[ISN] Linux Advisory Watch - January 26th 2007

From: InfoSec News (alerts@private)
Date: Sun Jan 28 2007 - 23:17:54 PST


+---------------------------------------------------------------------+
|  LinuxSecurity.com                               Weekly Newsletter  |
|  January 26th 2007                             Volume 8, Number 4a  |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for netrik, fetchmail,
mod_auth_kerb, libgtop, xine-ui, openldap, centericq, koffice,
pdftohtml, poppler, xpdf, tetex, libgtop, glibc, locale,
kdegraphics, proftpd, squid, gtk2, IBMJava, xine, libsoup,
GeoIP, and BlueZ.  The distributors include Debian, Gentoo,
Mandriva, Red Hat, Slackware, SuSE, and Ubuntu.

---

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.

http://www.msia.norwich.edu/linsec/

---

* EnGarde Secure Linux v3.0.11 Now Available

Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.11 (Version 3.0, Release 11). This release includes
several bug fixes and feature enhancements to the SELinux policy
and several updated packages.

http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.11

---

RFID with Bio-Smart Card in Linux

In this paper, we describe the integration of fingerprint template
and RF smart card for clustered network, which is designed on Linux
platform and Open source technology to obtain biometrics security.
Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a
Personal Identification Number (PIN) and the card holder is
authenticated using the biometrics template stored in the smart
card that is based on the fingerprint verification. The fingerprint
verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire
parameters of smart security controller like PIN options, Reader
delay, real-time clock, alarm option and cardholder access
conditions.

http://www.linuxsecurity.com/content/view/125052/171/

---

Packet Sniffing Overview

The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.

http://www.linuxsecurity.com/content/view/123570/49/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New netrik packages fix arbitary shell command execution
  21st, January, 2007

Updated package.

http://www.linuxsecurity.com/content/view/126665



+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

* Gentoo: Fetchmail Denial of Service and password disclosure
  22nd, January, 2007

Fetchmail has been found to have numerous vulnerabilities allowing
for Denial of Service and password disclosure.

http://www.linuxsecurity.com/content/view/126696


* Gentoo: Mod_auth_kerb Denial of Service
  22nd, January, 2007

Mod_auth_kerb is vulnerable to a buffer overflow possibly allowing a
Denial of Service.

http://www.linuxsecurity.com/content/view/126697


* Gentoo: Sun JDK/JRE Multiple vulnerabilities
  22nd, January, 2007

Multiple unspecified vulnerabilities have been identified in Sun Java

Development Kit (JDK) and Java Runtime Environment (JRE).

http://www.linuxsecurity.com/content/view/126698


* Gentoo: Adobe Acrobat Reader Multiple vulnerabilities
  22nd, January, 2007

Adobe Acrobat Reader is vulnerable to remote code execution, Denial of 
Service, and cross-site scripting attacks.

http://www.linuxsecurity.com/content/view/126699


* Gentoo: libgtop Privilege escalation
  23rd, January, 2007

libgtop improperly handles filenames, possibly allowing for the
execution of arbitrary code.

http://www.linuxsecurity.com/content/view/126705


* Gentoo: xine-ui Format string vulnerabilities
  23rd, January, 2007

xine-ui improperly handles format strings, possibly allowing for the
execution of arbitrary code.

http://www.linuxsecurity.com/content/view/126715


* Gentoo: OpenLDAP Insecure usage of /tmp during installation
  23rd, January, 2007

A shell script commonly released with OpenLDAP makes insecure usage
of files in /tmp during the emerge process.

http://www.linuxsecurity.com/content/view/126716


* Gentoo: Centericq Remote buffer overflow in LiveJournal handling
  23rd, January, 2007

Centericq does not properly handle communications with the
LiveJournal service, allowing for the remote execution of arbitrary
code.

http://www.linuxsecurity.com/content/view/126720


* Gentoo: MIT Kerberos 5 Arbitrary Remote Code Execution
  24th, January, 2007

Multiple vulnerabilities in MIT Kerberos 5 could potentially result
in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/126731


+---------------------------------+
|  Distribution: Mandriva         | ----------------------------//
+---------------------------------+

* Mandriva: Updated koffice packages fix crafted pdf file vulnerability
  18th, January, 2007

The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch
2, kpdf in KDE before 3.5.5, and other products, allows remote
attackers to have an unknown impact, possibly including denial of service
(infinite loop), arbitrary code execution, or memory corruption, via
a PDF file with a (1) crafted catalog dictionary or (2) a crafted
Pages attribute that references an invalid page tree node.  The
updated packages have been patched to correct this problem.

http://www.linuxsecurity.com/content/view/126649


* Mandriva: Updated pdftohtml packages fix crafted pdf file vulnerability
  18th, January, 2007

The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, 
kpdf in KDE before 3.5.5, and other products, allows remote attackers to 
have an unknown impact, possibly including denial of service (infinite 
loop), arbitrary code execution, or memory corruption, via a PDF file 
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute 
that references an invalid page tree node. The updated packages have 
been patched to correct this problem.

http://www.linuxsecurity.com/content/view/126650


* Mandriva: Updated poppler packages fix crafted pdf file vulnerability
  18th, January, 2007

The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch
2, kpdf in KDE before 3.5.5, and other products, allows remote
attackers to have an unknown impact, possibly including denial of
service (infinite loop), arbitrary code execution, or memory
corruption, via a PDF file with a (1) crafted catalog dictionary or
(2) a crafted Pages attribute that references an invalid page tree
node. The updated packages have been patched to correct this problem.

http://www.linuxsecurity.com/content/view/126652


* Mandriva: Updated xpdf packages fix crafted pdf file vulnerability
  18th, January, 2007

The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch
2, kpdf in KDE before 3.5.5, and other products, allows remote
attackers to have an unknown impact, possibly including denial of
service (infinite loop), arbitrary code execution, or memory
corruption, via a PDF file with a (1) crafted catalog dictionary or
(2) a crafted Pages attribute that references an invalid page tree
node.  The updated packages have been patched to correct this
problem.

http://www.linuxsecurity.com/content/view/126653


* Mandriva: Updated tetex packages fix crafted pdf file vulnerability
  18th, January, 2007

The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch
2, kpdf in KDE before 3.5.5, and other products, allows remote
attackers to have an unknown impact, possibly including denial of
service (infinite loop), arbitrary code execution, or memory
corruption, via a PDF file with a (1) crafted catalog dictionary or
(2) a crafted Pages attribute that references an invalid page tree
node. The updated packages have been patched to correct this problem.

http://www.linuxsecurity.com/content/view/126654


* Mandriva: Updated libgtop2 packages fix buffer overflow vulnerability
  18th, January, 2007

Stack-based buffer overflow in the glibtop_get_proc_map_s function in
libgtop before 2.14.6 (libgtop2) allows local users to cause a denial
of service (crash) and possibly execute arbitrary code via a process
with a long filename that is mapped in its address space, which
triggers the overflow in gnome-system-monitor. The updated packages
have been patched to correct this problem.

http://www.linuxsecurity.com/content/view/126655


* Mandriva: Updated glibc, locale packages address several issues
  21st, January, 2007

The version of glibc shipped with Mandriva 2007 has a bug that
prevents the system from passing the lsb-runtime test suite
(T.ttyname_r). This update also includes sparc64 updates and Unicode
5.0 support.

http://www.linuxsecurity.com/content/view/126664


* Mandriva: Updated packages link to the correct version of Firefox
  22nd, January, 2007

Due to an error in the compilation system, the firefox-dependant
packages provided in MDKSA-2007:010 for Mandriva 2007/x86_64 were
linked to the older version of Firefox. This update corrects the
problem.

http://www.linuxsecurity.com/content/view/126695


* Mandriva: Updated kdegraphics packages fix crafted pdf file vulnerability
  22nd, January, 2007

The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, 
kpdf in KDE before 3.5.5, and other products, allows remote attackers to 
have an unknown impact, possibly including denial of service (infinite 
loop), arbitrary code execution, or memory corruption, via a PDF file 
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute 
that references an invalid page tree node.

http://www.linuxsecurity.com/content/view/126701


* Mandriva: Updated mandriva-doc-common packages fix help links
  22nd, January, 2007

Due to changes in the structure of the documentation, the Help buttons 
of the Software Management tools led to broken links.  This update fixes 
the links catalog system so the inline help works again.

http://www.linuxsecurity.com/content/view/126702


* Mandriva: Updated kernel packages fix multiple vulnerabilities and bugs
  23rd, January, 2007

Some vulnerabilities were discovered and corrected in the Linux 2.6
kernel.

http://www.linuxsecurity.com/content/view/126710


* Mandriva: Updated proftpd packages fix vulnerabilities
  23rd, January, 2007

A stack-based buffer overflow in the sreplace function in ProFTPD
1.3.0 and earlier, allows remote attackers to cause a denial of
service, as demonstrated by vd_proftpd.pm, a "ProFTPD remote
exploit."

http://www.linuxsecurity.com/content/view/126718


* Mandriva: Updated squid packages fix vulnerabilities
  23rd, January, 2007

A vulnerability in squid was discovered that could be remotely
exploited by using a special ftp:// URL (CVE-2007-0247)

http://www.linuxsecurity.com/content/view/126719



+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Critical: Adobe Acrobat Reader security update
  22nd, January, 2007

Updated acroread packages that fix several security issues are now
available for Red Hat Enterprise Linux 3. This update has been rated
as having critical security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/126694


* RedHat: Moderate: gtk2 security update
  24th, January, 2007

Updated gtk2 packages that fix a security issue are now available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/126728



+---------------------------------+
|  Distribution: Slackware        | ----------------------------//
+---------------------------------+

* Slackware:   fetchmail
  24th, January, 2007

New fetchmail packages are available for Slackware 8.1, 9.0, 9.1,
10.0, 10.1, 10.2, and 11.0 to fix a security issue.

http://www.linuxsecurity.com/content/view/126735



+---------------------------------+
|  Distribution: SuSE             | ----------------------------//
+---------------------------------+

* SuSE: IBMJava (SUSE-SA:2007:010)
  18th, January, 2007

Various security problems and bugs have been fixed in the IBMJava JRE
and SDK. The IBM Java packages were updated to: IBM Java 1.4.2 to
Service Refresh 7. IBM JAVA 1.3.10 to Service Refresh 10. It contains
several security fixes also fixed in SUN Java including:
CVE-2006-4339: fix for the RSA exponent padding attack.

http://www.linuxsecurity.com/content/view/126639


* SuSE: Acrobat Reader 7.0.9
  22nd, January, 2007

The Adobe Acrobat Reader has been updated to version 7.0.9. This
update also includes following security fixes: CVE-2006-5857: A
memory corruption problem was fixed in Adobe Acrobat Reader can
potentially lead to code execution.

http://www.linuxsecurity.com/content/view/126671


* SuSE: squid (SUSE-SA:2007:012)
  23rd, January, 2007

This update fixes a remotely exploitable denial-of-service bug in
squid that can be triggered by using special ftp:// URLs.
(CVE-2007-0247) Additionally the 10.2 package needed a fix for
another DoS bug (CVE-2007-0248) and for max_user_ip handling in
ntlm_auth.

http://www.linuxsecurity.com/content/view/126706


* SuSE: xine (SUSE-SA:2007:013)
  23rd, January, 2007

This update fixes several format string bugs that can be exploited
remotely with user-assistance to execute arbitrary code. Since SUSE
Linux version 10.1 format string bugs are not exploitable anymore.
(CVE-2007-0017)

http://www.linuxsecurity.com/content/view/126707



+---------------------------------+
|  Distribution: Ubuntu           | ----------------------------//
+---------------------------------+

* Ubuntu:  poppler vulnerability
  18th, January, 2007

The poppler PDF loader library did not limit the recursion depth of
the page model tree. By tricking a user into opening a specially
crafter PDF file, this could be exploited to trigger an infinite loop
and eventually crash an application that uses this library. kpdf in
Ubuntu 5.10, and KOffice in all Ubuntu releases contains a copy of
this code and thus is affected as well.

http://www.linuxsecurity.com/content/view/126640


* Ubuntu:  libsoup vulnerability
  23rd, January, 2007

Roland Lezuo and Josselin Mouette discovered that the HTTP server
code in libsoup did not correctly verify request headers.  Remote
attackers could crash applications using libsoup by sending a crafted
HTTP request, resulting in a denial of service.

http://www.linuxsecurity.com/content/view/126717


* Ubuntu:  GeoIP vulnerability
  23rd, January, 2007

Dean Gaudet discovered that the GeoIP update tool did not validate
the filename responses from the update server.	A malicious server,
or man-in-the-middle system posing as a server, could write to
arbitrary files with user privileges.

http://www.linuxsecurity.com/content/view/126721


* Ubuntu:  BlueZ vulnerability
  23rd, January, 2007

A flaw was discovered in the HID daemon of bluez-utils.  A remote
attacker could gain control of the mouse and keyboard if hidd was
enabled.  This does not affect a default Ubuntu installation, since
hidd is normally disabled.

http://www.linuxsecurity.com/content/view/126723


* Ubuntu:  Squid vulnerabilities
  24th, January, 2007

David Duncan Ross Palmer and Henrik Nordstrom discovered that squid
incorrectly handled special characters in FTP URLs.  Remote users
with access to squid could crash the server leading to a denial of
service.

http://www.linuxsecurity.com/content/view/126736

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Sun Jan 28 2007 - 23:24:52 PST