[ISN] Linux Advisory Watch - July 20th 2007

From: InfoSec News (alerts@private)
Date: Mon Jul 23 2007 - 22:07:36 PDT


+---------------------------------------------------------------------+
|  LinuxSecurity.com                               Weekly Newsletter  |
|  July 20th 2007                                Volume 8, Number 29a |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.

This week advisories were released for freetype, gimp, httpd,
perl-Net-DNS, xorg-x11, flash-plugin, tomcat, seamonkey, thunderbird,
libnet-dns-perl, curl, php, dovecot, mod_perl, and the Linux kernel.
The distributors include Debian, Fedora, Mandriva, Red Hat, and
Ubuntu.

---

>> Accelerate your career with a Master in
>> Information Assurance from Norwich!

The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study offers you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.

http://www.linuxsecurity.com/ads/adclick.php?log=no&bannerid=12

---

* EnGarde Secure Linux v3.0.13 Now Available

Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.13 (Version 3.0, Release 13). This release includes several
bug fixes and feature enhancements to the SELinux policy and several
updated packages.

http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.13

---

Review: Practical Packet Analysis

In the introduction, McIlwraith points out that security awareness
training properly consists of communication, raising of issues, and
encouragement to modify behaviour. (This will come as no surprise
to those who recall the definition of training as the modification
of attitudes and behaviour.) He also notes that security professionals
frequently concentrate solely on presentation of problems. The
remainder of the introduction looks at other major security
activities, and the part that awareness plays in ensuring that
they actually work.

http://www.linuxsecurity.com/content/view/128459/171/

---

Robert Slade Review: "Information Security and Employee Behaviour"

The best way to secure you against sniffing is to use encryption. While
this won't prevent a sniffer from functioning, it will ensure that what a
sniffer reads is pure junk.

http://www.linuxsecurity.com/content/view/128404/171/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New freetype packages fix arbitary code execution
  18th, July, 2007

A problem was discovered with freetype, a FreeType2 font engine,
which could allow the execution of arbitary code via an integer
overflow in specially crafted TTF files.

http://www.linuxsecurity.com/content/view/128802


* Debian: New gimp packages fix arbitrary code execution
  18th, July, 2007

Several remote vulnerabilities have been discovered in Gimp, the GNU
Image Manipulation Program, which might lead to the execution of
arbitrary code.

http://www.linuxsecurity.com/content/view/128803



+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

* Fedora Core 6 Update: httpd-2.2.4-2.1.fc6
  12th, July, 2007

The Apache HTTP Server did not verify that a process was an
Apache child process before sending it signals. A local
attacker with the ability to run scripts on the Apache HTTP
Server could manipulate the scoreboard and cause arbitrary
processes to be terminated which could lead to a denial of
service (CVE-2007-3304). This issue is not exploitable on
Fedora if using the default SELinux targeted policy.

http://www.linuxsecurity.com/content/view/128775



+---------------------------------+
|  Distribution: Mandriva         | ----------------------------//
+---------------------------------+

* Mandriva: Updated perl-Net-DNS packages fix multiple
  12th, July, 2007

A flaw was discovered in the perl Net::DNS module in the way it
generated the ID field in a DNS query.	Because it is so predictable,
a remote attacker could exploit this to return invalid DNS data
(CVE-2007-3377).

http://www.linuxsecurity.com/content/view/128776



+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Moderate: xorg-x11 security update
  12th, July, 2007

Updated X.org packages that correct a flaw in the way the X.Org X11
xfs font server starts are now available for Red Hat Enterprise Linux.
The init.d xfs script chown has race condition vulnerability.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128765


* RedHat: Moderate: xorg-x11-xfs security update
  12th, July, 2007

Updated X.org packages that address a flaw in the way the X.Org X11
xfs font server starts are now available for Red Hat Enterprise
Linux 5.A temporary file flaw was found in the way the X.Org X11 xfs
font server startup script executes.

http://www.linuxsecurity.com/content/view/128766


* RedHat: Moderate: perl-Net-DNS security update
  12th, July, 2007

Updated perl-Net-DNS packages that correct two security issues are
now available for Red Hat Enterprise Linux 3 and 5.A denial of service
flaw was found in the way Net::DNS parsed certain DNS requests. A
malformed response to a DNS request could cause the application using
Net::DNS to crash or stop responding.

http://www.linuxsecurity.com/content/view/128767


* RedHat: Moderate: perl-Net-DNS security update
  12th, July, 2007

An updated perl-Net-DNS package that corrects a security issue is now
available for Red Hat Enterprise Linux 4.A flaw was found in the way
Net::DNS generated the ID field in a DNS query. This predictable ID
field could be used by a remote attacker to return invalid DNS data.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128768


* RedHat: Critical: flash-plugin security update
  12th, July, 2007

An updated Adobe Flash Player package that fixes a security issue is
now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5
Supplementary. An input validation flaw was found in the way Flash
Player displayed certain content. It may be possible to execute
arbitrary code on a victim's machine if the victim opens a malicious
Adobe Flash file.

http://www.linuxsecurity.com/content/view/128769


* RedHat: Moderate: httpd security update
  13th, July, 2007

Updated Apache httpd packages that correct two security issues are
now available for Red Hat Application Stack. A flaw was found in
the Apache HTTP Server mod_status module.

http://www.linuxsecurity.com/content/view/128778


* RedHat: Moderate: httpd security update
  13th, July, 2007

Updated Apache httpd packages that correct a security issue are now
available for Red Hat Enterprise Linux 3 and 4.A local attacker with
the ability to run scripts on the Apache HTTP Server could manipulate
the scoreboard and cause arbitrary processes to be terminated which
could lead to a denial of service.  This update has been rated as
having moderate security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/128781


* RedHat: Moderate: tomcat security update
  17th, July, 2007

Updated tomcat packages that fix two security issues and a packaging
bug are now available for Red Hat Enterprise Linux 5.Some JSPs within
the 'examples' web application did not escape user provided data. If
the JSP examples were accessible, this flaw could allow a remote
attacker to perform cross-site scripting attacks.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128790


* RedHat: Critical: seamonkey security update
  18th, July, 2007

Updated seamonkey packages that fix several security bugs are now
available for Red Hat Enterprise Linux 2.1, 3, and 4. Several flaws
were found in the way SeaMonkey processed certain malformed JavaScript
code. A web page containing malicious JavaScript code could
cause SeaMonkey to crash or potentially execute arbitrary code as the
user running SeaMonkey.

http://www.linuxsecurity.com/content/view/128806


* RedHat: Moderate: thunderbird security update
  18th, July, 2007

Updated thunderbird packages that fix several security bugs are now
available for Red Hat Enterprise Linux 4 and 5. A malicious HTML
email message containing JavaScript code could cause Thunderbird to
crash or potentially execute arbitrary code as the user running
Thunderbird.  JavaScript support is disabled by default in
Thunderbird; these issues are not exploitable unless the user has
enabled JavaScript. This update has been rated as having moderate
security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128807



+---------------------------------+
|  Distribution: Ubuntu           | ----------------------------//
+---------------------------------+

* Ubuntu:  libnet-dns-perl vulnerabilities
  13th, July, 2007

Peter Johannes Holzer discovered that the Net::DNS Perl module had
predictable sequence numbers.  This could allow remote attackers to
carry out DNS spoofing, leading to possible man-in-the-middle
attacks.

http://www.linuxsecurity.com/content/view/128785


* Ubuntu:  curl vulnerability
  17th, July, 2007

It was discovered that the GnuTLS certificate verification methods
implemented in Curl did not check for expiration and activation
dates. When performing validations, tools using libcurl3-gnutls would
incorrectly allow connections to sites using expired certificates.

http://www.linuxsecurity.com/content/view/128793


* Ubuntu:  PHP vulnerabilities
  17th, July, 2007

It was discovered that the PHP xmlrpc extension did not correctly
check heap memory allocation sizes.  A remote attacker could send a
specially crafted request to a PHP application using xmlrpc and execute
arbitrary code as the Apache user.

http://www.linuxsecurity.com/content/view/128797


* Ubuntu:  Dovecot vulnerability
  17th, July, 2007

It was discovered that Dovecot, when configured to use
non-system-user spools and compressed folders, would allow
directory traversals in mailbox names.	Remote authenticated
users could potentially read email owned by other users.

http://www.linuxsecurity.com/content/view/128798


* Ubuntu:  mod_perl vulnerability
  18th, July, 2007

Alex Solovey discovered that mod_perl did not correctly validate
certain regular expression matches.  A remote attacker could send a
specially crafted request to a web application using mod_perl,
causing the web server to monopolize CPU resources.  This could
lead to a remote denial of service.

http://www.linuxsecurity.com/content/view/128804


* Ubuntu:  redhat-cluster-suite vulnerability
  19th, July, 2007

USN-489-1 fixed vulnerabilities in the Linux kernel.  This update
provides the corresponding fixes for the redhat cluster suite kernel
sources. A flaw was discovered in the cluster manager.	A remote
attacker could  connect to the DLM port and block further DLM
operations.

http://www.linuxsecurity.com/content/view/128812


* Ubuntu:  Linux kernel vulnerabilities
  19th, July, 2007

A flaw was discovered in dvb ULE decapsulation.  A remote attacker
could send a specially crafted message and cause a denial of service.
The compat_sys_mount function allowed local users to cause a denial of
service when mounting a smbfs filesystem in compatibility mode.

http://www.linuxsecurity.com/content/view/128813

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Mon Jul 23 2007 - 22:24:59 PDT