[cobalt-security] Bind, Apache, SSH & to top it off SHP - thoughts?

["marcus miller" <cobalt_security_list@xxxxxxxxxxx>]

Hi all,

been a while since I posted but Ive been reading the list. Due to other 
commitments havent realy been keeping an eye on new vulnerabilities as much 
as I should have.

I have tried the archives and google but im not sure if what we have now is 
strictly a standard raq4 setup. (SHP installed)

Bind Problems:
I noticed this bind problem, I updated bind manualy but we were one of the 
takers for the SHP, which I believe took it down to 8.2.3 but it is 
protected with stackguard. (Security Hardening Package)
Is this a problem, do I need to and can I upgrade bind without breaking 
anything?
I have seen Michael's solarspeed package but again, im not sure if I can use 
this due to the SHP being installed.

Apache Problems:
I also noticed the following problems with Apache that are solved in 1.3.27. 
(we are using 1.3.26)
- Error page XSS using wildcard DNS CAN-2002-0840
- Shared memory permissions lead to local privilege escalation CAN-2002-0839
- Buffer overflows in ab utility CAN-2002-0843

SSH Problems:
http://www.openssh.com/txt/preauth.adv - PAMAuthenticationViaKbdInt & 
UsePrivilegeSeparation
All versions up to 3.3 are vulnerable, is this something we need to worry 
about. It states in the guide to disable these values, is this acheived by 
changing the value for each one to 'no' and uncommenting the line in the 
config. If so do I need to restart OpenSSH?

----------------------

Sorry to be a pain and mention this on a Friday but im a little confused as 
to where we all stand. Some of us have the SHP installed, some of us dont, 
some of us seem to be updating things manualy based on information kindly 
provided by the list users, some of us aren't.

Thanks for all help, comments and suggestions
MJM



_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. 
http://join.msn.com/?page=features/junkmail