[ISN] Linux Advisory Watch - September 7th 2007

From: InfoSec News (alerts@private)
Date: Sun Sep 09 2007 - 23:12:28 PDT


+---------------------------------------------------------------------+
|  LinuxSecurity.com                               Weekly Newsletter  |
|  September 7th 2007                            Volume 8, Number 36a |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@private          ben@private

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.

This week advisories were released for vim, id3lib, clamav, pptpd, krb5,
librpcsecgss, vavoom, gallery, kdebase, mysql, cyrus-sasl, star, java,
and kerberos.  The distributors include Debian, Fedora, Mandriva,
Red Hat, Slackware, and Ubuntu.

--

>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

* EnGarde Secure Linux v3.0.16 Now Available

Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.16 (Version 3.0, Release 16). This release includes
many updated packages and bug fixes, some feature enhancements to
Guardian Digital WebTool and the SELinux policy, and a few new
features.

http://www.engardelinux.org/modules/download/

---

Review: Ruby by Example

Learning a new language cannot be complete without a few 'real
world' examples. 'Hello world!'s and fibonacci sequences are
always nice as an introduction to certain aspects of programming,
but soon or later you crave something meatier to chew on. 'Ruby
by Example: Concepts and Code' by Kevin C. Baird provides a
wealth of knowledge via general to specialized examples of the
dynamic object oriented programming language, Ruby. Want to build
an mp3 playlist processor? How about parse out secret codes from
'Moby Dick'? Read on!

http://www.linuxsecurity.com/content/view/128840/171/

---

Robert Slade Review: "Information Security and Employee Behaviour"

The best way to secure you against sniffing is to use encryption. While
this won't prevent a sniffer from functioning, it will ensure that what a
sniffer reads is pure junk.

http://www.linuxsecurity.com/content/view/128404/171/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New Linux 2.6.18 packages fix several vulnerabilities
  31st, August, 2007

Several local and remote vulnerabilities have been discovered in the
Linux kernel that may lead to a denial of service or the execution of
arbitrary code. The Common Vulnerabilities and Exposures project
identifies the below vulnerabilities.

http://www.linuxsecurity.com/content/view/129221


* Debian: New vim packages fix several vulnerabilities
  1st, September, 2007

Several vulnerabilities have been discovered in the vim editor.  Ulf
Harnhammar discovered that a format string flaw in helptags_one()
from src/ex_cmds.c (triggered through the "helptags" command) can
lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/129224


* Debian: New id3lib3.8.3 packages fix denial of service
  1st, September, 2007

Nikolaus Schulz discovered that a programming error in id3lib, an ID3
Tag Library, may lead to denial of service through symlink attacks.

http://www.linuxsecurity.com/content/view/129225


* Debian: New clamav packages fix several vulnerabilities
  1st, September, 2007

Several remote vulnerabilities have been discovered in the Clam
anti-virus toolkit.

http://www.linuxsecurity.com/content/view/129226


* Debian: New pptpd packages fix regression
  2nd, September, 2007

It was discovered that the PoPToP Point to Point Tunneling Server
contains a programming error, which allows the tear-down of a PPTP
connection through a malformed GRE packet, resulting in denial of
service.

http://www.linuxsecurity.com/content/view/129227


* Debian: New krb5 packages fix arbitrary code execution
  4th, September, 2007

It was discovered that a buffer overflow of the RPC library of the
MIT Kerberos reference implementation allows the execution of arbitrary
code.

http://www.linuxsecurity.com/content/view/129236


* Debian: New librpcsecgss packages fix arbitrary code execution
  4th, September, 2007

It was discovered that a buffer overflow of the library for secure
RPC communication over the rpcsec_gss protocol allows the execution of
arbitrary code.

http://www.linuxsecurity.com/content/view/129237


* Debian: New krb5 packages fix arbitrary code execution
  6th, September, 2007

It was discovered that a buffer overflow of the RPC library of the
MIT Kerberos reference implementation allows the execution of arbitrary
code. The original patch from DSA-1367-1 didn't address the problem fully.

http://www.linuxsecurity.com/content/view/129347


* Debian: New gforge packages fix SQL injection
  6th, September, 2007

Sumit I. Siddharth discovered that Gforge, a collaborative
development tool performs insufficient input sanitising, which allows
SQL injection.

http://www.linuxsecurity.com/content/view/129348


+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

* Fedora 7 Update: vavoom-1.24-3.fc7
  4th, September, 2007

Security update fixing various format strings vulnerabilities and a
DOS vulnerability in the vavoom server, this fixes: CVE-2007-4533,
CVE-2007-4534 & CVE-2007-4535. Also see bugzilla bug 256621.

http://www.linuxsecurity.com/content/view/129332


* Fedora 7 Update: gallery2-2.2-0.7..
  4th, September, 2007

Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow

attackers to (1) rename items, (2) read and modify item properties,
or (3) lock and replace items via unknown vectors in (a) the WebDAV
module; and (4) edit unspecified data files using "linked items" in
(a) WebDAV and (b) Reupload modules.

http://www.linuxsecurity.com/content/view/129335


+---------------------------------+
|  Distribution: Mandriva         | ----------------------------//
+---------------------------------+

* Mandriva: Updated clamav packages vulnerabilities
  31st, August, 2007

A vulnerability in ClamAV was discovered that could allow remote
attackers to cause a denial of service via a crafted RTF file or a
crafted HTML document with a data: URI, both of which trigger a NULL
dereference (CVE-2007-4510).

http://www.linuxsecurity.com/content/view/129223


* Mandriva: Updated tar packages fix vulnerabilities
  4th, September, 2007


Dmitry V. Levin discovered a path traversal flaw in how GNU tar
extracted archives.  A malicious user could create a tar archive that
could write to arbitrary fiels that the user running tar has write
access to. Updated packages have been patched to prevent these issues.

http://www.linuxsecurity.com/content/view/129338


* Mandriva: Updated krb5 packages fix vulnerabilities
  6th, September, 2007

A stack buffer overflow vulnerability was discovered in the RPC
library used by Kerberos' kadmind program by Tenable Network
Security. A remote unauthenticated user who could access kadmind
would be able to trigger the flaw and cause it to crash (CVE-2007-3999).

http://www.linuxsecurity.com/content/view/129345


* Mandriva: Updated eggdrop package fix remote buffer overflow
  6th, September, 2007


A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop
1.6.18, and possibly earlier, allows user-assisted, malicious remote
IRC servers to execute arbitrary code via a long private message.

Updated packages fix this issue.
http://www.linuxsecurity.com/content/view/129346


* Mandriva: Updated kdebase and kdelibs packages fix location
  6th, September, 2007

konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers
to spoof the data: URI scheme in the address bar via a long URI with
trailing whitespace, which prevents the beginning of the URI from
being displayed. (CVE-2007-3820)

http://www.linuxsecurity.com/content/view/129349


* Mandriva: Updated MySQL packages fix vulnerabilities
  6th, September, 2007

A vulnerability was found in MySQL's authentication protocol, making
it possible for a remote unauthenticated attacker to send a specially
crafted authentication request to the MySQL server causing it to
crash (CVE-2007-3780).

http://www.linuxsecurity.com/content/view/129350


* Mandriva: Updated krb5 packages fix vulnerabilities
  7th, September, 2007

A stack buffer overflow vulnerability was discovered in the RPC
library used by Kerberos' kadmind program by Tenable Network
Security.

http://www.linuxsecurity.com/content/view/129390


+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Moderate: aide security update
  4th, September, 2007

A flaw was discovered in the way file checksums were stored in the
AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in the
file database not containing any file checksum information. This could
prevent AIDE from detecting certain file modifications.

http://www.linuxsecurity.com/content/view/129230


* RedHat: Moderate: kernel security and bugfix update
  4th, September, 2007

Updated kernel packages that fix several security issues and bugs in
the Red Hat Enterprise Linux 4 kernel are now available.

http://www.linuxsecurity.com/content/view/129231


* RedHat: Moderate: cyrus-sasl security and bug fix update
  4th, September, 2007

An updated cyrus-sasl package that addresses a security issue and
fixes various other bugs is now available for Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/129232


* RedHat: Moderate: star security update
  4th, September, 2007

An updated star package that fixes a path traversal flaw is now
available. This update has been rated as having moderate security impact
by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/129233


* RedHat: Moderate: cyrus-sasl security update
  4th, September, 2007

Updated cyrus-sasl packages that correct a security issue are now
available for Red Hat Enterprise Linux 3. This update has been rated
as having moderate security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/129234


* RedHat: Important: krb5 security update
  4th, September, 2007

Updated krb5 packages that fix two security flaws are now available
for Red Hat Enterprise Linux 5.

http://www.linuxsecurity.com/content/view/129235


* RedHat: Important: krb5 security update
  7th, September, 2007

Updated krb5 packages that correct a security flaw are now available
for Red Hat Enterprise Linux 5. The MIT Kerberos Team discovered a
problem with the originally published patch for svc_auth_gss.c

http://www.linuxsecurity.com/content/view/129352


+---------------------------------+
|  Distribution: Slackware        | ----------------------------//
+---------------------------------+

* Slackware:   java (jre, jdk)
  31st, August, 2007

Sun has released security advisories pertaining to both the Java
Runtime Environment and the Standard Edition Development Kit.

One such advisory may be found here:
http://www.linuxsecurity.com/content/view/129222


+---------------------------------+
|  Distribution: Ubuntu           | ----------------------------//
+---------------------------------+

* Ubuntu:  Linux kernel vulnerabilities
  31st, August, 2007

A buffer overflow was discovered in the Moxa serial driver.  Local
attackers could execute arbitrary code and gain root privileges.
(CVE-2005-0504)

http://www.linuxsecurity.com/content/view/129214


* Ubuntu:  Linux kernel vulnerabilities
  31st, August, 2007

A flaw was discovered in the PPP over Ethernet implementation.	Local
attackers could manipulate ioctls and cause kernel memory consumption
leading to a denial of service.

http://www.linuxsecurity.com/content/view/129218


* Ubuntu:  Kerberos vulnerability
  4th, September, 2007

It was discovered that the libraries handling RPCSEC_GSS did not
correctly validate the size of certain packet structures.  An
unauthenticated remote user could send a specially crafted request
and execute arbitrary code with root privileges.

http://www.linuxsecurity.com/content/view/129337


* Ubuntu:  Kerberos vulnerability
  7th, September, 2007

It was discovered that the libraries handling RPCSEC_GSS did not
correctly validate the size of certain packet structures. An
unauthenticated remote user could send a specially crafted request
and execute arbitrary code with root privileges.

http://www.linuxsecurity.com/content/view/129389


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


____________________________________
Visit the InfoSec News Bookstore
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Sun Sep 09 2007 - 23:24:46 PDT