+------------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| February 1st, 2008 Volume 9, Number 5 |
| |
| Editorial Team: Dave Wreski <dwreski@private> |
| Benjamin D. Thomas <bthomas@private> |
+------------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week, advisories were released for mysql, yarssr, pulseaudio,
gforge, netkit, maradns, postgresql, blam, xine, cherrypy, icu, kdebase,
libxfont, xfree86, and xll.
---
15-Month NSA Certified Masters in Info Assurance
Now you can earn your Master of Science in Information Assurance (MSIA) in
15 months. Norwich University has recently launched a 30-credit, 15-month
program, alongside the standard 36-credit, 18-month program. To find out
if you are eligible for the 15-month MSIA program, please visit:
http://www.msia.norwich.edu/linsec
---
>> Linux+DVD Magazine <<
Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.
In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.
http://www.linuxsecurity.com/ads/adclick.php?bannerid=3D26
---
HowTo: Secure your Ubuntu Apache Web Server
-------------------------------------------
Setting up a web server with Apache on a Linux distribution is a very
quick process, however to make it a secure setup takes some work. This
article will show you how to make your Apache web server more secure from
an attack by effectively using Access control and authentication
strategies.
http://www.linuxsecurity.com/content/view/133913
---
SSH: Best Practices
-------------------
If you're reading LinuxSecurity.com then it's a safe bet that you are
already using SSH, but are you using it in the best way possible? Have
you configured it to be as limited and secure as possible?
<BR/>Read on for my best practices for using Secure Shell.
http://www.linuxsecurity.com/content/view/133312
--> Take advantage of the LinuxSecurity.com Quick Reference Card! <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <--
--------------------------------------------------------------------------
* EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
-------------------------------------------------------
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.18 (Version 3.0, Release 18). This release includes the
brand new Health Center, new packages for FWKNP and PSAD, updated
packages and bug fixes, some feature enhancements to Guardian Digital
WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the
very first security platforms developed entirely from open source, and
has been engineered from the ground-up to provide users and
organizations with complete, secure Web functionality, DNS, database
and e-mail security, integrated intrusion detection and SELinux
policies and more.
http://www.linuxsecurity.com/content/view/131851
--------------------------------------------------------------------------
* Debian: New Linux 2.6.18 packages fix several vulnerabilities (Jan 29)
----------------------------------------------------------------------
Several local vulnerabilities have been discovered in the Linux kernel
that may lead to a denial of service or the execution of arbitrary
code. Bart Oldeman reported a denial of service (DoS) issue in the VFAT
filesystem that allows local users to corrupt a kernel structure
resulting in a system crash. This is only an issue for systems which
make use of the VFAT compat ioctl interface, such as systems running an
'amd64' flavor kernel.
http://www.linuxsecurity.com/content/view/133914
* Debian: New mysql-dfsg-5.0 packages fix several (Jan 28)
--------------------------------------------------------
Luigi Auriemma discovered two buffer overflows in YaSSL, an SSL
implementation included in the MySQL database package, which could lead
to denial of service and possibly the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/133832
* Debian: New yarssr packages fix arbitrary shell command (Jan 27)
----------------------------------------------------------------
Duncan Gilmore discovered that yarssr, an RSS aggregator and reader,
performs insufficient input sanitising, which could result in the
execution of arbitrary shell commands if a malformed feed is read.
http://www.linuxsecurity.com/content/view/133827
* Debian: New pulseaudio packages fix privilege escalation (Jan 27)
-----------------------------------------------------------------
Marcus Meissner discovered that the PulseAudio sound server performed
insufficent checks when dropping privileges, which could lead to local
privilege escalation.
http://www.linuxsecurity.com/content/view/133826
* Debian: new gforge packages fix cross site scripting (Jan 26)
-------------------------------------------------------------
Jos=C3=A9 Ram=C3=B3n Palanco discovered th a cross site scripting vulnerability
in GForge, a collaborative development tool, allows remote attackers to
inject arbitrary web script or HTML in the context of a logged in
user's session.
http://www.linuxsecurity.com/content/view/133753
--------------------------------------------------------------------------
* Gentoo: Netkit FTP Server Denial of Service (Jan 29)
----------------------------------------------------
Netkit FTP Server contains a Denial of Service vulnerability.
http://www.linuxsecurity.com/content/view/133917
* Gentoo: MaraDNS CNAME Denial of Service (Jan 29)
------------------------------------------------
MaraDNS is prone to a Denial of Service vulnerability impacting CNAME
resolution.
http://www.linuxsecurity.com/content/view/133916
* Gentoo: PostgreSQL Multiple vulnerabilities (Jan 29)
----------------------------------------------------
PostgreSQL contains multiple vulnerabilities that could result in
privilege escalation or a Denial of Service.
http://www.linuxsecurity.com/content/view/133912
* Gentoo: Blam User-assisted execution of arbitrary code (Jan 27)
---------------------------------------------------------------
Blam doesn't properly handle environment variables, potentially
allowing a local attacker to execute arbitrary code.
http://www.linuxsecurity.com/content/view/133825
* Gentoo: ngIRCd Denial of Service (Jan 27)
-----------------------------------------
ngIRCd does not properly sanitize commands sent by users, allowing for
a Denial of Service.
http://www.linuxsecurity.com/content/view/133824
* Gentoo: xine-lib User-assisted execution of arbitrary code (Jan 27)
-------------------------------------------------------------------
xine-lib is vulnerable to multiple heap-based buffer overflows when
processing RTSP streams.
http://www.linuxsecurity.com/content/view/133823
* Gentoo: CherryPy Directory traversal vulnerability (Jan 27)
-----------------------------------------------------------
CherryPy is vulnerable to a directory traversal that could allow
attackers to read and write arbitrary files.
http://www.linuxsecurity.com/content/view/133822
--------------------------------------------------------------------------
* Mandriva: Updated MySQL packages fix multiple (Jan 29)
------------------------------------------------------
The mysql_change_db() function in MySQL 5.0.x before 5.0.40 did not
restore THD::db_access privileges when returning from SQL SECURITY
INVOKER stored routines, which allowed remote authenticated users to
gain privileges (CVE-2007-2692).
http://www.linuxsecurity.com/content/view/133919
* Mandriva: Updated pulseaudio packages fix local root (Jan 25)
-------------------------------------------------------------
A programming flaw was found in Pulseaudio versions older than 0.9.9,
by which a local user can gain root access, if pulseaudio is installed
as a setuid to root binary, which is the recommended configuration. The
updated packages fix this issue.
http://www.linuxsecurity.com/content/view/133752
* Mandriva: Updated icu packages fix vulnerabilities (Jan 25)
-----------------------------------------------------------
Will Drewry reported multiple flaws in how libicu processed certain
malformed regular expressions. If an application linked against
libicu, such as OpenOffice.org, processed a carefully-crafted regular
expression, it could potentially cause the execution of arbitrary code
with the privileges of the user running the application. The updated
packages have been patched to correct these issues.
http://www.linuxsecurity.com/content/view/133750
* Mandriva: Updated kdebase package fixes a few bugs (Jan 25)
-----------------------------------------------------------
On kdebase as released in Mandriva Linux 2008.0, Khelpcenter could not
build an index for the KDE applications manuals, because a required
package, htdig, is not in the main repositories. Htdig is now added as
suggested package. Also, the Add a network wizard did not show up when
browsing the remote:/ kioslave in konqueror. And finally, the icon for
Home in the pager applet would appear as a blank page and did not work
(malformed URL). The updated package fixes these issues.
http://www.linuxsecurity.com/content/view/133746
* Mandriva: Updated libxfont packages fix font handling (Jan 24)
--------------------------------------------------------------
A heap-based buffer overflow flaw was found in how the X.org server
handled malformed font files that could allow a malicious local user to
potentially execute arbitrary code with the privileges of the X.org
server (CVE-2008-0006). The updated packages have been patched to
correct this issue.
http://www.linuxsecurity.com/content/view/133656
* Mandriva: Updated x11-server packages fix multiple (Jan 24)
-----------------------------------------------------------
An input validation flaw was found in the X.org server's XFree86-Misc
extension that could allow a malicious authorized client to cause a
denial of service (crash), or potentially execute arbitrary code with
root privileges on the X.org server (CVE-2007-5760). A flaw was found
in the X.org server's XC-SECURITY extension that could allow a local
user to verify the existence of an arbitrary file, even in directories
that are not normally accessible to that user (CVE-2007-5958).
http://www.linuxsecurity.com/content/view/133655
* Mandriva: Updated xorg-x11 packages fix multiple (Jan 24)
---------------------------------------------------------
Aaron Plattner discovered a buffer overflow in the Composite extension
of the X.org X server, which if exploited could lead to local privilege
escalation (CVE-2007-4730).
http://www.linuxsecurity.com/content/view/133654
* Mandriva: Updated XFree86 packages fix multiple (Jan 24)
--------------------------------------------------------
A flaw was found in the XFree86 server's XC-SECURITY extension that
could allow a local user to verify the existence of an arbitrary file,
even in directories that are not normally accessible to that user
(CVE-2007-5958).
http://www.linuxsecurity.com/content/view/133653
* Mandriva: Updated x11-server-xgl packages fix multiple (Jan 24)
---------------------------------------------------------------
An input validation flaw was found in the X.org server's XFree86-Misc
extension that could allow a malicious authorized client to cause a
denial of service (crash), or potentially execute arbitrary code with
root privileges on the X.org server (CVE-2007-5760). A flaw was found
in the X.org server's XC-SECURITY extension that could allow a local
user to verify the existence of an arbitrary file, even in directories
that are not normally accessible to that user (CVE-2007-5958).
http://www.linuxsecurity.com/content/view/133652
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
___________________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Mon Feb 04 2008 - 00:20:31 PST