: ------------------------------- 26/08/2004 - GLSA 200408-25 Assunto: MoinMoin: Group ACL bypass. http://www.security.unicamp.br/docs/bugs/2004/08/v94.txt 25/08/2004 - GLSA 200408-24 Assunto: Linux Kernel: Multiple information leaks. http://www.security.unicamp.br/docs/bugs/2004/08/v90.txt HP Security Bulletin: --------------------- 25/08/2004 - HPSBUX01070 Assunto: SSRT4779 HP-UX Netscape NSS Library Suite SSLv2 remote buffer overflow. http://www.security.unicamp.br/docs/bugs/2004/08/v88.txt OpenPKG Security Advisory: -------------------------- 25/08/2004 - OpenPKG-SA-2004.038 Assunto: vulnerabilidade de seguranca no pacote zlib. http://www.security.unicamp.br/docs/bugs/2004/08/v89.txt Slackware Security Advisory: ---------------------------- 26/08/2004 - SSA:2004-239-01 Assunto: vulnerabilidade de seguranca no pacote gaim. http://www.security.unicamp.br/docs/bugs/2004/08/v95.txt Trustix Secure Linux Security Advisory: --------------------------------------- 26/08/2004 - #2004-0043 Assunto: vulnerabilidades de seguranca nos pacotes courier-imap, samba e zlib. http://www.security.unicamp.br/docs/bugs/2004/08/v93.txt -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br GnuPG Public Key: http://www.security.unicamp.br/security.asc