[ISN] Linux Advisory Watch: February 8th, 2008

From: InfoSec News (alerts@private)
Date: Sat Feb 09 2008 - 03:22:46 PST


+------------------------------------------------------------------------+
| LinuxSecurity.com                                    Weekly Newsletter |
| February 8th, 2008                                  Volume 9, Number 6 |
|                                                                        |
| Editorial Team:                Dave Wreski <dwreski@private> |
|                         Benjamin D. Thomas <bthomas@private> |
+------------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for squid, poppler, gnatsweb, tk,
dovecot, rb_libtorrent, libcdio, emacs, ruby, boost, pcre, apache,
kernel, and pulseaudio.  The distributors include Debian, Fedora,
Mandriva, Ubuntu.

---

15-Month NSA Certified Masters in Info Assurance

Now you can earn your Master of Science in Information Assurance (MSIA) in
15 months. Norwich University has recently launched a 30-credit, 15-month
program, alongside the standard 36-credit, 18-month program. To find out
if you are eligible for the 15-month MSIA program, please visit:

http://www.msia.norwich.edu/linsec

---

>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

OS Tool of February: Nmap!
--------------------------
This February, the team at Linuxsecurity.com has chosen NMAP as the OS
Security Tool of the Month!

In January, we chose GnuPG in part because it had just celebrated its
10th anniversary. Well, it wasn't alone. As of this past December Nmap
("Network Mapper"), the free and open source utility for network
exploration and auditing, celebrated its 10th Anniversary as well!  And
because of its popularity, chances are very good that you've already used
NMAP for quite some time.  Even if you have, it's always good to take a
look at how it all got started and what it's all about...

http://www.linuxsecurity.com/content/view/133931

---

HowTo: Secure your Ubuntu Apache Web Server
-------------------------------------------
Setting up a web server with Apache on a Linux distribution is a very
quick process, however to make it a secure setup takes some work. This
article will show you how to make your Apache web server more secure from
an attack by effectively using Access control and authentication
strategies.

http://www.linuxsecurity.com/content/view/133913

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

--------------------------------------------------------------------------

* EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
  -------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.18 (Version 3.0, Release 18). This release includes the
  brand new Health Center, new packages for FWKNP and PSAD, updated
  packages and bug fixes, some feature enhancements to Guardian Digital
  WebTool and the SELinux policy, as well as other new features.

  In distribution since 2001, EnGarde Secure Community was one of the
  very first security platforms developed entirely from open source, and
  has been engineered from the ground-up to provide users and
  organizations with complete, secure Web functionality, DNS, database
  and e-mail security, integrated intrusion detection and SELinux
  policies and more.

  http://www.linuxsecurity.com/content/view/131851

--------------------------------------------------------------------------

* Debian: New squid packages fix denial of service (Feb 5)
  --------------------------------------------------------
  It was discovered that malformed cache update replies against the Squid
  WWW proxy cache could lead to the exhaustion of system memory,
  resulting in potential denial of service.

  http://www.linuxsecurity.com/content/view/134027

* Debian: New poppler packages fix several vulnerabilities (Feb 5)
  ----------------------------------------------------------------
  Alin Rad Pop discovered several buffer overflows in the Poppler PDF
  library, which could allow the execution of arbitrary code if a
  malformed PDF file is opened.

  http://www.linuxsecurity.com/content/view/134023

* Debian: New gnatsweb packages fix cross-site scripting (Feb 5)
  --------------------------------------------------------------
  "r0t" discovered that gnatsweb, a web interface to GNU GNATS, did not
  correctly sanitize the database parameter in the main CGI script.  This
  could allow the injection of arbitrary HTML, or javascript code.

  http://www.linuxsecurity.com/content/view/134022

--------------------------------------------------------------------------

* Fedora 7 Update: tk-8.4.13-7.fc7 (Feb 7)
  ----------------------------------------
  Fixed security issue - buffer overflow in gif parsing.

  http://www.linuxsecurity.com/content/view/134096

* Fedora 8 Update: dovecot 1.0.10-4.fc8 (Feb 7)
  ---------------------------------------------
  New upstream release, fixing a very minor security issue.

  http://www.linuxsecurity.com/content/view/134058

* Fedora 8 Update: rb_libtorrent-0.12-3.fc8 (Feb 1)
  -------------------------------------------------
  A potential remote exploit was found in the  bdecode_recursive routine
  that could trigger a stack  overflow when passed malformed message
  data.     This release adds a fix for this issue from the upstream
  subversion repository that limits the maximum recursive  depth of this
  function.

  http://www.linuxsecurity.com/content/view/133934

--------------------------------------------------------------------------

* Mandriva: Updated libcdio packages fix DoS vulnerability (Feb 5)
  ----------------------------------------------------------------
  Multiple vulnerabilities were discovered in the image decoders of
  ImageMagick.	If a user or automated system were tricked into
  processing malicious DCM, DIB, XBM, XCF, or XWD images, a remote
  attacker could execute arbitrary code with user privileges. The updated
  packages have been patched to correct these issues.

  http://www.linuxsecurity.com/content/view/134025

* Mandriva: Updated emacs packages fix vulnerabilities (Feb 5)
  ------------------------------------------------------------
  The hack-local-variable function in Emacs 22 prior to version 22.2,
  when enable-local-variables is set to ':safe', did not properly search
  lists of unsafe or risky variables, which could allow user-assisted
  attackers to bypass intended restrictions and modify critical program
  variables via a file containing a Local variables declaration.

  http://www.linuxsecurity.com/content/view/134018

* Mandriva: Updated ruby-gnome2 packages fix arbitrary code (Feb 1)
  -----------------------------------------------------------------
  A format string vulnerability in Ruby-GNOME 2 0.16.0, and SVN versions
  before 20071127, allows context-dependent attackers to execute
  arbitrary code via format string specifiers in the message parameter.
  The updated packages have been patched to prevent this issue.

  http://www.linuxsecurity.com/content/view/133962

* Mandriva: Updated boost packages fix DoS vulnerabilities (Feb 1)
  ----------------------------------------------------------------
  Tavis Ormandy and Will Drewry found that the bost library did not
  properly perform input validation on regular expressions.  An attacker
  could exploit this by sening a specially crafted regular expression to
  an application linked against boost and cause a denial of service via
  an application crash. The updated packages have been patched to correct
  this issue.

  http://www.linuxsecurity.com/content/view/133932

* Mandriva: Subject: [Security Announce] [ MDVSA-2008:031 ] - (Feb 1)
  -------------------------------------------------------------------
  A vulnerability was found in xdg-open and xdg-email commands, which
  allows remote attackers to execute arbitrary commands if the user is
  tricked into trying to open a maliciously crafted URL. The updated
  packages have been patched to prevent the issue.

  http://www.linuxsecurity.com/content/view/133928

* Mandriva: Updated pcre packages fix vulnerability (Jan 31)
  ----------------------------------------------------------
  Multiple vulnerabilities were discovered by Tavis Ormandy and Will
  Drewry in the way that pcre handled certain malformed regular
  expressions.	If an application linked against pcre, such as Konqueror,
  parses a malicious regular expression, it could lead to the execution
  of arbitrary code as the user running the application. Updated packages
  have been patched to prevent this issue.

  http://www.linuxsecurity.com/content/view/133927

* Mandriva: Updated ruby packages fix possible (Jan 31)
  -----------------------------------------------------
  Ruby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet,
  Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a
  possible man-in-the-middle attack, when using SSL, due to a missing
  check of the CN (common name) attribute in SSL certificates against the
  server's hostname. The updated packages have been patched to prevent
  the issue.

  http://www.linuxsecurity.com/content/view/133923

--------------------------------------------------------------------------

* Ubuntu:  Apache vulnerabilities (Feb 4)
  ---------------------------------------
  It was discovered that Apache did not sanitize the Expect header from
  an HTTP request when it is reflected back in an error message, which
  could result in browsers becoming vulnerable to cross-site scripting
  attacks when processing the output. With cross-site scripting
  vulnerabilities, if a user were tricked into viewing server output
  during a crafted server request, a remote attacker could exploit this
  to modify the contents, or steal confidential data (such as passwords),
  within the same domain. This was only vulnerable in Ubuntu 6.06.
  (CVE-2006-3918)

  http://www.linuxsecurity.com/content/view/134017

* Ubuntu:  Linux kernel vulnerabilities (Feb 4)
  ---------------------------------------------
  The minix filesystem did not properly validate certain filesystem
  values. If a local attacker could trick the system into attempting to
  mount a corrupted minix filesystem, the kernel could be made to hang
  for long periods of time, resulting in a denial of service. This was
  only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2006-6058)

  http://www.linuxsecurity.com/content/view/134016

* Ubuntu:  PulseAudio vulnerability (Jan 31)
  ------------------------------------------
  It was discovered that PulseAudio did not properly drop privileges when
  running as a daemon. Local users may be able to exploit this and gain
  privileges. The default Ubuntu configuration is not affected.

  http://www.linuxsecurity.com/content/view/133926

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Sat Feb 09 2008 - 03:28:41 PST