+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| March 23rd 2007 Volume 8, Number 12a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@private ben@private
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for webcalendar, libwpd, lookup-el,
openoffice, openafs, tcpdump,asterisk, postgresql, thunderbird, LTSP,
LSAT, php, Mozilla, wordpress, nufw, libwpd, nas, openafs, libwpd,
php, libwpd, Inkscape, file, and mysql. The distributors include
Debain, Gentoo, Mandriva, Red Hat, SuSE, and Ubuntu.
---
Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.
http://www.msia.norwich.edu/linsec/
---
* EnGarde Secure Linux v3.0.13 Now Available
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.13 (Version 3.0, Release 13). This release includes
several bug fixes and feature enhancements to the SELinux policy
and several updated packages.
http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.13
---
RFID with Bio-Smart Card in Linux
In this paper, we describe the integration of fingerprint template
and RF smart card for clustered network, which is designed on Linux
platform and Open source technology to obtain biometrics security.
Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a
Personal Identification Number (PIN) and the card holder is
authenticated using the biometrics template stored in the smart
card that is based on the fingerprint verification. The fingerprint
verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire
parameters of smart security controller like PIN options, Reader
delay, real-time clock, alarm option and cardholder access
conditions.
http://www.linuxsecurity.com/content/view/125052/171/
---
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New webcalendar packages fix remote file inclusion
15th, March, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127464
* Debian: New libwpd packages fix arbitrary code execution
17th, March, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127480
* Debian: New lookup-el packages fix insecure temporary file
18th, March, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127481
* Debian: New OpenOffice.org packages fix several vulnerabilities
20th, March, 2007
Several security related problems have been discovered in
OpenOffice.org, the free office suite. The Common Vulnerabilities and
Exposures project identifies the following problems.
http://www.linuxsecurity.com/content/view/127511
* Debian: New openafs packages fix remote privilege escalation bug
20th, March, 2007
A design error has been identified in the OpenAFS, a cross-platform
distributed filesystem included with Debian. It's possible for an
attacker with knowledge of AFS to forge an AFS FetchStatus call and
make an arbitrary binary file appear to an AFS client host to be
setuid. If they can then arrange for that binary to be executed,
they will be able to achieve privilege escalation.
http://www.linuxsecurity.com/content/view/127512
* Debian: New tcpdump packages fix denial of service
22nd, March, 2007
Moritz Jodeit discovered an off-by-one buffer overflow in tcpdump, a
powerful tool for network monitoring and data acquisition, which allows
denial of service.
http://www.linuxsecurity.com/content/view/127539
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: Asterisk SIP Denial of Service
16th, March, 2007
Asterisk is vulnerable to Denial of Service in the SIP channel.
http://www.linuxsecurity.com/content/view/127477
* Gentoo: PostgreSQL Multiple vulnerabilities
16th, March, 2007
PostgreSQL contains two vulnerabilities that could result in a Denial
of Service or unauthorized access to certain information.
http://www.linuxsecurity.com/content/view/127478
* Gentoo: Apache JK Tomcat Connector Remote execution of arbitrary
code
16th, March, 2007
The Apache Tomcat Connector (mod_jk) contains a buffer overflow
vulnerability that could result in the remote execution of arbitrary
code.
http://www.linuxsecurity.com/content/view/127479
* Gentoo: ulogd Remote execution of arbitrary code
18th, March, 2007
ulogd contains a possible buffer overflow potentially allowing for
the remote execution of arbitrary code.
http://www.linuxsecurity.com/content/view/127482
* Gentoo: Mozilla Thunderbird Multiple vulnerabilities
18th, March, 2007
Multiple vulnerabilities have been reported in Mozilla Thunderbird,
some of which may allow user-assisted arbitrary remote code
execution.
http://www.linuxsecurity.com/content/view/127483
* Gentoo: LTSP Authentication bypass in included LibVNCServer code
18th, March, 2007
LTSP includes a version of libVNCServer that is vulnerable to an
authentication bypass.
http://www.linuxsecurity.com/content/view/127484
* Gentoo: LSAT Insecure temporary file creation
18th, March, 2007
LSAT insecurely creates temporary files which can lead to symlink
attacks allowing a local user to overwrite arbitrary files.
http://www.linuxsecurity.com/content/view/127485
* Gentoo: PHP Multiple vulnerabilities
20th, March, 2007
PHP contains several vulnerabilities including a heap buffer overflow,
potentially leading to the remote execution of arbitrary code under
certain conditions.
http://www.linuxsecurity.com/content/view/127514
* Gentoo: Mozilla Network Security Service Remote execution of
arbitrary code
20th, March, 2007
The Mozilla Network Security Services libraries are vulnerable to two
buffer overflows that could result in the remote execution of arbitrary
code.
http://www.linuxsecurity.com/content/view/127515
* Gentoo: WordPress Multiple vulnerabilities
20th, March, 2007
Wordpress contains several cross-site scripting, cross-site request
forgery and information leak vulnerabilities.
http://www.linuxsecurity.com/content/view/127516
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated nufw packages fix various bugs
15th, March, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127462
* Mandriva: Updated libwpd packages to address heap overflow
vulnerabilities
16th, March, 2007
iDefense reported several overflow bugs in libwpd. An attacker could
create a carefully crafted Word Perfect file that could cause an
application linked with libwpd, such as OpenOffice, to crash or
possibly execute arbitrary code if the file was opened by a victim.
Updated packages have been patched to address this issue.
http://www.linuxsecurity.com/content/view/127475
* Mandriva: Updated openoffice.org packages to address libwpd heap
overflow vulnerabilities
16th, March, 2007
iDefense reported several overflow bugs in libwpd. An attacker could
create a carefully crafted Word Perfect file that could cause an
application linked with libwpd, such as OpenOffice, to crash or
possibly execute arbitrary code if the file was opened by a victim.
OpenOffice.org-2.X contains an embedded copy of libpwd, and as such
is susceptible to the same issues. Updated packages have been rebuilt
using the system libwpd to address this issue.
http://www.linuxsecurity.com/content/view/127476
* Mandriva: Updated nas packages address multiple vulnerabilities
20th, March, 2007
Luigi Auriemma discovered a number of problems with the nas (Network
Audio System) daemon that could be used to crash nasd.
Updated packages have been patched to address this issue.
http://www.linuxsecurity.com/content/view/127518
* Mandriva: Updated OpenAFS packages address vulnerability
20th, March, 2007
By default, OpenAFS prior to 1.44 and 1.5.17 supports setuid programs
within the local cell, which could allow attackers to obtain privileges.
Updated packages have been patched to address this issue.
http://www.linuxsecurity.com/content/view/127519
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Important: libwpd security update
16th, March, 2007
Updated libwpd packages to correct a security issue are now available
for Red Hat Enterprise Linux 5. This update has been rated as having
important security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/127472
+---------------------------------+
| Distribution: SuSE | ----------------------------//
+---------------------------------+
* SuSE: php security problems
15th, March, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127457
* SuSE: Linux kernel (SUSE-SA:2007:021)
16th, March, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127471
* SuSE: Mozilla security problems
20th, March, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127503
* SuSE: OpenOffice,libwpd security problems
21st, March, 2007
Several security problems were fixed in the Wordperfect converter
library libwpd and OpenOffice_org.
http://www.linuxsecurity.com/content/view/127522
+---------------------------------+
| Distribution: Ubuntu | ----------------------------//
+---------------------------------+
* Ubuntu: libwpd vulnerability
19th, March, 2007
Sean Larsson of iDefense Labs discovered that libwpd was vulnerable
to integer overflows. If a user were tricked into opening a
specially crafted WordPerfect document with an application that used
libwpd, an attacker could execute arbitrary code with user
privileges.
http://www.linuxsecurity.com/content/view/127492
* Ubuntu: Inkscape vulnerability
20th, March, 2007
A flaw was discovered in Inkscape's use of format strings. If a user
were tricked into opening a specially crafted URI in Inkscape, a
remote
attacker could execute arbitrary code with user privileges.
http://www.linuxsecurity.com/content/view/127517
* Ubuntu: file vulnerability
21st, March, 2007
Jean-Sebastien Guay-Leroux discovered that "file" did not correctly
check the size of allocated heap memory. If a user were tricked into
examining a specially crafted file with the "file" utility, a remote
attacker could execute arbitrary code with user privileges.
http://www.linuxsecurity.com/content/view/127526
* Ubuntu: MySQL vulnerability
21st, March, 2007
Stefan Streichbier and B. Mueller of SEC Consult discovered that
MySQL subselect queries using "ORDER BY" could be made to crash the
MySQL server. An attacker with access to a MySQL instance could
cause an intermitant denial of service.
http://www.linuxsecurity.com/content/view/127527
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
_________________________________________
Visit the InfoSec News Security Bookstore
http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Sun Mar 25 2007 - 22:42:14 PST