+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | August 10th 2007 Volume 8, Number 32a | +---------------------------------------------------------------------+ Editors: Dave Wreski Benjamin D. Thomas dave@private ben@private Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week advisories were released for iceweasel, xulrunner, iceape, xpdf, poppler, libextractor, tetex-bin, bochs, pdfkit, gdm, tcpdump, kernel, flashplayer, libarchive, gd, java, libgtop2, gdm, thunderbird, qt, and koffice. The distributors include Debian, Fedora, Gentoo, Mandrake, Red Hat, and Ubuntu. -- >> Linux+DVD Magazine << Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc. In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- * EnGarde Secure Linux v3.0.16 Now Available Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.16 (Version 3.0, Release 16). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features. http://www.engardelinux.org/modules/download/ --- Review: Practical Packet Analysis In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work. http://www.linuxsecurity.com/content/view/128459/171/ --- Robert Slade Review: "Information Security and Employee Behaviour" The best way to secure you against sniffing is to use encryption. While this won't prevent a sniffer from functioning, it will ensure that what a sniffer reads is pure junk. http://www.linuxsecurity.com/content/view/128404/171/ -------- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ * Debian: New iceweasel packages fix several vulnerabilities 3rd, August, 2007 Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the security flaws. "moz_bug_r_a4" discovered that a regression in the handling of "about:blank" windows used by addons may lead to an attacker being able to modify the content of web sites. http://www.linuxsecurity.com/content/view/128912 * Debian: New xulrunner packages fix several vulnerabilities 4th, August, 2007 Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the security flaws."moz_bug_r_a4" discovered that a regression in the handling of "about:blank" windows used by addons may lead to an attacker being able to modify the content of web sites. http://www.linuxsecurity.com/content/view/128916 * Debian: New iceape packages fix several vulnerabilities 4th, August, 2007 Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. http://www.linuxsecurity.com/content/view/128917 * Debian: New xpdf packages fix arbitrary code execution 4th, August, 2007 It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. http://www.linuxsecurity.com/content/view/128918 * Debian: New poppler packages fix arbitrary code execution 4th, August, 2007 It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. http://www.linuxsecurity.com/content/view/128919 * Debian: New libextractor packages fix arbitrary code execution 5th, August, 2007 It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. http://www.linuxsecurity.com/content/view/128921 * Debian: New tetex-bin packages fix arbitrary code execution 6th, August, 2007 It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. http://www.linuxsecurity.com/content/view/128927 * Debian: New bochs packages fix privilege escalation 7th, August, 2007 Tavis Ormandy discovered that bochs, a highly portable IA-32 PC emulator, is vulnerable to a buffer overflow in the emulated NE2000 network device driver, which may lead to privilege escalation. http://www.linuxsecurity.com/content/view/128936 * Debian: New pdfkit.framework packages fix arbitrary code 7th, August, 2007 It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. http://www.linuxsecurity.com/content/view/128938 * Fedora Core 6 Update: gdm-2.16.5-2.fc6 2nd, August, 2007 Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. JLANTHEA reported a denial of service flaw in the way that gdm listens on its unix domain socket. Any local user can crash the locally running X session. http://www.linuxsecurity.com/content/view/128903 * Fedora Core 6 Update: tcpdump-3.9.4-11.fc6 2nd, August, 2007 Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. http://www.linuxsecurity.com/content/view/128904 * Fedora Core 6 Update: kernel-2.6.22.1-32.fc6 9th, August, 2007 The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c in the Linux kernel before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference. http://www.linuxsecurity.com/content/view/128958 * Gentoo: Macromedia Flash Player Remote arbitrary code execution 8th, August, 2007 Multiple vulnerabilities have been discovered in Macromedia Flash Player, allowing for the remote execution of arbitrary code. Mark Hills discovered some errors when interacting with a browser for keystrokes handling (CVE-2007-2022). Stefano Di Paola and Giorgio Fedon =66rom Minded Security discover http://www.linuxsecurity.com/content/view/128953 * Gentoo: Xvid Array indexing vulnerabilities 8th, August, 2007 Several array indexing vulnerabilities were discovered in Xvid. An attacker could exploit these vulnerabilities to execute arbitrary code by tricking a user or automated system into processing a malicious video file with an application that makes use of the Xvid library. http://www.linuxsecurity.com/content/view/128954 * Gentoo: libarchive (formerly named as bsdtar) Multiple pax Extension Header Vulnerabilities 8th, August, 2007 Multiple vulnerabilities were found in libarchive (formerly named as app-archive/bsdtar), possibly allowing for the execution of arbitrary code or a Denial of Service. http://www.linuxsecurity.com/content/view/128955 * Mandriva: Updated gd packages fix several vulnerabilities 3rd, August, 2007 GD versions prior to 2.0.35 have a number of bugs which potentially lead to denial of service and possibly other issues. Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified remote attack vectors and impact. http://www.linuxsecurity.com/content/view/128915 * RedHat: Critical: java-1.4.2-ibm security update 6th, August, 2007 Updated java-1.4.2-ibm packages to correct a set of security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras and Red Hat Enterprise Linux 5 Supplementary. A security vulnerability in the Java Web Start component was discovered. http://www.linuxsecurity.com/content/view/128925 * RedHat: Critical: java-1.5.0-sun security update 6th, August, 2007 Updated java-1.5.0-sun packages that correct several security issues are available for Red Hat Enterprise Linux 4 Extras. The Javadoc tool was able to generate HTML documentation pages that contained cross-site scripting (XSS) vulnerabilities. http://www.linuxsecurity.com/content/view/128926 * RedHat: Moderate: libgtop2 security update 7th, August, 2007 An updated libgtop2 package that fixes a security issue and a functionality bug is now available for Red Hat Enterprise Linux 4.A flaw was found in the way libgtop2 handled long filenames mapped into the address space of a process. An attacker could execute arbitrary code on behalf of the user running gnome-system-monitor by executing a process and mapping a file with a specially crafted name into the processes' address space. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128933 * RedHat: Moderate: gdm security and bug fix update 7th, August, 2007 An updated gdm package that fixes a security issue is now available for Red Hat Enterprise Linux 5.A flaw was found in the way Gdm listens on its unix domain socket. A local user could crash a running X session by writing malicious data to Gdm's unix domain socket. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128934 * RedHat: Critical: java-1.5.0-ibm security update 7th, August, 2007 Updated java-1.5.0-ibm packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. A security vulnerability in the Java Web Start component was discovered. An untrusted application could elevate it's privileges, allowing it to read and write local files that are accessible to the user running the Java Web Start application. http://www.linuxsecurity.com/content/view/128935 * RedHat: Important: kernel security update 8th, August, 2007 Updated kernel packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 (32-bit architectures). This security advisory has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128951 * RedHat: Important: kernel security update 8th, August, 2007 Updated kernel packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 (64-bit architectures). This security advisory has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128952 * Slackware: thunderbird 3rd, August, 2007 New Thunderbird packages are available for Slackware 11.0 and 12.0 to fix two possible security issues. This package may also be used on many older versions of Slackware (though we're not certain how far http://www.linuxsecurity.com/content/view/128914 * Ubuntu: Gimp vulnerability 2nd, August, 2007 Sean Larsson discovered multiple integer overflows in Gimp. By tricking a user into opening a specially crafted DICOM, PNM, PSD, PSP, RAS, XBM, or XWD image, a remote attacker could exploit this to execute arbitrary code with the user's privileges. http://www.linuxsecurity.com/content/view/128898 * Ubuntu: Qt vulnerability 3rd, August, 2007 Several format string vulnerabilities have been discovered in Qt warning messages. By causing an application to process specially crafted input data which triggered Qt warnings, this could be exploited to execute arbitrary code with the privilege of the user running the application. http://www.linuxsecurity.com/content/view/128908 * Ubuntu: koffice vulnerability 3rd, August, 2007 Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user's privileges. http://www.linuxsecurity.com/content/view/128909 * Ubuntu: poppler vulnerability 7th, August, 2007 USN-496-1 fixed a vulnerability in koffice. This update provides the corresponding updates for poppler, the library used for PDF handling in Gnome. Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user's privileges. http://www.linuxsecurity.com/content/view/128939 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@private with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ____________________________________ Attend HITBSecConf2007 - Malaysia Taking place September 3-6 2007 featuring seven tracks of technical training and a dual-track security conference with keynote speakers Lance Spitzner and Mikko Hypponen! - Book your seats today! http://conference.hitb.org/hitbsecconf2007kl/
This archive was generated by hypermail 2.1.3 : Mon Aug 13 2007 - 00:24:01 PDT