[ISN] Linux Advisory Watch - March 2nd 2007

From: InfoSec News (alerts@private)
Date: Sun Mar 04 2007 - 22:10:34 PST

|  LinuxSecurity.com                               Weekly Newsletter  |
|  March 2nd 2007                                Volume 8, Number 9a  |

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for Nexuiz, mplayer, chmlib, php,
spamassassin, gnome-terminal, snort, tcpdump, timezone, seamonkey,
firefox, clamav, ekiga, enigmail, and nvidia-glx-config.  The
distributors include Gentoo, Mandriva, Red Hat, Slackware, SuSE,
and Ubuntu.


Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home



* EnGarde Secure Linux v3.0.12 Now Available

Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.11 (Version 3.0, Release 12). This release includes
several bug fixes and feature enhancements to the SELinux policy
and several updated packages.



RFID with Bio-Smart Card in Linux

In this paper, we describe the integration of fingerprint template
and RF smart card for clustered network, which is designed on Linux
platform and Open source technology to obtain biometrics security.
Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a
Personal Identification Number (PIN) and the card holder is
authenticated using the biometrics template stored in the smart
card that is based on the fingerprint verification. The fingerprint
verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire
parameters of smart security controller like PIN options, Reader
delay, real-time clock, alarm option and cardholder access



Packet Sniffing Overview

The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.



-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf

|  Distribution: Debian           | ----------------------------//

* Gentoo: Nexuiz Multiple vulnerabilities
  25th, February, 2007

Two separate vulnerabilities have been found in Nexuiz allowing the
remote execution of arbitrary code and a Denial of Service.


* Gentoo: UFO2000 Multiple vulnerabilities
  25th, February, 2007

Multiple vulnerabilities have been found in the network components of
UFO2000 that could result in the remote execution of arbitrary code.


* Gentoo: MPlayer Buffer overflow
  27th, February, 2007

A buffer overflow was found in MPlayer's RTSP plugin that could lead
a Denial of Service or arbitrary code execution.


* Gentoo: CHMlib User-assisted remote execution of arbitrary code
  27th, February, 2007

A memory corruption vulnerability in CHMlib could lead to the remote
execution of arbitrary code.


|  Distribution: Mandriva         | ----------------------------//

* Mandriva: Updated php packages fix multiple vulnerabilities
  23rd, February, 2007

A number of vulnerabilities were discovered in PHP language. Many
buffer overflow flaws were discovered in the PHP session extension,
the str_replace() function, and the imap_mail_compose() function.  An
attacker able to use a PHP application using any of these functions
could trigger these flaws and possibly execute arbitrary code as the
apache user (CVE-2007-0906).


* Mandriva: Updated spamassassin packages fix DoS vulnerability
  23rd, February, 2007

A bug in the way that SpamAssassin processes HTML emails containing
URIs was discovered in versions 3.1.x.	A carefully crafted mail
message could make SpamAssassin consume significant amounts of CPU
resources that could delay or prevent the delivery of mail if a
number of these messages were sent at once.


* Mandriva: Updated gnome-terminal packages resizing issue
  26th, February, 2007

A bug was causing incorrect window resizing when switching between
multiple tabs in GNOME-Terminal.  This bug, as well as memory leaks,
has been fixed with this update.


* Mandriva: Updated Firefox packages fix multiple vulnerabilities
  28th, February, 2007

A number of security vulnerabilities have been discovered and
corrected in the latest Mozilla Firefox program, version
This update provides the latest Firefox to correct these issues.


* Mandriva: Updated snort packages fix DoS vulnerability
  28th, February, 2007

Algorithmic complexity vulnerability in Snort before 2.6.1, during
predicate evaluation in rule matching for certain rules, allows
remote attackers to cause a denial of service (CPU consumption and
detection outage) via crafted network traffic, aka a backtracking
attack. Updated packages have been patched to address this issue.


* Mandriva: Updated tcpdump packages fix segfault
  1st, March, 2007

Tcpdump would cause a segmentation fault on certain packets when
reading back a captured tcpdump file.  This update corrects that


* Mandriva: Updated timezone packages provide updated DST information
  1st, March, 2007

Updated timezone packages are being provided for older Mandriva Linux
systems that do not contain the new Daylight Savings Time information
for 2007 for certain time zones.  These updated packages contain the
new information.


|  Distribution: Red Hat          | ----------------------------//

* RedHat: Important: php security update
  22nd, February, 2007

Updated PHP packages that fix several security issues are now
available for Red Hat Application Stack v1.1. This update has been
rated as having important security impact by the Red Hat Security
Response Team.


* RedHat: Critical: seamonkey security update
  23rd, February, 2007

Updated seamonkey packages that fix several security bugs are now
available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has
been rated as having critical security impact by the Red Hat Security
Response Team.


* RedHat: Critical: Firefox security update
  23rd, February, 2007

Updated firefox packages that fix several security bugs are now
available for Red Hat Enterprise Linux 4. This update has been rated
as having critical security impact by the Red Hat Security Response


* RedHat: Important: kernel security update
  27th, February, 2007

Updated kernel packages that fix two security issues and a bug in the 
Red Hat Enterprise Linux 4 kernel are now available. This update has 
been rated as having important security impact by the Red Hat Security 
Response Team.


|  Distribution: Slackware        | ----------------------------//

* Slackware:   php
  23rd, February, 2007

New php packages are available for Slackware 10.2 and 11.0 to improve
the stability and security of PHP.  Quite a few bugs were fixed --
please see http://www.php.net for a detailed list.


|  Distribution: SuSE             | ----------------------------//

* SuSE: clamav 0.90 (SUSE-SA:2007:017)
  23rd, February, 2007

Updated package.


* SuSE: Linux Kernel (SUSE-SA:2007:018)
  27th, February, 2007

A kernel update has been released to fix several security problems.


|  Distribution: Ubuntu           | ----------------------------//

* Ubuntu:  Ekiga vulnerabilities
  22nd, February, 2007

Mu Security discovered a format string vulnerability in Ekiga.	If a
user was running Ekiga and listening for incoming calls, a remote
attacker could send a crafted call request, and execute arbitrary
code with the user's privileges.


* Ubuntu:  enigmail vulnerability
  23rd, February, 2007

Mikhail Markin reported that enigmail incorrectly handled memory
allocations for certain large encrypted attachments. This caused
Thunderbird to crash and thus caused the entire message to be


* Ubuntu:  Firefox vulnerabilities
  28th, February, 2007

Several flaws have been found in Firefox that could be used to
perform Cross-site scripting attacks.


* Ubuntu:  nvidia-glx-config regression
  1st, March, 2007

USN-416-1 fixed various vulnerabilities in the Linux kernel.
Unfortunately that update caused the 'nvidia-glx-config' script to
not work any more. The new version fixes the problem. We apologize for
the inconvenience.


Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.

Visit the InfoSec News Security Bookstore

This archive was generated by hypermail 2.1.3 : Sun Mar 04 2007 - 22:21:08 PST