Security
crypt_blowfish
In the early days of Unix, the DES-based algorithm used to encrypt (actually, to generate hashes from) passwords was considered to be quite secure. Hashing a password took a significant fraction of a second, so brute-force attacks were considered impractical. The possibility of attacks using hardware-based DES engines was closed off by the addition of a "salt" parameter which perturbed the algorithm slightly. All in all, the early crypt() authors felt pretty good about their work, to the point that the encrypted passwords were stored in a world-readable file and nobody worried about it.Along came faster processors and smarter software. Simple passwords became easy to crack with the right software (which was widely available), and the harder passwords looked less hard all the time. So a few changes were made, including moving the password hashes to a read-protected file and changing to the MD5 hashing algorithm. Everything looked better for a while. But along came faster processors and smarter software, and now MD5 passwords look rather less secure than they once did.
The attentive reader might notice a pattern here. Hashing algorithms must be sufficiently expensive to compute that they are not susceptible to brute-force attacks. But they cannot be so expensive that the user community rebels. So the designers of a password hashing algorithm must find a compromise between security from attackers and security from aggravated users. As computers inevitably become more powerful, that compromise must shift in favor of the attackers.
A solution to this problem was presented by Niels Provos and David Mazières in a 1999 USENIX paper. Their conclusion was that, in order to have a future-proof password hashing algorithm, one must be able to dial up the computational cost of that algorithm over time. If the cost can be provided as a parameter - and stored with the hashed password - then password hashing can be made more expensive (in terms of CPU cycles) while maintaining compatibility with currently-hashed passwords.
The authors implemented a version of the Blowfish algorithm with a tweak to the key schedule generation mechanism. That code has a "cost" parameter which controls how expensive the generation step is; a higher cost will result in a longer key schedule generation task. Needless to say, code checking a password must use the same cost as the code which initially generated the hash, or the results will not match.
OpenBSD has used the variable-cost Blowfish code (called "bcrypt") for some years now, but it is still relatively difficult to find on Linux systems. Perhaps that will change with the release of crypt_blowfish 1.0, just announced by Solar Designer. This release, being "the first mature version," comes with a password-hashing interface and a PAM module for hooking it into Linux systems. It should, thus, be relatively easy for distributors to add to their configurations, as an option, at least. Making the front door to Linux systems a little more secure has just gotten easier.
(For more information, see the crypt_blowfish web page).
New vulnerabilities
ADOdb: PostgresSQL command injection
| Package(s): | adodb | CVE #(s): | CVE-2006-0410 | ||||||||||||||||||||
| Created: | February 6, 2006 | Updated: | April 17, 2006 | ||||||||||||||||||||
| Description: | Andy Staudacher discovered that ADOdb does not properly sanitize all parameters. By sending specifically crafted requests to an application that uses ADOdb and a PostgreSQL backend, an attacker might exploit the flaw to execute arbitrary SQL queries on the host. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
gnocatan: buffer overflow
| Package(s): | gnocatan | CVE #(s): | CVE-2006-0467 | ||||
| Created: | February 3, 2006 | Updated: | February 7, 2006 | ||||
| Description: | A problem has been discovered in gnocatan, the computer version of the settlers of Catan boardgame, that can lead the server and other clients to exit via an assert, and hence does not permit the execution of arbitrary code. The game has been renamed into Pioneers after the release of Debian sarge. | ||||||
| Alerts: |
| ||||||
kernel: denial of service
| Package(s): | kernel | CVE #(s): | CVE-2006-0454 | ||||||||||||||||||||
| Created: | February 8, 2006 | Updated: | February 18, 2006 | ||||||||||||||||||||
| Description: | A denial of service vulnerability has been found in the kernel ICMP code; kernel 2.6.15.3 fixes the problem. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
mozilla: multiple vulnerabilities
| Package(s): | mozilla | CVE #(s): | CVE-2005-4134 CVE-2006-0292 CVE-2006-0296 | ||||||||||||||||||||||||||||||||||||
| Created: | February 2, 2006 | Updated: | May 4, 2006 | ||||||||||||||||||||||||||||||||||||
| Description: | Mozilla has three new vulnerabilities.
The Javascript interpreter has a problem with
dereferencing objects. A user can visit a specially crafted web page
which can crash the browser or cause it to execute arbitrary code. The XULDocument.persist() function has a bug that can be triggered by viewing specially crafted web sites, RDF data can be injected into the localstore.rdf file, allowing arbitrary javascript code to be executed. The Mozilla history saving mechanism is vulnerable to a denial of service attack, visiting sites with extra-long titles can cause a crash or very slow startup the next time the browser is run. | ||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||
OpenOffice.org: bypass security settings
| Package(s): | openoffice.org | CVE #(s): | CVE-2005-4636 | ||||
| Created: | February 3, 2006 | Updated: | February 7, 2006 | ||||
| Description: | OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings. | ||||||
| Alerts: |
| ||||||
php: multiple vulnerabilities
| Package(s): | php | CVE #(s): | CVE-2006-0207 CVE-2006-0208 | ||||||||||||
| Created: | February 2, 2006 | Updated: | March 23, 2006 | ||||||||||||
| Description: | PHP has a response splitting vulnerability, remote attackers can inject arbitrary HTTP headers via an unknown method, possibly using a Set-Cookie header. Also, a number of cross-site scripting vulnerabilities can be used by remote attackers to inject arbitrary web scripts or html pages. | ||||||||||||||
| Alerts: |
| ||||||||||||||
PHP: safe_mode bypass
| Package(s): | php | CVE #(s): | CVE-2005-3391 | ||||||||||||
| Created: | February 8, 2006 | Updated: | March 10, 2006 | ||||||||||||
| Description: | A vulnerability in the PHP GD extension (prior to version 4.4.1) can enable a remote attacker to bypass safe_mode restrictions. | ||||||||||||||
| Alerts: |
| ||||||||||||||
unzip: long file name buffer overflow
| Package(s): | unzip | CVE #(s): | CVE-2005-4667 | ||||||||||||||||||||||||||||
| Created: | February 6, 2006 | Updated: | May 2, 2007 | ||||||||||||||||||||||||||||
| Description: | A buffer overflow in UnZip 5.50 and earlier allows local users to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs. | ||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||
xpdf heap based buffer overflow
| Package(s): | kpdf xpdf kdegraphics poppler | CVE #(s): | CVE-2006-0301 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | February 3, 2006 | Updated: | March 17, 2006 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | Another heap based buffer overflow has been found in xpdf and other programs that share the same code. This one is in Splash.cc and it can cause crashes and possibly arbitrary code execution. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Page editor: Jonathan Corbet
Next page:
Kernel development>>