+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | April 13th 2007 Volume 8, Number 15a | +---------------------------------------------------------------------+ Editors: Dave Wreski Benjamin D. Thomas dave@private ben@private Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week advisories were released for man-db, libX11, Evince, libwpd, DokuWiki, krb5, freetype2, tightvnc, ipsec-tools, the Linux kernel, and the KDE library. The distributors include Debian, Fedora Gentoo, Mandriva, Ubuntu. --- * EnGarde Secure Linux v3.0.13 Now Available Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.13 (Version 3.0, Release 13). This release includes several bug fixes and feature enhancements to the SELinux policy and several updated packages. http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.13 --- Earn an NSA recognized IA Masters Online The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/linsec/ --- RFID with Bio-Smart Card in Linux In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. http://www.linuxsecurity.com/content/view/125052/171/ --- Packet Sniffing Overview The best way to secure you against sniffing is to use encryption. While this won't prevent a sniffer from functioning, it will ensure that what a sniffer reads is pure junk. http://www.linuxsecurity.com/content/view/123570/49/ -------- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ * Debian: New man-db packages fix arbitrary code execution 6th, April, 2007 A buffer overflow has been dicovered in the man command that could allow an attacker to execute code as the man user by providing specially crafted arguments to the -H flag. This is likely to be an issue only on machines with the man and mandb programs installed setuid. http://www.linuxsecurity.com/content/view/127722 +---------------------------------+ | Distribution: Fedora | ----------------------------// +---------------------------------+ * Fedora Core 5 Update: libX11-1.0.0-4.fc5 10th, April, 2007 Aadded libX11-1.0.1-setuid.diff to fix potential security issue (required) http://www.linuxsecurity.com/content/view/127757 +---------------------------------+ | Distribution: Gentoo | ----------------------------// +---------------------------------+ * Gentoo: Evince Stack overflow in included gv code 6th, April, 2007 Evince improperly handles user-supplied data possibly allowing for the execution of arbitrary code. http://www.linuxsecurity.com/content/view/127725 * Gentoo: libwpd Multiple vulnerabilities 6th, April, 2007 libwpd is vulnerable to several heap overflows and an integer overflow. http://www.linuxsecurity.com/content/view/127726 * Gentoo: DokuWiki Cross-site scripting vulnerability 12th, April, 2007 DokuWiki is vulnerable to a cross-site scripting attack. An attacker could entice a user to click a specially crafted link and inject CRLF characters into the variable. This would allow the creation of new lines or fields in the returned HTTP Response header, which would permit the attacker to execute arbitrary scripts in the context of the user's browser. http://www.linuxsecurity.com/content/view/127784 +---------------------------------+ | Distribution: Mandriva | ----------------------------// +---------------------------------+ * Mandriva: Updated krb5 packages fix vulnerabilities 10th, April, 2007 A vulnerability was found in the username handling of the MIT krb5 telnet daemon. A remote attacker that could access the telnet port of a target machine could login as root without requiring a password (CVE-2007-0956). http://www.linuxsecurity.com/content/view/127759 * Mandriva: Updated freetype2 packages fix vulnerability 10th, April, 2007 iDefense integer overflows in the way freetype handled various font files. http://www.linuxsecurity.com/content/view/127761 * Mandriva: Updated tightvnc packages fix integer overflow vulnerabilities 10th, April, 2007 Local exploitation of a memory corruption vulnerability in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. http://www.linuxsecurity.com/content/view/127763 * Mandriva: Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities 11th, April, 2007 Local exploitation of a memory corruption vulnerability in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. http://www.linuxsecurity.com/content/view/127775 * Mandriva: Updated madwifi-source, wpa_supplicant packages fix vulnerabilities 11th, April, 2007 The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission. (CVE-2005-4835) http://www.linuxsecurity.com/content/view/127776 * Mandriva: Updated apache-mod_perl packages fix DoS vulnerability 11th, April, 2007 PerlRun.pm in Apache mod_perl 1.30 and earlier, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI. Updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/127777 +---------------------------------+ | Distribution: Ubuntu | ----------------------------// +---------------------------------+ * Ubuntu: ipsec-tools vulnerability 9th, April, 2007 A flaw was discovered in the IPSec key exchange server "racoon". Remote attackers could send a specially crafted packet and disrupt established IPSec tunnels, leading to a denial of service. http://www.linuxsecurity.com/content/view/127743 * Ubuntu: Linux kernel vulnerabilities 10th, April, 2007 The kernel key management code did not correctly handle key reuse. A local attacker could create many key requests, leading to a denial of service. (CVE-2007-0006) http://www.linuxsecurity.com/content/view/127764 * Ubuntu: KDE library vulnerability 11th, April, 2007 The Qt library did not correctly handle truncated UTF8 strings, which could cause some applications to incorrectly filter malicious strings. If a Konqueror user were tricked into visiting a web site containing specially crafted strings, normal XSS prevention could be bypassed allowing a remote attacker to steal confidential data. http://www.linuxsecurity.com/content/view/127778 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ __________________________ Subscribe to InfoSec News http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Sun Apr 15 2007 - 22:34:37 PDT