+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | July 20th 2007 Volume 8, Number 29a | +---------------------------------------------------------------------+ Editors: Dave Wreski Benjamin D. Thomas dave@private ben@private Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week advisories were released for freetype, gimp, httpd, perl-Net-DNS, xorg-x11, flash-plugin, tomcat, seamonkey, thunderbird, libnet-dns-perl, curl, php, dovecot, mod_perl, and the Linux kernel. The distributors include Debian, Fedora, Mandriva, Red Hat, and Ubuntu. --- >> Accelerate your career with a Master in >> Information Assurance from Norwich! The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study offers you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.linuxsecurity.com/ads/adclick.php?log=no&bannerid=12 --- * EnGarde Secure Linux v3.0.13 Now Available Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.13 (Version 3.0, Release 13). This release includes several bug fixes and feature enhancements to the SELinux policy and several updated packages. http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.13 --- Review: Practical Packet Analysis In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work. http://www.linuxsecurity.com/content/view/128459/171/ --- Robert Slade Review: "Information Security and Employee Behaviour" The best way to secure you against sniffing is to use encryption. While this won't prevent a sniffer from functioning, it will ensure that what a sniffer reads is pure junk. http://www.linuxsecurity.com/content/view/128404/171/ -------- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ * Debian: New freetype packages fix arbitary code execution 18th, July, 2007 A problem was discovered with freetype, a FreeType2 font engine, which could allow the execution of arbitary code via an integer overflow in specially crafted TTF files. http://www.linuxsecurity.com/content/view/128802 * Debian: New gimp packages fix arbitrary code execution 18th, July, 2007 Several remote vulnerabilities have been discovered in Gimp, the GNU Image Manipulation Program, which might lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/128803 +---------------------------------+ | Distribution: Fedora | ----------------------------// +---------------------------------+ * Fedora Core 6 Update: httpd-2.2.4-2.1.fc6 12th, July, 2007 The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service (CVE-2007-3304). This issue is not exploitable on Fedora if using the default SELinux targeted policy. http://www.linuxsecurity.com/content/view/128775 +---------------------------------+ | Distribution: Mandriva | ----------------------------// +---------------------------------+ * Mandriva: Updated perl-Net-DNS packages fix multiple 12th, July, 2007 A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data (CVE-2007-3377). http://www.linuxsecurity.com/content/view/128776 +---------------------------------+ | Distribution: Red Hat | ----------------------------// +---------------------------------+ * RedHat: Moderate: xorg-x11 security update 12th, July, 2007 Updated X.org packages that correct a flaw in the way the X.Org X11 xfs font server starts are now available for Red Hat Enterprise Linux. The init.d xfs script chown has race condition vulnerability. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128765 * RedHat: Moderate: xorg-x11-xfs security update 12th, July, 2007 Updated X.org packages that address a flaw in the way the X.Org X11 xfs font server starts are now available for Red Hat Enterprise Linux 5.A temporary file flaw was found in the way the X.Org X11 xfs font server startup script executes. http://www.linuxsecurity.com/content/view/128766 * RedHat: Moderate: perl-Net-DNS security update 12th, July, 2007 Updated perl-Net-DNS packages that correct two security issues are now available for Red Hat Enterprise Linux 3 and 5.A denial of service flaw was found in the way Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding. http://www.linuxsecurity.com/content/view/128767 * RedHat: Moderate: perl-Net-DNS security update 12th, July, 2007 An updated perl-Net-DNS package that corrects a security issue is now available for Red Hat Enterprise Linux 4.A flaw was found in the way Net::DNS generated the ID field in a DNS query. This predictable ID field could be used by a remote attacker to return invalid DNS data. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128768 * RedHat: Critical: flash-plugin security update 12th, July, 2007 An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. An input validation flaw was found in the way Flash Player displayed certain content. It may be possible to execute arbitrary code on a victim's machine if the victim opens a malicious Adobe Flash file. http://www.linuxsecurity.com/content/view/128769 * RedHat: Moderate: httpd security update 13th, July, 2007 Updated Apache httpd packages that correct two security issues are now available for Red Hat Application Stack. A flaw was found in the Apache HTTP Server mod_status module. http://www.linuxsecurity.com/content/view/128778 * RedHat: Moderate: httpd security update 13th, July, 2007 Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 3 and 4.A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128781 * RedHat: Moderate: tomcat security update 17th, July, 2007 Updated tomcat packages that fix two security issues and a packaging bug are now available for Red Hat Enterprise Linux 5.Some JSPs within the 'examples' web application did not escape user provided data. If the JSP examples were accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128790 * RedHat: Critical: seamonkey security update 18th, July, 2007 Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. http://www.linuxsecurity.com/content/view/128806 * RedHat: Moderate: thunderbird security update 18th, July, 2007 Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. A malicious HTML email message containing JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128807 +---------------------------------+ | Distribution: Ubuntu | ----------------------------// +---------------------------------+ * Ubuntu: libnet-dns-perl vulnerabilities 13th, July, 2007 Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. http://www.linuxsecurity.com/content/view/128785 * Ubuntu: curl vulnerability 17th, July, 2007 It was discovered that the GnuTLS certificate verification methods implemented in Curl did not check for expiration and activation dates. When performing validations, tools using libcurl3-gnutls would incorrectly allow connections to sites using expired certificates. http://www.linuxsecurity.com/content/view/128793 * Ubuntu: PHP vulnerabilities 17th, July, 2007 It was discovered that the PHP xmlrpc extension did not correctly check heap memory allocation sizes. A remote attacker could send a specially crafted request to a PHP application using xmlrpc and execute arbitrary code as the Apache user. http://www.linuxsecurity.com/content/view/128797 * Ubuntu: Dovecot vulnerability 17th, July, 2007 It was discovered that Dovecot, when configured to use non-system-user spools and compressed folders, would allow directory traversals in mailbox names. Remote authenticated users could potentially read email owned by other users. http://www.linuxsecurity.com/content/view/128798 * Ubuntu: mod_perl vulnerability 18th, July, 2007 Alex Solovey discovered that mod_perl did not correctly validate certain regular expression matches. A remote attacker could send a specially crafted request to a web application using mod_perl, causing the web server to monopolize CPU resources. This could lead to a remote denial of service. http://www.linuxsecurity.com/content/view/128804 * Ubuntu: redhat-cluster-suite vulnerability 19th, July, 2007 USN-489-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding fixes for the redhat cluster suite kernel sources. A flaw was discovered in the cluster manager. A remote attacker could connect to the DLM port and block further DLM operations. http://www.linuxsecurity.com/content/view/128812 * Ubuntu: Linux kernel vulnerabilities 19th, July, 2007 A flaw was discovered in dvb ULE decapsulation. A remote attacker could send a specially crafted message and cause a denial of service. The compat_sys_mount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. http://www.linuxsecurity.com/content/view/128813 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Mon Jul 23 2007 - 22:24:59 PDT