[ISN] Linux Advisory Watch - August 10th 2007

From: InfoSec News (alerts@private)
Date: Mon Aug 13 2007 - 00:10:19 PDT


+---------------------------------------------------------------------+
|  LinuxSecurity.com                               Weekly Newsletter  |
|  August 10th 2007                              Volume 8, Number 32a |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.

This week advisories were released for iceweasel, xulrunner, iceape,
xpdf, poppler, libextractor, tetex-bin, bochs, pdfkit, gdm, tcpdump,
kernel, flashplayer, libarchive, gd, java, libgtop2, gdm, thunderbird,
qt, and koffice.  The distributors include Debian, Fedora, Gentoo,
Mandrake, Red Hat, and Ubuntu.

--

>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

* EnGarde Secure Linux v3.0.16 Now Available

Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.16 (Version 3.0, Release 16). This release includes
many updated packages and bug fixes, some feature enhancements to
Guardian Digital WebTool and the SELinux policy, and a few new
features.

http://www.engardelinux.org/modules/download/

---

Review: Practical Packet Analysis

In the introduction, McIlwraith points out that security awareness
training properly consists of communication, raising of issues, and
encouragement to modify behaviour. (This will come as no surprise
to those who recall the definition of training as the modification
of attitudes and behaviour.) He also notes that security professionals
frequently concentrate solely on presentation of problems. The
remainder of the introduction looks at other major security
activities, and the part that awareness plays in ensuring that
they actually work.

http://www.linuxsecurity.com/content/view/128459/171/

---

Robert Slade Review: "Information Security and Employee Behaviour"

The best way to secure you against sniffing is to use encryption. While
this won't prevent a sniffer from functioning, it will ensure that what a
sniffer reads is pure junk.

http://www.linuxsecurity.com/content/view/128404/171/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New iceweasel packages fix several vulnerabilities
  3rd, August, 2007

Several remote vulnerabilities have been discovered in the Iceweasel
web browser, an unbranded version of the Firefox browser. The Common
Vulnerabilities and Exposures project identifies the security flaws.
"moz_bug_r_a4" discovered that a regression in the handling of
"about:blank" windows used by addons may lead to an attacker being
able to modify the content of web sites.

http://www.linuxsecurity.com/content/view/128912


* Debian: New xulrunner packages fix several vulnerabilities
  4th, August, 2007

Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the security flaws."moz_bug_r_a4"
discovered that a regression in the handling of "about:blank" windows
used by addons may lead to an attacker being able to modify the
content of web sites.

http://www.linuxsecurity.com/content/view/128916


* Debian: New iceape packages fix several vulnerabilities
  4th, August, 2007

Several remote vulnerabilities have been discovered in the Iceape
internet suite, an unbranded version of the Seamonkey Internet Suite.

http://www.linuxsecurity.com/content/view/128917


* Debian: New xpdf packages fix arbitrary code execution
  4th, August, 2007

It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is
opened.

http://www.linuxsecurity.com/content/view/128918


* Debian: New poppler packages fix arbitrary code execution
  4th, August, 2007

It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is
opened.

http://www.linuxsecurity.com/content/view/128919


* Debian: New libextractor packages fix arbitrary code execution
  5th, August, 2007

It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is
opened.

http://www.linuxsecurity.com/content/view/128921


* Debian: New tetex-bin packages fix arbitrary code execution
  6th, August, 2007

It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is opened.

http://www.linuxsecurity.com/content/view/128927


* Debian: New bochs packages fix privilege escalation
  7th, August, 2007

Tavis Ormandy discovered that bochs, a highly portable IA-32 PC
emulator, is vulnerable to a buffer overflow in the emulated NE2000
network device driver, which may lead to privilege escalation.

http://www.linuxsecurity.com/content/view/128936


* Debian: New pdfkit.framework packages fix arbitrary code
  7th, August, 2007

It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is opened.

http://www.linuxsecurity.com/content/view/128938


* Fedora Core 6 Update: gdm-2.16.5-2.fc6
  2nd, August, 2007

Gdm (the GNOME Display Manager) is a highly configurable
reimplementation of xdm, the X Display Manager. JLANTHEA reported a
denial of service flaw in the way that gdm listens on its unix domain
socket. Any local user can crash the locally running X session.

http://www.linuxsecurity.com/content/view/128903


* Fedora Core 6 Update: tcpdump-3.9.4-11.fc6
  2nd, August, 2007

Integer overflow in print-bgp.c in the BGP dissector in
tcpdump 3.9.6 and earlier allows remote attackers to execute
arbitrary code via crafted TLVs in a BGP packet, related to
an unchecked return value.

http://www.linuxsecurity.com/content/view/128904


* Fedora Core 6 Update: kernel-2.6.22.1-32.fc6
  9th, August, 2007

The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c
in the Linux kernel before 2.6.22 allows remote attackers to cause
a denial of service (crash) via an encoded, out-of-range index value
for a choice field, which triggers a NULL pointer dereference.

http://www.linuxsecurity.com/content/view/128958


* Gentoo: Macromedia Flash Player Remote arbitrary code execution
  8th, August, 2007

Multiple vulnerabilities have been discovered in Macromedia Flash
Player, allowing for the remote execution of arbitrary code. Mark
Hills discovered some errors when interacting with a browser for
keystrokes handling (CVE-2007-2022). Stefano Di Paola and Giorgio
Fedon =66rom Minded Security discover

http://www.linuxsecurity.com/content/view/128953


* Gentoo: Xvid Array indexing vulnerabilities
  8th, August, 2007

Several array indexing vulnerabilities were discovered in Xvid.
An attacker could exploit these vulnerabilities to execute arbitrary
code by tricking a user or automated system into processing a
malicious video file with an application that makes use of the Xvid
library.

http://www.linuxsecurity.com/content/view/128954


* Gentoo: libarchive (formerly named as bsdtar) Multiple pax Extension 
  Header Vulnerabilities
  8th, August, 2007

Multiple vulnerabilities were found in libarchive (formerly named as
app-archive/bsdtar), possibly allowing for the execution of arbitrary
code or a Denial of Service.

http://www.linuxsecurity.com/content/view/128955


* Mandriva: Updated gd packages fix several vulnerabilities
  3rd, August, 2007

GD versions prior to 2.0.35 have a number of bugs which potentially lead 
to denial of service and possibly other issues. Integer overflow in 
gdImageCreateTrueColor function in the GD Graphics Library (libgd) 
before 2.0.35 allows user-assisted remote attackers to have unspecified 
remote attack vectors and impact.

http://www.linuxsecurity.com/content/view/128915


* RedHat: Critical: java-1.4.2-ibm security update
  6th, August, 2007

Updated java-1.4.2-ibm packages to correct a set of security issues
are now available for Red Hat Enterprise Linux 3 and 4 Extras and Red
Hat Enterprise Linux 5 Supplementary. A security vulnerability in the
Java Web Start component was discovered.

http://www.linuxsecurity.com/content/view/128925


* RedHat: Critical: java-1.5.0-sun security update
  6th, August, 2007

Updated java-1.5.0-sun packages that correct several security issues
are available for Red Hat Enterprise Linux 4 Extras. The Javadoc tool
was able to generate HTML documentation pages that contained cross-site
scripting (XSS) vulnerabilities.

http://www.linuxsecurity.com/content/view/128926


* RedHat: Moderate: libgtop2 security update
  7th, August, 2007

An updated libgtop2 package that fixes a security issue and a
functionality bug is now available for Red Hat Enterprise Linux 4.A
flaw was found in the way libgtop2 handled long filenames mapped into
the address space of a process. An attacker could execute arbitrary
code on behalf of the user running gnome-system-monitor by executing
a process and mapping a file with a specially crafted name into the
processes' address space. This update has been rated as having
moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128933


* RedHat: Moderate: gdm security and bug fix update
  7th, August, 2007

An updated gdm package that fixes a security issue is now available
for Red Hat Enterprise Linux 5.A flaw was found in the way Gdm listens
on its unix domain socket.  A local user could crash a running X
session by writing malicious data to Gdm's unix domain socket.
This update has been rated as having moderate security impact by
the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128934


* RedHat: Critical: java-1.5.0-ibm security update
  7th, August, 2007

Updated java-1.5.0-ibm packages that correct several security issues
are now available for Red Hat Enterprise Linux 4 Extras and 5
Supplementary. A security vulnerability in the Java Web Start component
was discovered. An untrusted application could elevate it's privileges,
allowing it to read and write local files that are accessible to the
user running the Java Web Start application.

http://www.linuxsecurity.com/content/view/128935


* RedHat: Important: kernel security update
  8th, August, 2007

Updated kernel packages that fix a number of security issues are now
available for Red Hat Enterprise Linux 2.1 (32-bit architectures).
This security advisory has been rated as having important security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128951


* RedHat: Important: kernel security update
  8th, August, 2007

Updated kernel packages that fix a number of security issues are now
available for Red Hat Enterprise Linux 2.1 (64-bit architectures).
This security advisory has been rated as having important security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128952


* Slackware:   thunderbird
  3rd, August, 2007

New Thunderbird packages are available for Slackware 11.0 and 12.0
to fix two possible security issues.  This package may also be used
on many older versions of Slackware (though we're not certain how far

http://www.linuxsecurity.com/content/view/128914


* Ubuntu:  Gimp vulnerability
  2nd, August, 2007

Sean Larsson discovered multiple integer overflows in Gimp.  By
tricking a user into opening a specially crafted DICOM, PNM, PSD,
PSP, RAS, XBM, or XWD image, a remote attacker could exploit this
to execute arbitrary code with the user's privileges.

http://www.linuxsecurity.com/content/view/128898


* Ubuntu:  Qt vulnerability
  3rd, August, 2007

Several format string vulnerabilities have been discovered in Qt
warning messages. By causing an application to process specially
crafted input data which triggered Qt warnings, this could be
exploited to execute arbitrary code with the privilege of the user
running the application.

http://www.linuxsecurity.com/content/view/128908


* Ubuntu:  koffice vulnerability
  3rd, August, 2007

Derek Noonburg discovered an integer overflow in the Xpdf function
StreamPredictor::StreamPredictor(). By importing a specially crafted
PDF file into KWord, this could be exploited to run arbitrary code
with the user's privileges.

http://www.linuxsecurity.com/content/view/128909


* Ubuntu:  poppler vulnerability
  7th, August, 2007

USN-496-1 fixed a vulnerability in koffice.  This update provides the
corresponding updates for poppler, the library used for PDF handling
in Gnome. Derek Noonburg discovered an integer overflow in the Xpdf
function  StreamPredictor::StreamPredictor(). By importing a specially
crafted PDF  file into KWord, this could be exploited to run arbitrary
code with the  user's privileges.

http://www.linuxsecurity.com/content/view/128939


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


____________________________________
Attend HITBSecConf2007 - Malaysia 
Taking place September 3-6 2007 featuring seven tracks of technical 
training and a dual-track security conference with keynote speakers 
Lance Spitzner and Mikko Hypponen!  -  Book your seats today! 
http://conference.hitb.org/hitbsecconf2007kl/



This archive was generated by hypermail 2.1.3 : Mon Aug 13 2007 - 00:24:01 PDT