[ISN] Linux Advisory Watch - April 5th 2007

From: InfoSec News (alerts@private)
Date: Mon Apr 09 2007 - 01:08:50 PDT


+---------------------------------------------------------------------+
|  LinuxSecurity.com                               Weekly Newsletter  |
|  April 5th 2007                                Volume 8, Number 14a |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for file, zope, krb, XMMS, Ekiga,
Squid, CUPS, Asterisk, Kerberos, OpenAFS, OpenPBS, zziplib, kdelibs,
openoffice, qt3, qt4, XFree86, xorg-x11, libXfont, mysql, ktorrent,
and gpg.  The distributors include Debian, Gentoo, Mandriva,
Red Hat, Slackware, SuSE, and Ubuntu.

---

* EnGarde Secure Linux v3.0.13 Now Available

Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.13 (Version 3.0, Release 13). This release includes
several bug fixes and feature enhancements to the SELinux policy
and several updated packages.

http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.13

---

Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.

http://www.msia.norwich.edu/linsec/

---

RFID with Bio-Smart Card in Linux

In this paper, we describe the integration of fingerprint template
and RF smart card for clustered network, which is designed on Linux
platform and Open source technology to obtain biometrics security.
Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a
Personal Identification Number (PIN) and the card holder is
authenticated using the biometrics template stored in the smart
card that is based on the fingerprint verification. The fingerprint
verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire
parameters of smart security controller like PIN options, Reader
delay, real-time clock, alarm option and cardholder access
conditions.

http://www.linuxsecurity.com/content/view/125052/171/

---

Packet Sniffing Overview

The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.

http://www.linuxsecurity.com/content/view/123570/49/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+


* Debian: New file packages fix arbitrary code execution
  2nd, April, 2007

Updated package.

http://www.linuxsecurity.com/content/view/127643


* Debian: New zope2.7 packages fix cross-site scripting flaw
  2nd, April, 2007

Updated package.

http://www.linuxsecurity.com/content/view/127653


* Debian: New krb5 packages fix several vulnerabilities
  3rd, April, 2007

Updated package.

http://www.linuxsecurity.com/content/view/127671


* Debian: New XMMS packages fix arbitrary code execution
  4th, April, 2007

Multiple errors have been found in the skin handling routines in xmms, 
the X Multimedia System.  These vulnerabilities could allow an attacker 
to run arbitrary code as the user running xmms by inducing the victim to 
load specially crafted interface skin files.


http://www.linuxsecurity.com/content/view/127695


* Gentoo: Ekiga Format string vulnerability
  29th, March, 2007

A format string vulnerability in Ekiga may allow the remote execution
of arbitrary code.

http://www.linuxsecurity.com/content/view/127613


* Gentoo: file Integer underflow
  30th, March, 2007

A buffer underflow vulnerability has been reported in file allowing
for the user-assisted execution of arbitrary code.

http://www.linuxsecurity.com/content/view/127634


* Gentoo: Squid Denial of Service
  31st, March, 2007

Squid is affected by a Denial of Service vulnerability.

http://www.linuxsecurity.com/content/view/127638


* Gentoo: CUPS Denial of Service
  31st, March, 2007

CUPS incorrectly handles partially-negotiated SSL connections
allowing for a Denial of Service.

http://www.linuxsecurity.com/content/view/127639


* Gentoo: Asterisk Two SIP Denial of Service vulnerabilities
  2nd, April, 2007

Asterisk is vulnerable to two Denial of Service issues in the SIP
channel.

http://www.linuxsecurity.com/content/view/127651


* Gentoo: MIT Kerberos 5 Arbitrary remote code execution
  3rd, April, 2007

Multiple vulnerabilities in MIT Kerberos 5 could potentially result
in unauthenticated remote root code execution.

http://www.linuxsecurity.com/content/view/127670


* Gentoo: OpenAFS Privilege escalation
  3rd, April, 2007

OpenAFS is subject to a design flaw that could allow privilege
escalation on the client.

http://www.linuxsecurity.com/content/view/127672


* Gentoo: OpenPBS Multiple vulnerabilities
  3rd, April, 2007

OpenPBS contains unspecified vulnerabilities which may allow for the
remote execution of arbitrary code or a Denial of Service.

http://www.linuxsecurity.com/content/view/127673


* Gentoo: zziplib Buffer Overflow
  3rd, April, 2007

The zziplib library contains a buffer overflow vulnerability that
could lead to user-assisted remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/127674


* Mandriva: Updated xmms packages to address integer vulnerabilities
  29th, March, 2007

Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly
other versions, allows user-assisted remote attackers to execute
arbitrary code via crafted header information in a skin bitmap image,
which triggers memory corruption. (CVE-2007-0653)
Integer underflow in X MultiMedia System (xmms) 1.2.10 allows
user-assisted remote attackers to execute arbitrary code via crafted
header information in a skin bitmap image, which results in a
stack-based buffer overflow. (CVE-2007-0654) Updated packages have
been patched to correct these issues.

http://www.linuxsecurity.com/content/view/127612


* Mandriva: Updated kdelibs packages to address FTP PASV issue in konqueror
  29th, March, 2007

The FTP protocol implementation in Konqueror 3.5.5 allows remote
servers to force the client to connect to other servers, perform a
proxied port scan, or obtain sensitive information by specifying an
alternate server address in a FTP PASV command. Updated packages have
been patched to address this issue.

http://www.linuxsecurity.com/content/view/127614


* Mandriva: Updated openoffice.org packages to address
vulnerabilities
  29th, March, 2007

Stack-based buffer overflow in the StarCalc parser in OpenOffice.org
(OOo) Office Suite allows user-assisted remote attackers to execute
arbitrary code via a crafted document. (CVE-2007-0238) OpenOffice.org
(OOo) Office Suite allows user-assisted remote attackers to execute
arbitrary commands via shell metacharacters in a prepared
link in a crafted document. (CVE-2007-0239) Updated packages have
been patched to correct these issues.

http://www.linuxsecurity.com/content/view/127615


* Mandriva: Updated qt3 packages to address utf8 decoder bug
  3rd, April, 2007

Andreas Nolden discover a bug in qt3, where the UTF8 decoder does not
reject overlong sequences, which can cause "/../" injection or (in
the case of konqueror) a "<script>" tag injection. Updated packages
have been patched to address this issue.

http://www.linuxsecurity.com/content/view/127680


* Mandriva: Updated kdelibs packages to address UTF8 issue in KJS
  3rd, April, 2007

A bug was discovered in KJS where UTF8 decoding did not reject
overlong sequences.  This vulnerability is similar to that discovered
by Andreas Nolden in QT3 and QT4, but at this current time there is
no known exploit for this issue. Updated packages have been patched
to address this issue.

http://www.linuxsecurity.com/content/view/127681


* Mandriva: Updated qt4 packages to address utf8 decoder bug
  3rd, April, 2007

Andreas Nolden discover a bug in qt4, where the UTF8 decoder does not
reject overlong sequences, which can cause "/../" injection or (in
the case of konqueror) a "<script>" tag injection. Updated packages
have been patched to address this issue.

http://www.linuxsecurity.com/content/view/127682


* RedHat: Critical: krb5 security update
  3rd, April, 2007

Updated krb5 packages that fix a number of issues are now available.
This update has been rated as having critical security impact by the
Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/127659


* RedHat: Important: XFree86 security update
  3rd, April, 2007

Updated XFree86 packages that fix a number of security issues are now
available for Red Hat Enterprise Linux 2.1 and 3. This update has
been rated as having important security impact by the Red Hat
Security Response Team.

http://www.linuxsecurity.com/content/view/127662


* RedHat: Important: xorg-x11 security update
  3rd, April, 2007

Updated X.org packages that fix several security issues are now
available for Red Hat Enterprise Linux 4. This update has been rated
as having important security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/127663


* RedHat: Important: xorg-x11-server security update
  3rd, April, 2007

Updated X.org X11 server packages that fix a security issue are now
available for Red Hat Enterprise Linux 5. This update has been rated
as having important security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/127664


* RedHat: Moderate: squid security update
  3rd, April, 2007

An updated squid package that fixes a security vulnerability is now
available for Red Hat Enterprise Linux 5. This update has been rated
as having moderate security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/127665


* RedHat: Important: libXfont security update
  3rd, April, 2007

Updated X.org libXfont packages that fix a security issue are now
available for Red Hat Enterprise Linux 5. This update has been rated
as having important security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/127666


* RedHat: Moderate: mysql security update
  3rd, April, 2007

Updated mysql packages that fix a security flaw are now available for
Red Hat Enterprise Linux 4. This update has been rated as having
moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/127667


* Slackware:   file [and bin package]
  3rd, April, 2007

New file packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
10.1, 10.2, 11.0, and -current to fix a security issue.

http://www.linuxsecurity.com/content/view/127676


* Slackware:   qt
  3rd, April, 2007

New qt packages are available for Slackware 10.2, 11.0, and -current
to fix a security issue.

http://www.linuxsecurity.com/content/view/127677


* Slackware:   ktorrent
  3rd, April, 2007

New ktorrent packages are available for Slackware 11.0 and -current
to fix security issues.

http://www.linuxsecurity.com/content/view/127678


* SuSE: gpg (SUSE-SA:2007:024)
  30th, March, 2007

Updated package.

http://www.linuxsecurity.com/content/view/127630


* Ubuntu:  X.org vulnerabilities
  3rd, April, 2007

Sean Larsson of iDefense Labs discovered that the MISC-XC extension
of  Xorg did not correctly verify the size of allocated memory.  An
authenticated user could send a specially crafted X11 request and
execute arbitrary code with root privileges. (CVE-2007-1003)Greg
MacManus of iDefense Labs discovered that the BDF font handling code
in Xorg and FreeType did not correctly verify the size of allocated
memory.

http://www.linuxsecurity.com/content/view/127675


* Ubuntu:  krb5 vulnerabilities
  3rd, April, 2007

The krb5 telnet service did not appropriately verify user names.  A
remote attacker could log in as the root user by requesting a
specially crafted user name.

http://www.linuxsecurity.com/content/view/127679


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


__________________________
Subscribe to InfoSec News
http://www.infosecnews.org



This archive was generated by hypermail 2.1.3 : Mon Apr 09 2007 - 01:22:52 PDT