Welcome to Security Alerts, an overview of recent Unix and open source security advisories. In this column, we look at a security vulnerability in LIDS; buffer overflows in CUPS, jgroff, Sun Solstice Enterprise Master Agent, and Ettercap; and problems in Sawmill, Faq-O-Matic, pforum, GNAT, Taylor UUCP, and IRIX O2 Video.
LIDS is a Linux kernel patch and admin tool that enhances Linux kernel security and provides a reference monitor and Mandatory Access Control in the kernel. There are several vulnerabilities in LIDS that can be exploited by a local attacker to execute arbitrary commands with root permissions and bypass or disable LIDS. These vulnerabilities include problems with the LD_PRELOAD environment variable, writing directly to /dev/kmem, and a race condition in applications that are launched prior to LIDS being sealed.
You may also be interested in Linux Advisory Watch, distributed weekly by LinuxSecurity.com.
