Red Hat Enterprise Linux 5 was released back in March 2007 so
let's take a quick look back over the first three months of security
updates to the Server distribution:
- We released updates to ten packages on the day we shipped the
product. These is because we freeze packages some months before releasing
the product (more
information about this policy). Only one of those updates was rated
critical, an update to Firefox.
- For the three months following release we shipped 31 more advisories to
address 56 vulnerabilities: 3 advisories were rated critical, 8 were
important, and the remaining 20 were moderate and low.
- The three critical advisories were:
update to Firefox where a malicious web site could potentially
run arbitrary code as the user running Firefox. Given the nature of the
flaws, Execshield protections in RHEL5 should make exploiting
these issues harder.
An update to Samba where a remote attacker could cause a heap overflow.
In addition to Execshield making this harder to exploit, the impact of
any sucessful exploit would be reduced as
Samba is constrained by an SELinux targeted policy (enabled by default).
An update to the Kerberos telnet deamon. A remote attacker who can access the
telnet port of a target machine could
log in as root without requiring
a password. None of the standard protection mechanisms help prevent
exploitation of this issue, however the krb5 telnet daemon is not
enabled by default in RHEL5 and the default firewall rules
block remote access to the telnet port. This flaw did not affect the
more common telnet daemon distributed in the telnet-server package.
Updates to correct all of these critical issues were available via
Red Hat Network on the same day as the issues were made public.
This data is interesting to get a feel for the risk of running EL5, but isn't
really useful for comparisons with other versions or distributions -- for
example previous versions didn't include Firefox in a default Server
Created: 20 Jun 2007
Tagged as: metrics, red hat, security