[ISN] Linux Advisory Watch: February 1st, 2008

From: InfoSec News (alerts@private)
Date: Mon Feb 04 2008 - 00:03:29 PST


+------------------------------------------------------------------------+
| LinuxSecurity.com                                    Weekly Newsletter |
| February 1st, 2008                                  Volume 9, Number 5 |
|                                                                        |
| Editorial Team:                Dave Wreski <dwreski@private> |
|                         Benjamin D. Thomas <bthomas@private> |
+------------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for mysql, yarssr, pulseaudio,
gforge, netkit, maradns, postgresql, blam, xine, cherrypy, icu, kdebase,
libxfont, xfree86, and xll.

---

15-Month NSA Certified Masters in Info Assurance

Now you can earn your Master of Science in Information Assurance (MSIA) in
15 months. Norwich University has recently launched a 30-credit, 15-month
program, alongside the standard 36-credit, 18-month program. To find out
if you are eligible for the 15-month MSIA program, please visit:

http://www.msia.norwich.edu/linsec

---

>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

http://www.linuxsecurity.com/ads/adclick.php?bannerid=3D26

---

HowTo: Secure your Ubuntu Apache Web Server
-------------------------------------------
Setting up a web server with Apache on a Linux distribution is a very
quick process, however to make it a secure setup takes some work. This
article will show you how to make your Apache web server more secure from
an attack by effectively using Access control and authentication
strategies.

http://www.linuxsecurity.com/content/view/133913

---

SSH: Best Practices
-------------------
If you're reading LinuxSecurity.com then it's a safe bet that you are
already using SSH, but are you using it in the best way possible?  Have
you configured it to be as limited and secure as possible?

<BR/>Read on for my best practices for using Secure Shell.

http://www.linuxsecurity.com/content/view/133312

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

--------------------------------------------------------------------------

* EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
  -------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.18 (Version 3.0, Release 18). This release includes the
  brand new Health Center, new packages for FWKNP and PSAD, updated
  packages and bug fixes, some feature enhancements to Guardian Digital
  WebTool and the SELinux policy, as well as other new features.

  In distribution since 2001, EnGarde Secure Community was one of the
  very first security platforms developed entirely from open source, and
  has been engineered from the ground-up to provide users and
  organizations with complete, secure Web functionality, DNS, database
  and e-mail security, integrated intrusion detection and SELinux
  policies and more.

  http://www.linuxsecurity.com/content/view/131851

--------------------------------------------------------------------------

* Debian: New Linux 2.6.18 packages fix several vulnerabilities (Jan 29)
  ----------------------------------------------------------------------
  Several local vulnerabilities have been discovered in the Linux kernel
  that may lead to a denial of service or the execution of arbitrary
  code. Bart Oldeman reported a denial of service (DoS) issue in the VFAT
  filesystem that allows local users to corrupt a kernel structure
  resulting in a system crash. This is only an issue for systems which
  make use of the VFAT compat ioctl interface, such as systems running an
  'amd64' flavor kernel.

  http://www.linuxsecurity.com/content/view/133914

* Debian: New mysql-dfsg-5.0 packages fix several (Jan 28)
  --------------------------------------------------------
  Luigi Auriemma discovered two buffer overflows in YaSSL, an SSL
  implementation included in the MySQL database package, which could lead
  to denial of service and possibly the execution of arbitrary code.

  http://www.linuxsecurity.com/content/view/133832

* Debian: New yarssr packages fix arbitrary shell command (Jan 27)
  ----------------------------------------------------------------
  Duncan Gilmore discovered that yarssr, an RSS aggregator and reader,
  performs insufficient input sanitising, which could result in the
  execution of arbitrary shell commands if a malformed feed is read.

  http://www.linuxsecurity.com/content/view/133827

* Debian: New pulseaudio packages fix privilege escalation (Jan 27)
  -----------------------------------------------------------------
  Marcus Meissner discovered that the PulseAudio sound server performed
  insufficent checks when dropping privileges, which could lead to local
  privilege escalation.

  http://www.linuxsecurity.com/content/view/133826

* Debian: new gforge packages fix cross site scripting (Jan 26)
  -------------------------------------------------------------
  Jos=C3=A9 Ram=C3=B3n Palanco discovered th a cross site scripting vulnerability
  in GForge, a collaborative development tool, allows remote attackers to
  inject arbitrary web script or HTML in the context of a logged in
  user's session.

  http://www.linuxsecurity.com/content/view/133753

--------------------------------------------------------------------------

* Gentoo: Netkit FTP Server Denial of Service (Jan 29)
  ----------------------------------------------------
  Netkit FTP Server contains a Denial of Service vulnerability.

  http://www.linuxsecurity.com/content/view/133917

* Gentoo: MaraDNS CNAME Denial of Service (Jan 29)
  ------------------------------------------------
  MaraDNS is prone to a Denial of Service vulnerability impacting CNAME
  resolution.

  http://www.linuxsecurity.com/content/view/133916

* Gentoo: PostgreSQL Multiple vulnerabilities (Jan 29)
  ----------------------------------------------------
  PostgreSQL contains multiple vulnerabilities that could result in
  privilege escalation or a Denial of Service.

  http://www.linuxsecurity.com/content/view/133912

* Gentoo: Blam User-assisted execution of arbitrary code (Jan 27)
  ---------------------------------------------------------------
  Blam doesn't properly handle environment variables, potentially
  allowing a local attacker to execute arbitrary code.

  http://www.linuxsecurity.com/content/view/133825

* Gentoo: ngIRCd Denial of Service (Jan 27)
  -----------------------------------------
  ngIRCd does not properly sanitize commands sent by users, allowing for
  a Denial of Service.

  http://www.linuxsecurity.com/content/view/133824

* Gentoo: xine-lib User-assisted execution of arbitrary code (Jan 27)
  -------------------------------------------------------------------
  xine-lib is vulnerable to multiple heap-based buffer overflows when
  processing RTSP streams.

  http://www.linuxsecurity.com/content/view/133823

* Gentoo: CherryPy Directory traversal vulnerability (Jan 27)
  -----------------------------------------------------------
  CherryPy is vulnerable to a directory traversal that could allow
  attackers to read and write arbitrary files.

  http://www.linuxsecurity.com/content/view/133822

--------------------------------------------------------------------------

* Mandriva: Updated MySQL packages fix multiple (Jan 29)
  ------------------------------------------------------
  The mysql_change_db() function in MySQL 5.0.x before 5.0.40 did not
  restore THD::db_access privileges when returning from SQL SECURITY
  INVOKER stored routines, which allowed remote authenticated users to
  gain privileges (CVE-2007-2692).

  http://www.linuxsecurity.com/content/view/133919

* Mandriva: Updated pulseaudio packages fix local root (Jan 25)
  -------------------------------------------------------------
  A programming flaw was found in Pulseaudio versions older than 0.9.9,
  by which a local user can gain root access, if pulseaudio is installed
  as a setuid to root binary, which is the recommended configuration. The
  updated packages fix this issue.

  http://www.linuxsecurity.com/content/view/133752

* Mandriva: Updated icu packages fix vulnerabilities (Jan 25)
  -----------------------------------------------------------
  Will Drewry reported multiple flaws in how libicu processed certain
  malformed regular expressions.  If an application linked against
  libicu, such as OpenOffice.org, processed a carefully-crafted regular
  expression, it could potentially cause the execution of arbitrary code
  with the privileges of the user running the application. The updated
  packages have been patched to correct these issues.

  http://www.linuxsecurity.com/content/view/133750

* Mandriva: Updated kdebase package fixes a few bugs (Jan 25)
  -----------------------------------------------------------
  On kdebase as released in Mandriva Linux 2008.0, Khelpcenter could not
  build an index for the KDE applications manuals, because a required
  package, htdig, is not in the main repositories. Htdig is now added as
  suggested package. Also, the Add a network wizard did not show up when
  browsing the remote:/ kioslave in konqueror. And finally, the icon for
  Home in the pager applet would appear as a blank page and did not work
  (malformed URL). The updated package fixes these issues.

  http://www.linuxsecurity.com/content/view/133746

* Mandriva: Updated libxfont packages fix font handling (Jan 24)
  --------------------------------------------------------------
  A heap-based buffer overflow flaw was found in how the X.org server
  handled malformed font files that could allow a malicious local user to
  potentially execute arbitrary code with the privileges of the X.org
  server (CVE-2008-0006). The updated packages have been patched to
  correct this issue.

  http://www.linuxsecurity.com/content/view/133656

* Mandriva: Updated x11-server packages fix multiple (Jan 24)
  -----------------------------------------------------------
  An input validation flaw was found in the X.org server's XFree86-Misc
  extension that could allow a malicious authorized client to cause a
  denial of service (crash), or potentially execute arbitrary code with
  root privileges on the X.org server (CVE-2007-5760). A flaw was found
  in the X.org server's XC-SECURITY extension that could allow a local
  user to verify the existence of an arbitrary file, even in directories
  that are not normally accessible to that user (CVE-2007-5958).

  http://www.linuxsecurity.com/content/view/133655

* Mandriva: Updated xorg-x11 packages fix multiple (Jan 24)
  ---------------------------------------------------------
  Aaron Plattner discovered a buffer overflow in the Composite extension
  of the X.org X server, which if exploited could lead to local privilege
  escalation (CVE-2007-4730).

  http://www.linuxsecurity.com/content/view/133654

* Mandriva: Updated XFree86 packages fix multiple (Jan 24)
  --------------------------------------------------------
  A flaw was found in the XFree86 server's XC-SECURITY extension that
  could allow a local user to verify the existence of an arbitrary file,
  even in directories that are not normally accessible to that user
  (CVE-2007-5958).

  http://www.linuxsecurity.com/content/view/133653

* Mandriva: Updated x11-server-xgl packages fix multiple (Jan 24)
  ---------------------------------------------------------------
  An input validation flaw was found in the X.org server's XFree86-Misc
  extension that could allow a malicious authorized client to cause a
  denial of service (crash), or potentially execute arbitrary code with
  root privileges on the X.org server (CVE-2007-5760). A flaw was found
  in the X.org server's XC-SECURITY extension that could allow a local
  user to verify the existence of an arbitrary file, even in directories
  that are not normally accessible to that user (CVE-2007-5958).

  http://www.linuxsecurity.com/content/view/133652

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Mon Feb 04 2008 - 00:20:31 PST