[ISN] Linux Advisory Watch: May 23rd, 2008

From: InfoSec News (alerts@private)
Date: Mon May 26 2008 - 23:09:14 PDT


+------------------------------------------------------------------------+
| LinuxSecurity.com                                    Weekly Newsletter |
| May 23rd, 2008                                     Volume 9, Number 21 |
|                                                                        |
| Editorial Team:                Dave Wreski <dwreski@private> |
|                         Benjamin D. Thomas <bthomas@private> |
+------------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for xine-lib, speex, libfissound,
gnome-peercast, gnutls13, phpgedview, netpbm-free, php4, GnuTLS, ClamAV,
Mozilla, Perl, kernel, libid3tag, libvorbis, rdisktop, bind, mysql,
nss_ldap, compiz,  vsftpd, dovecot, settroubleshoot, libxslt, gnutls,
java, openssl-blacklist.  The distributors include Debian, Gentoo,
Mandriva, Red Hat, and Ubuntu.

---

>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

http://www.linuxsecurity.com/ads/adclick.php?bannerid=3D26

---

Review: The Book of Wireless
----------------------------
=93The Book of Wireless=94 by John Ross is an answer to the problem of
learning about wireless networking. With the wide spread use of Wireless
networks today anyone with a computer should at least know the basics of
wireless. Also, with the wireless networking, users need to know how to
protect themselves from wireless networking attacks.

http://www.linuxsecurity.com/content/view/136167

---

April 2008 Open Source Tool of the Month: sudo
----------------------------------------------
This month the editors at LinuxSecurity.com have chosen sudo as the Open
Source Tool of the Month!

http://www.linuxsecurity.com/content/view/135868

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

--------------------------------------------------------------------------

* EnGarde Secure Community 3.0.19 Now Available! (Apr 15)
  -------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.19 (Version 3.0, Release 19).  This release includes many
  updated packages and bug fixes and some feature enhancements to the
  EnGarde Secure Linux Installer and the SELinux policy.

  http://www.linuxsecurity.com/content/view/136174

--------------------------------------------------------------------------

* Debian: New xine-lib packages fix several vulnerabilities (May 22)
  ------------------------------------------------------------------
  Integer overflow vulnerabilities exist in xine's FLV, QuickTime,
  RealMedia, MVE and CAK demuxers, as well as the EBML parser used     by
  the Matroska demuxer.  These weaknesses allow an attacker to
  overflow heap buffers and potentially execute arbitrary code by
  supplying a maliciously crafted file of those types.

  http://www.linuxsecurity.com/content/view/137481

* Debian: New speex packages fix execution of arbitrary code (May 21)
  -------------------------------------------------------------------
  It was discovered that speex, The Speex codec command line tools, did
  not correctly did not correctly deal with negative offsets in a
  particular header field.  This could allow a malicious file to execute
  arbitrary code.

  http://www.linuxsecurity.com/content/view/137476

* Debian: New libfissound packages fix execution of arbitrary (May 21)
  --------------------------------------------------------------------
  It was discovered that libfishsound, a simple programming interface
  that wraps Xiph.Org audio codecs, didn't correctly handle negative
  values in a particular header field.=09This could allow malicious files
  to execute arbitrary code

  http://www.linuxsecurity.com/content/view/137475

* Debian: New gnome-peercast packages fix several vulnerabilities (May 20)
  ------------------------------------------------------------------------
  Luigi Auriemma discovered that PeerCast is vulnerable to a heap
  overflow in the HTTP server code, which allows remote attackers to
  cause a denial of service and possibly execute arbitrary code via a
  long SOURCE request.

  http://www.linuxsecurity.com/content/view/137247

* Debian: New peercast packages fix arbitrary code execution (May 20)
  -------------------------------------------------------------------
  Nico Golde discovered that PeerCast, a P2P audio and video streaming
  server, is vulnerable to a buffer overflow in the HTTP Basic
  Authentication code, allowing a remote attacker to crash PeerCast or
  execure arbitrary code.

  http://www.linuxsecurity.com/content/view/137246

* Debian: New gnutls13 packages fix potential code execution (May 20)
  -------------------------------------------------------------------
  A pre-authentication heap overflow involving oversized session
  resumption data may lead to arbitrary code execution (CVE-2008-1948).

  http://www.linuxsecurity.com/content/view/137244

* Debian: New phpgedview packages fix privilege escalation (May 20)
  -----------------------------------------------------------------
  It was discovered that phpGedView, an application to provide online
  access to genealogical data, allowed remote attackers to gain
  administrator privileges due to a programming error.

  http://www.linuxsecurity.com/content/view/137239

* Debian: New netpbm-free packages fix arbitrary code execution (May 18)
  ----------------------------------------------------------------------
  A vulnerability was discovered in the GIF reader implementation in
  netpbm-free, a suite of image manipulation utilities.  Insufficient
  input data validation could allow a maliciously-crafted GIF file to
  overrun a stack buffer, potentially permitting the execution of
  arbitrary code.

  http://www.linuxsecurity.com/content/view/137227

* Debian: New php4 packages fix several vulnerabilities (May 17)
  --------------------------------------------------------------
  Several vulnerabilities have been discovered in PHP version 4, a
  server-side, HTML-embedded scripting language. The Common
  Vulnerabilities and Exposures project identifies the following
  problems:

  http://www.linuxsecurity.com/content/view/137086

--------------------------------------------------------------------------

* Gentoo: GnuTLS Execution of arbitrary code (May 22)
  ---------------------------------------------------
  Multiple vulnerabilities might allow for the execution of arbitrary
  code in daemons using GnuTLS.

  http://www.linuxsecurity.com/content/view/137478

* Gentoo: GnuTLS Execution of arbitrary code (May 21)
  ---------------------------------------------------
  Multiple vulnerabilities might allow for the execution of arbitrary
  code in daemons using GnuTLS.

  http://www.linuxsecurity.com/content/view/137477

* Gentoo: ClamAV Multiple vulnerabilities (May 20)
  ------------------------------------------------
  Multiple vulnerabilities in ClamAV may result in the remote execution
  of arbitrary code.

  http://www.linuxsecurity.com/content/view/137250

* Gentoo: Mozilla products Multiple vulnerabilities (May 20)
  ----------------------------------------------------------
  Multiple vulnerabilities have been reported in Mozilla Firefox,
  Thunderbird, SeaMonkey and XULRunner, some of which may allow
  user-assisted execution of arbitrary code.

  http://www.linuxsecurity.com/content/view/137249

* Gentoo: Perl Execution of arbitrary code (May 20)
  -------------------------------------------------
  A double free vulnerability was discovered in
  Perl, possibly resulting in the execution of arbitrary code and a
  Denial of Service.

  http://www.linuxsecurity.com/content/view/137248

--------------------------------------------------------------------------

* Mandriva: Updated kernel packages fix vulnerabilities (May 21)
  --------------------------------------------------------------
  The CIFS filesystem in the Linux kernel before 2.6.22, when Unix
  extension support is enabled, does not honor the umask of a process,
  which allows local users to gain privileges. (CVE-2007-3740) The
  drm/i915 component in the Linux kernel before 2.6.22.2, when used with
  i965G and later chipsets, allows local users with access to an X11
  session and Direct Rendering Manager (DRM) to write to arbitrary memory
  locations and gain privileges via a crafted batchbuffer.
  (CVE-2007-3851)

  http://www.linuxsecurity.com/content/view/137462

* Mandriva: Updated kernel packages fix vulnerabilities (May 20)
  --------------------------------------------------------------
  A race condition in the directory notification subsystem (dnotify) in
  Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows
  local users to cause a denial of service (OOPS) and possibly gain
  privileges via unspecified vectors. (CVE-2008-1375) The Linux kernel
  before 2.6.25.2 does not apply a certain protection mechanism for fcntl
  functionality, which allows local users to (1) execute code in parallel
  or (2) exploit a race condition to obtain re-ordered access to the
  descriptor table. (CVE-2008-1669) Additionaly, the updated kernel for
  Mandriva Linux 2008.0 has bug fixes for sound on NEC S970 systems, an
  oops in module rt73, and the -devel package fixes DKMS builds. To
  update your kernel, please follow the directions located at:
  http://www.mandriva.com/en/security/kernelupdate

  http://www.linuxsecurity.com/content/view/137251

* Mandriva: Updated libid3tag packages fix denial of service (May 19)
  -------------------------------------------------------------------
  field.c in the libid3tag 0.15.0b library allows context-dependent
  attackers to cause a denial of service (CPU and memory consumption) via
  an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an
  infinite loop. The updated packages have been patched to correct this.

  http://www.linuxsecurity.com/content/view/137233

* Mandriva: Updated libvorbis packages fix vulnerabilities (May 16)
  -----------------------------------------------------------------
  Will Drewry of the Google Security Team reported several
  vulnerabilities in how libvorbis processed audio data.  An attacker
  could create a carefuly crafted OGG audio file in such a way that it
  would cause an application linked to libvorbis to crash or possibly
  execute arbitray code when opened (CVE-2008-1419, CVE-2008-1420,
  CVE-2008-1423).

  http://www.linuxsecurity.com/content/view/137085

* Mandriva: Updated rdesktop packages fix vulnerabilities (May 16)
  ----------------------------------------------------------------
  Several vulnerabilities were discovered in rdesktop, a Remote Desktop
  Protocol client. An integer underflow vulnerability allowed attackers
  to cause a denial of service (crash) and possibly execute arbitrary
  code with the privileges of the logged-in user (CVE-2008-1801).

  http://www.linuxsecurity.com/content/view/137084

--------------------------------------------------------------------------

* RedHat: Moderate: bind security, bug fix, (May 21)
  --------------------------------------------------
  Updated bind packages that fix two security issues, several bugs, and
  add enhancements are now available for Red Hat Enterprise Linux 5. This
  update has been rated as having moderate security impact by the Red Hat
  Security Response Team.

  http://www.linuxsecurity.com/content/view/137469

* RedHat: Low: mysql security and bug fix update (May 21)
  -------------------------------------------------------
  Updated mysql packages that fix various security issues and several
  bugs are now available for Red Hat Enterprise Linux 5. This update has
  been rated as having low security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/137470

* RedHat: Low: nss_ldap security and bug fix update (May 21)
  ----------------------------------------------------------
  An updated nss_ldap package that fixes a security issue and several
  bugs is now available. This update has been rated as having low
  security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/137471

* RedHat: Low: compiz security update (May 21)
  --------------------------------------------
  Updated compiz packages that prevent Compiz from breaking screen saver
  grabs are now available for Red Hat Enterprise Linux 5. This update has
  been rated as having low security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/137472

* RedHat: Low: vsftpd security and bug fix update (May 21)
  --------------------------------------------------------
  An updated vsftpd package that fixes a security issue and several bugs
  is now available for Red Hat Enterprise Linux 5. A memory leak was
  discovered in the vsftpd daemon. An attacker who is able to connect to
  an FTP service, either as an authenticated or anonymous user, could
  cause vsftpd to allocate all available memory if the "deny_file" option
  was enabled in vsftpd.conf. (CVE-2007-5962)

  http://www.linuxsecurity.com/content/view/137467

* RedHat: Low: dovecot security and bug fix update (May 21)
  ---------------------------------------------------------
  An updated dovecot package that fixes several security issues and
  various bugs is now available for Red Hat Enterprise Linux 5. This
  update has been rated as having low security impact by the Red Hat
  Security Response Team.

  http://www.linuxsecurity.com/content/view/137468

* RedHat: Moderate: setroubleshoot security and bug fix (May 21)
  --------------------------------------------------------------
  Updated setroubleshoot packages that fix two security issues and
  several bugs are now available for Red Hat Enterprise Linux 5. The
  setroubleshoot packages provide tools to help diagnose SELinux
  problems. When AVC messages occur, an alert is generated that gives
  information about the problem, and how to create a resolution.

  http://www.linuxsecurity.com/content/view/137466

* RedHat: Important: libxslt security update (May 21)
  ---------------------------------------------------
  Updated libxslt packages that fix a security issue are now available.
  This update has been rated as having important security impact by the
  Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/137252

* RedHat: Critical: gnutls security update (May 20)
  -------------------------------------------------
  Updated gnutls packages that fix several security issues are now
  available for Red Hat Enterprise Linux 5.  Flaws were found in the way
  GnuTLS handles malicious client connections. A malicious remote client
  could send a specially crafted request to a service using GnuTLS that
  could cause the service to crash. (CVE-2008-1948, CVE-2008-1949,
  CVE-2008-1950)

  http://www.linuxsecurity.com/content/view/137241

* RedHat: Important: gnutls security update (May 20)
  --------------------------------------------------
  Updated gnutls packages that fix several security issues are now
  available for Red Hat Enterprise Linux 4. Flaws were found in the way
  GnuTLS handles malicious client connections. A malicious remote client
  could send a specially crafted request to a service using GnuTLS that
  could cause the service to crash. (CVE-2008-1948, CVE-2008-1949,
  CVE-2008-1950)

  http://www.linuxsecurity.com/content/view/137242

* RedHat: Important: kernel security and bug fix update (May 20)
  --------------------------------------------------------------
  Updated kernel packages that fix various security issues and several
  bugs are now available for Red Hat Enterprise Linux 5. This update has
  been rated as having important security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/137238

* RedHat: Critical: java-1.6.0-ibm security update (May 19)
  ---------------------------------------------------------
  Updated java-1.6.0-ibm packages that fix several security issues are
  now available for Red Hat Enterprise Linux 5 Supplementary. A flaw was
  found in the Java XSLT processing classes. An untrusted application or
  applet could cause a denial of service, or execute arbitrary code with
  the permissions of the user running the JRE. (CVE-2008-1187)

  http://www.linuxsecurity.com/content/view/137231

--------------------------------------------------------------------------

* Ubuntu:  openssl-blacklist update (May 21)
  ------------------------------------------
  USN-612-3 addressed a weakness in OpenSSL certificate and key
  generation in OpenVPN by introducing openssl-blacklist to aid in
  detecting vulnerable private keys. This update enhances the
  openssl-vulnkey tool to check X.509 certificates as well, and provides
  the corresponding update for Ubuntu 6.06. While the OpenSSL in Ubuntu
  6.06 was not vulnerable, openssl-blacklist is now provided for Ubuntu
  6.06 for checking certificates and keys that may have been imported on
  these systems.

  http://www.linuxsecurity.com/content/view/137474

* Ubuntu:  GnuTLS vulnerabilities (May 21)
  ----------------------------------------
  Multiple flaws were discovered in the connection handling of GnuTLS. A
  remote attacker could exploit this to crash applications linked against
  GnuTLS, or possibly execute arbitrary code with permissions of the
  application's user.

  http://www.linuxsecurity.com/content/view/137464

* Ubuntu:  OpenSSH update (May 20)
  --------------------------------
  USN-612-2 introduced protections for OpenSSH, related to the OpenSSL
  vulnerabilities addressed by USN-612-1.  This update provides the
  corresponding updates for OpenSSH in Ubuntu 6.06 LTS.  While the
  OpenSSL in Ubuntu 6.06 is not vulnerable, this update will block weak
  keys generated on systems that may have been affected themselves.
  Original advisory details:

  http://www.linuxsecurity.com/content/view/137240

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Mon May 26 2008 - 23:16:30 PDT