[ISN] Linux Advisory Watch - August 17th 2007

From: InfoSec News (alerts@private)
Date: Sun Aug 19 2007 - 22:40:22 PDT


+---------------------------------------------------------------------+
|  LinuxSecurity.com                               Weekly Newsletter  |
|  August 17th 2007                              Volume 8, Number 33a |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.

This week advisories were released for tcpdump, gpdf, kdegraphics,
kernel, ClamAV, XFce, SquirrelMail, MySQL, gimp, seamonkey, and
libvorbis.  The distributors include Debian, Fedora, Gentoo,
Red Hat, Slackware, and ubuntu.

--

>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

* EnGarde Secure Linux v3.0.16 Now Available

Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.16 (Version 3.0, Release 16). This release includes
many updated packages and bug fixes, some feature enhancements to
Guardian Digital WebTool and the SELinux policy, and a few new
features.

http://www.engardelinux.org/modules/download/

---

Review: Practical Packet Analysis

In the introduction, McIlwraith points out that security awareness
training properly consists of communication, raising of issues, and
encouragement to modify behaviour. (This will come as no surprise
to those who recall the definition of training as the modification
of attitudes and behaviour.) He also notes that security professionals
frequently concentrate solely on presentation of problems. The
remainder of the introduction looks at other major security
activities, and the part that awareness plays in ensuring that
they actually work.

http://www.linuxsecurity.com/content/view/128459/171/

---

Robert Slade Review: "Information Security and Employee Behaviour"

The best way to secure you against sniffing is to use encryption. While
this won't prevent a sniffer from functioning, it will ensure that what a
sniffer reads is pure junk.

http://www.linuxsecurity.com/content/view/128404/171/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New tcpdump packages fix arbitrary code execution
  11th, August, 2007

It was discovered that an integer overflow in the BGP dissector of
tcpdump, a powerful tool for network monitoring and data acquisition,
may lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/128976


* Debian: New gpdf packages fix arbitrary code execution
  13th, August, 2007

It was discovered that an integer overflow in xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is
opened.

http://www.linuxsecurity.com/content/view/128984


* Debian: New kdegraphics packages fix arbitrary code execution
  13th, August, 2007


It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is opened.

http://www.linuxsecurity.com/content/view/128985


* Debian: New Linux 2.6.18 packages fix several vulnerabilities
  15th, August, 2007

Several local and remote vulnerabilities have been discovered in the
Linux kernel that may lead to a denial of service or the execution of
arbitrary code. The Common Vulnerabilities and Exposures project
identifies the following problems below.

http://www.linuxsecurity.com/content/view/128996


+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

* Fedora Core 6 Update: kernel-2.6.22.1-32.fc6
  9th, August, 2007

The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c
in the Linux kernel before 2.6.22 allows remote attackers to cause a
denial of service (crash) via an encoded, out-of-range index value for
a choice field, which triggers a NULL pointer dereference.

http://www.linuxsecurity.com/content/view/128958



+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

* Gentoo: ClamAV Denial of Service
  9th, August, 2007

A vulnerability has been discovered in ClamAV, allowing for a Denial
of Service.

http://www.linuxsecurity.com/content/view/128962


* Gentoo: GD Multiple vulnerabilities
  9th, August, 2007

Multiple vulnerabilities have been discovered in GD, allowing for the
execution of arbitrary code.

http://www.linuxsecurity.com/content/view/128963


* Gentoo: Net:DNS: Multiple vulnerabilities
  11th, August, 2007

Multiple vulnerabilities have been discovered in the Net::DNS Perl
module, allowing for a Denial of Service and a cache poisoning
attack.

http://www.linuxsecurity.com/content/view/128977


* Gentoo: Xfce Terminal Remote arbitrary code execution
  11th, August, 2007

A vulnerability has been discovered in the Xfce Terminal program,
allowing for the remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/128978


* Gentoo: SquirrelMail G/PGP plugin Arbitrary code execution
  11th, August, 2007

Multiple vulnerabilities have been discovered in SquirrelMail,
allowing for the remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/128979


* Gentoo: MySQL Denial of Service and information leakage
  16th, August, 2007

A Denial of Service vulnerability and a table structure information
leakage vulnerability were found in MySQL.

http://www.linuxsecurity.com/content/view/128999


+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Moderate: kernel security and bugfix update
  16th, August, 2007

Updated kernel packages that fix several security issues and bugs in
the Red Hat Enterprise Linux 3 kernel are now available. These new
kernel packages contain fixes for the security issues described below:
This security advisory has been rated as having moderate security
impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/128998



+---------------------------------+
|  Distribution: Slackware        | ----------------------------//
+---------------------------------+

* Slackware:   gimp
  11th, August, 2007

New gimp packages are available for Slackware 10.2, 11.0, and 12.0 to
fix security issues.

http://www.linuxsecurity.com/content/view/128972


* Slackware:   seamonkey
  11th, August, 2007

New seamonkey packages are available for Slackware 11.0 and 12.0 to
fix various security issues.

http://www.linuxsecurity.com/content/view/128974


* Slackware:   xpdf
  11th, August, 2007

New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,
11.0, and 12.0 to fix an integer overflow. More details about this
issue may be found in the Common

http://www.linuxsecurity.com/content/view/128975


+---------------------------------+
|  Distribution: Ubuntu           | ----------------------------//
+---------------------------------+

* Ubuntu:  xfce4-terminal vulnerability
  13th, August, 2007

Lasse Karkkainen discovered that the Xfce Terminal did not correctly
escape shell meta-characters during "Open Link" actions.  If a remote
attacker tricked a user into opening a specially crafted URI, they
could execute arbitrary commands with the user's privileges.

http://www.linuxsecurity.com/content/view/128987


* Ubuntu:  libvorbis vulnerabilities
  16th, August, 2007

David Thiel discovered that libvorbis did not correctly verify the
size of certain headers, and did not correctly clean up a broken stream.
If a user were tricked into processing a specially crafted Vorbis
stream, a remote attacker could execute arbitrary code with the user's
privileges.

http://www.linuxsecurity.com/content/view/128997


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


____________________________________
Attend HITBSecConf2007 - Malaysia 
Taking place September 3-6 2007 featuring seven tracks of technical 
training and a dual-track security conference with keynote speakers 
Lance Spitzner and Mikko Hypponen!  -  Book your seats today! 
http://conference.hitb.org/hitbsecconf2007kl/



This archive was generated by hypermail 2.1.3 : Sun Aug 19 2007 - 22:52:25 PDT