+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| April 27th 2007 Volume 8, Number 17a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@private ben@private
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.
This week advisories were released for webcalendar, aircrack-ng, clamav,
php, 3proxy, NAS, ClamAV, sqlite, freeradius, zziplip, java, xine,
freetype, clamav, Opera, and rdesktop. The distributors include
Debian, Gentoo, Mandriva, Red Hat, Slackware, and SuSE.
---
* EnGarde Secure Linux v3.0.13 Now Available
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.13 (Version 3.0, Release 13). This release includes several
bug fixes and feature enhancements to the SELinux policy and several
updated packages.
http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.13
---
Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec
management education and the case study affords you unmatched consulting
experience. Using interactive e-Learning technology, you can earn this
esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/linsec/
---
RFID with Bio-Smart Card in Linux
In this paper, we describe the integration of fingerprint template and RF
smart card for clustered network, which is designed on Linux platform and
Open source technology to obtain biometrics security. Combination of smart
card and biometrics has achieved in two step authentication where smart
card authentication is based on a Personal Identification Number (PIN) and
the card holder is authenticated using the biometrics template stored in
the smart card that is based on the fingerprint verification.
http://www.linuxsecurity.com/content/view/125052/171/
---
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption. While
this won't prevent a sniffer from functioning, it will ensure that what a
sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New webcalendar packages fix cross-site scripting
22nd, April, 2007
It was discovered that WebCalendar, a PHP-based calendar application,
performs insufficient sanitising in the exports handler, which allows
injection of web script.
http://www.linuxsecurity.com/content/view/127896
* Debian: New aircrack-ng packages fix arbitrary code execution
24th, April, 2007
It was discovered that aircrack-ng, a WEP/WPA security analysis tool,
performs insufficient validation of 802.11 authentication packets,
which allows the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/127923
* Debian: New clamav packages fix several vulnerabilities
25th, April, 2007
Several remote vulnerabilities have been discovered in the Clam
anti-virus toolkit. The Common Vulnerabilities and Exposures project
identifies the following problems.
http://www.linuxsecurity.com/content/view/127943
* Debian: New php4 packages fix several vulnerabilities
26th, April, 2007
Several remote vulnerabilities have been discovered in PHP, a
server-side, HTML-embedded scripting language, which may lead to the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems:
http://www.linuxsecurity.com/content/view/127952
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: Aircrack-ng Remote execution of arbitrary code
22nd, April, 2007
Aircrack-ng contains a buffer overflow that could lead to the remote
execution of arbitrary code with root privileges.
http://www.linuxsecurity.com/content/view/127897
* Gentoo: 3proxy Buffer overflow
22nd, April, 2007
A vulnerability has been discovered in 3proxy allowing for the remote
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/127898
* Gentoo: Courier-IMAP Remote execution of arbitrary code
22nd, April, 2007
A vulnerability has been discovered in Courier-IMAP allowing for
remote code execution with root privileges.
http://www.linuxsecurity.com/content/view/127899
* Gentoo: Blender User-assisted remote execution of arbitrary code
23rd, April, 2007
A vulnerability has been discovered in Blender allowing for
user-assisted arbitrary code execution.
http://www.linuxsecurity.com/content/view/127905
* Gentoo: NAS Multiple vulnerabilities
23rd, April, 2007
The Network Audio System is vulnerable to a buffer overflow that
could result in the execution of arbitrary code with root privileges.
http://www.linuxsecurity.com/content/view/127906
* Gentoo: ClamAV Multiple vulnerabilities
24th, April, 2007
Multiple vulnerabilities have been discovered in ClamAV allowing for
the remote execution of arbitrary code. iDefense Labs have reported a
stack-based buffer overflow in the cab_unstore() function when
processing negative values in .cab files. Multiple file descriptor
leaks have also been reported in chmunpack.c, pdf.c and dblock.c when
processing .chm files.
http://www.linuxsecurity.com/content/view/127917
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated php packages fix multiple vulnerabilities
19th, April, 2007
A heap-based buffer overflow vulnerability was found in PHP's gd
extension. A script that could be forced to process WBMP images
from an untrusted source could result in arbitrary code execution
(CVE-2007-1001).
A DoS flaw was found in how PHP processed a deeply nested array.
A remote attacker could cause the PHP intrerpreter to creash
by submitting an input variable with a deeply nested array
(CVE-2007-1285).
http://www.linuxsecurity.com/content/view/127865
* Mandriva: Updated php packages fix multiple vulnerabilities
19th, April, 2007
A heap-based buffer overflow vulnerability was found in PHP's gd
extension. A script that could be forced to process WBMP images
from an untrusted source could result in arbitrary code execution
(CVE-2007-1001).
http://www.linuxsecurity.com/content/view/127866
* Mandriva: Updated php packages fix multiple vulnerabilities
19th, April, 2007
A heap-based buffer overflow vulnerability was found in PHP's gd
extension. A script that could be forced to process WBMP images
from an untrusted source could result in arbitrary code execution
(CVE-2007-1001).
http://www.linuxsecurity.com/content/view/127867
* Mandriva: Updated php packages fix multiple vulnerabilities
19th, April, 2007
A heap-based buffer overflow vulnerability was found in PHP's gd
extension. A script that could be forced to process WBMP images
from an untrusted source could result in arbitrary code execution
(CVE-2007-1001).
http://www.linuxsecurity.com/content/view/127868
* Mandriva: Updated sqlite packages fix vulnerability
19th, April, 2007
A buffer overflow in sqlite could allow context-dependent attackers
to execute arbitrary code via an empty value of the 'in' parameter.
Updated packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/127869
* Mandriva: Updated freeradius packages fix vulnerability
23rd, April, 2007
Multiple buffer overflows were found in the FreeRADIUS package
version 1.0.4 and prior that could allow a remote attacker to cause
a crash via the rlm_sqlcounter module (CVE-2005-4746).
As well, an SQL injection vulnerability was also found in the
rlm_sqlcounter that could allow a remote attacker to execute
arbitrary SQL commands via unknown attack vectors (CVE-2005-4745).
Updated packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/127907
* Mandriva: Updated zziplib packages fix vulnerability
23rd, April, 2007
A stack-based buffer overflow in the ZZIPlib library could allow
user-assisted remote attackers to cause an application crash (DoS)
or execute arbitrary code via a long filename.
Updated packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/127908
* Mandriva: Updated postgresql packages fix vulnerability
26th, April, 2007
A weakness in previous versions of PostgreSQL was found in the
security definer functions in which an authenticated but otherwise
unprivileged SQL user could use temporary objects to execute
arbitrary code with the privileges of the security-definer function.
http://www.linuxsecurity.com/content/view/127947
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Moderate: php security update
20th, April, 2007
Updated PHP packages that fix several security issues are now
available for Red Hat Enterprise Linux 5. HTTP Web server. A flaw was
found in the way the mbstring extension set global variables. A script
which used the mb_parse_str() function to set global variables could be
forced to enable the register_globals configuration option, possibly
resulting in global variable injection. (CVE-2007-1583)
http://www.linuxsecurity.com/content/view/127881
* RedHat: Critical: java-1.4.2-ibm security update
25th, April, 2007
Updated java-1.4.2-ibm packages to correct a security issue are now
available for Red Hat Enterprise Linux 3 and 4 Extras. A flaw in GIF
image handling was found in the SUN Java Runtime Environment that has
now been reported as also affecting IBM Java 2. An untrusted applet
or application could use this flaw to elevate its privileges and
potentially execute arbitrary code.
http://www.linuxsecurity.com/content/view/127935
* RedHat: Critical: java-1.5.0-ibm security update
25th, April, 2007
java-1.5.0-ibm packages that correct a security issue are available
for Red Hat Enterprise Linux 5 Supplementary and Enterprise Linux 4 Extras.
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/127942
+---------------------------------+
| Distribution: Slackware | ----------------------------//
+---------------------------------+
* Slackware: xine-lib
20th, April, 2007
New xine-lib packages are available for Slackware 10.0, 10.1, 10.2,
11.0, and -current to fix security issues. More details about this issue
may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246
http://www.linuxsecurity.com/content/view/127879
* Slackware: freetype
20th, April, 2007
New x11 and/or freetype and fontconfig packages are available for
Slackware 10.1, 10.2, 11.0, and -current to fix security issues in
freetype. Freetype was packaged with X11 prior to Slackware version 11.0.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://www.linuxsecurity.com/content/view/127880
+---------------------------------+
| Distribution: SuSE | ----------------------------//
+---------------------------------+
* SuSE: clamav update (SUSE-SA:2007:026)
20th, April, 2007
The AntiVirus scan engine clamav was updated to version 0.90.2. Among
other bugs two security problems were fixed which could cause a
remote denial of service attack against clamav or potentially be used to
execute code.
http://www.linuxsecurity.com/content/view/127885
* SuSE: XFree86,Xorg (SUSE-SA:2007:027)
20th, April, 2007
Several X security problems were fixed that could be used by local
attackers to crash the X server or potentially to execute code as
root user.
http://www.linuxsecurity.com/content/view/127886
* SuSE: Opera 9.20 (SUSE-SA:2007:028)
24th, April, 2007
Avoided a vulnerability in Adobe Flash Player.
http://www.linuxsecurity.com/content/view/127914
+---------------------------------+
| Distribution: Ubuntu | ----------------------------//
+---------------------------------+
* Ubuntu: rdesktop regression
26th, April, 2007
USN-453-1 provided an updated libx11 package to fix a security
vulnerability. This triggered an error in rdesktop so that it crashed
on startup. This update fixes the problem.
http://www.linuxsecurity.com/content/view/127949
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email newsletter-request@private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
__________________________
Subscribe to InfoSec News
http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Sun Apr 29 2007 - 23:17:15 PDT