[ISN] Linux Advisory Watch - February 27th 2009

From: InfoSec News <alerts_at_private>
Date: Mon, 2 Mar 2009 01:07:28 -0600 (CST)
+----------------------------------------------------------------------+
| LinuxSecurity.com                                  Weekly Newsletter |
| February 27th, 2009                              Volume 10, Number 9 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski_at_private> |
|                       Benjamin D. Thomas <bthomas_at_private> |
+----------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for proftpd, python-crypto, mingw,
libpng, optipng, perl-crypt-openssl, trickle, emacs, ktorrent,
valgrind, net-snmp, epiphany, magios, php-smarty, vim, pycrypto, php,
libzip, dia, firefox,kernel, gnumeric, samba, cups, imap, git, libpng,
and flash-player.  The distributors include Debian, Fedora, Gentoo,
Mandriva, Red Hat, Slackware, and Pardus.

---

>> Linux+DVD Magazine <<

In each issue you can find information concerning the best use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

Catch up with what professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software are doing!

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

Review: Googling Security: How Much Does Google Know About You
--------------------------------------------------------------
If I ask "How much do you know about Google?" You may not take even a
second to respond.  But if I may ask "How much does Google know about
you"? You may instantly reply "Wait... what!? Do they!?"  The book
"Googling Security: How Much Does Google Know About You" by Greg Conti
(Computer Science Professor at West Point) is the first book to reveal
how Google's vast information stockpiles could be used against you or
your business and what you can do to protect yourself.

http://www.linuxsecurity.com/content/view/145939

---

A Secure Nagios Server
----------------------
Nagios is a monitoring software designed to let you know about problems
on your hosts and networks quickly. You can configure it to be used on
any network. Setting up a Nagios server on any Linux distribution is a
very quick process however to make it a secure setup it takes some
work. This article will not show you how to install Nagios since there
are tons of them out there but it will show you in detail ways to
improve your Nagios security.

http://www.linuxsecurity.com/content/view/144088

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

------------------------------------------------------------------------

* EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
  ------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.22 (Version 3.0, Release 22).  This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.

  http://www.linuxsecurity.com/content/view/145668

------------------------------------------------------------------------

* Debian: New proftpd-dfsg packages fix SQL injection vulnerabilites (Feb 26)
  ---------------------------------------------------------------------------
  Two SQL injection vulnerabilities have been found in proftpd, a
  virtual-hosting FTP daemon.

  http://www.linuxsecurity.com/content/view/148072

* Debian: New python-crypto packages fix denial of service (Feb 25)
  -----------------------------------------------------------------
  Mike Wiacek discovered that a buffer overflow in the ARC2
  implementation of Python Crypto, a collection of cryptographic
  algorithms and protocols for Python allows denial of service and
  potentially the execution of arbitrary code.

  http://www.linuxsecurity.com/content/view/148067

------------------------------------------------------------------------

* Fedora 10 Update: mingw32-libpng-1.2.35-1.fc10 (Feb 26)
  -------------------------------------------------------
  Update to libpng 1.2.35, to fix CVE-2009-0040.

  http://www.linuxsecurity.com/content/view/148079

* Fedora 10 Update: mldonkey-2.9.7-3.fc10 (Feb 26)
  ------------------------------------------------
  Fix remote arbitrary file disclosure via a GET request with more than
  one leading / (slash) character in the filename. Ver. 2.9.7

  http://www.linuxsecurity.com/content/view/148077

* Fedora 9 Update: libpng-1.2.35-1.fc9 (Feb 26)
  ---------------------------------------------
  Fixes CVE-2009-0040

  http://www.linuxsecurity.com/content/view/148078

* Fedora 9 Update: mldonkey-2.9.7-3.fc9 (Feb 26)
  ----------------------------------------------
  Fix remote arbitrary file disclosure via a GET request with more than
  one leading / (slash) character in the filename.

  http://www.linuxsecurity.com/content/view/148075

* Fedora 10 Update: libpng-1.2.35-1.fc10 (Feb 26)
  -----------------------------------------------
  Fixes CVE-2009-0040

  http://www.linuxsecurity.com/content/view/148076

* Fedora 9 Update: optipng-0.6.2.1-1.fc9 (Feb 26)
  -----------------------------------------------
  This update fixes an array overflow vulnerability.

  http://www.linuxsecurity.com/content/view/148073

* Fedora 10 Update: optipng-0.6.2.1-1.fc10 (Feb 26)
  -------------------------------------------------
  This update fixes an array overflow vulnerability.

  http://www.linuxsecurity.com/content/view/148074

* Fedora 10 Update: perl-Crypt-OpenSSL-DSA-0.13-12.fc10 (Feb 25)
  --------------------------------------------------------------
  Fixes CVE-2009-0129: The Crypto::OpenSSL::DSA module now croaks upon
  error rather than returning a -1 to ensure programmers are not caught
  by surprise which only checking for non-zero results.

  http://www.linuxsecurity.com/content/view/148065

* Fedora 10 Update: trickle-1.07-7.fc10 (Feb 24)
  ----------------------------------------------
  New patch for CVE-2009-0415 Fix for #484065 - CVE-2009-0415 trickle:
  Possibility to load arbitrary code from current working directory

  http://www.linuxsecurity.com/content/view/148060

* Fedora 10 Update: gstreamer-plugins-good-0.10.13-1.fc10 (Feb 24)
  ----------------------------------------------------------------
  Update to 0.10.13

  http://www.linuxsecurity.com/content/view/148058

* Fedora 9 Update: trickle-1.07-7.fc9 (Feb 24)
  --------------------------------------------
  New patch for CVE-2009-0415 Fix for #484065 - CVE-2009-0415 trickle:
  Possibility to load arbitrary code from current working directory

  http://www.linuxsecurity.com/content/view/148057

* Fedora 9 Update: gstreamer-plugins-good-0.10.8-10.fc9 (Feb 24)
  --------------------------------------------------------------
  Patch for overflows in the QT demuxer (#481267)

  http://www.linuxsecurity.com/content/view/148056

* Fedora 9 Update: perl-Crypt-OpenSSL-DSA-0.13-9.fc9 (Feb 19)
  -----------------------------------------------------------
  Fixes CVE-2009-0129: The Crypto::OpenSSL::DSA module now croaks upon
  error rather than returning a -1 to ensure programmers are not caught
  by surprise which only checking for non-zero results.

  http://www.linuxsecurity.com/content/view/148027

------------------------------------------------------------------------

* Gentoo: GNU Emacs, XEmacs Multiple vulnerabilities (Feb 23)
  -----------------------------------------------------------
  Two vulnerabilities were found in GNU Emacs, possibly leading to
  user-assisted execution of arbitrary code. One also affects
  edit-utils in XEmacs.

  http://www.linuxsecurity.com/content/view/148050

* Gentoo: KTorrent Multiple vulnerabilitites (Feb 23)
  ---------------------------------------------------
  Two vulnerabilities in the web interface plugin in KTorrent allow for
  remote execution of code and arbitrary torrent uploads.

  http://www.linuxsecurity.com/content/view/148049

------------------------------------------------------------------------

* Mandriva: [ MDVSA-2009:057 ] valgrind (Feb 26)
  ----------------------------------------------
  A vulnerability has been identified and corrected in valgrind:
  Untrusted search path vulnerability in valgrind before 3.4.0 allows
  local users to execute arbitrary programs via a Trojan horse
  .valgrindrc file in the current working directory, as demonstrated
  using a malicious --db-command options. NOTE: the severity of this
  issue has been disputed, but CVE is including this issue because
  execution of a program from an untrusted directory is a common
  scenario. (CVE-2008-4865) The updated packages have been patched to
  prevent this.

  http://www.linuxsecurity.com/content/view/148080

* Mandriva: [ MDVSA-2009:056 ] net-snmp (Feb 25)
  ----------------------------------------------
  A vulnerability has been identified and corrected in net-snmp: The
  netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp
  5.0.9 through 5.4.2, when using TCP wrappers for client
  authorization, does not properly parse hosts.allow rules, which
  allows remote attackers to bypass intended access restrictions and
  execute SNMP queries, related to source/destination IP address
  confusion. (CVE-2008-6123)

  http://www.linuxsecurity.com/content/view/148071

* Mandriva: [ MDVSA-2009:048-2 ] epiphany (Feb 25)
  ------------------------------------------------
  Python has a variable called sys.path that contains all paths where
  Python loads modules by using import scripting procedure. A wrong
  handling of that variable enables local attackers to execute
  arbitrary code via Python scripting in the current Epiphany working
  directory (CVE-2008-5985).

  http://www.linuxsecurity.com/content/view/148068

* Mandriva: [ MDVSA-2009:055 ] audacity (Feb 25)
  ----------------------------------------------
  A vulnerability has been identified and corrected in audacity:
  Stack-based buffer overflow in the String_parse::get_nonspace_quoted
  function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other
  versions before 1.3.6 allows remote attackers to cause a denial of
  service (crash) and possibly execute arbitrary code via a .gro file
  containing a long string (CVE-2009-0490). The updated packages have
  been patched to prevent this.

  http://www.linuxsecurity.com/content/view/148066

* Mandriva: [ MDVA-2009:030 ] wxGTK2.5 (Feb 25)
  ---------------------------------------------
  A required development package was missing when trying to build
  audacity updates. New wxGTK2.5 packages has been built to correct
  this.

  http://www.linuxsecurity.com/content/view/148064

* Mandriva: [ MDVA-2009:029 ] nagios-plugins (Feb 24)
  ---------------------------------------------------
  This update provides the latest bugfixes in the nagios-plugins suite.

  http://www.linuxsecurity.com/content/view/148062

* Mandriva: [ MDVSA-2009:054 ] nagios (Feb 24)
  --------------------------------------------
  A vulnerability has been identified and corrected in nagios:
  Cross-site scripting (XSS) vulnerability in Nagios allows remote
  attackers to inject arbitrary web script or HTML via unknown vectors,
  a different vulnerability than CVE-2007-5624 and CVE-2008-1360
  (CVE-2007-5803).

  http://www.linuxsecurity.com/content/view/148061

* Mandriva: [ MDVSA-2009:053 ] squirrelmail (Feb 24)
  --------------------------------------------------
  A vulnerability has been identified and corrected in squirrelmail:
  Squirrelmail 1.4.15 does not set the secure flag for the session
  cookie in an https session, which can cause the cookie to be sent in
  http requests and make it easier for remote attackers to capture this
  cookie (CVE-2008-3663).

  http://www.linuxsecurity.com/content/view/148059

* Mandriva: [ MDVSA-2009:052 ] php-smarty (Feb 24)
  ------------------------------------------------
  A vulnerability has been identified and corrected in php-smarty: The
  _expand_quoted_text function in libs/Smarty_Compiler.class.php in
  Smarty 2.6.20 before r2797 allows remote attackers to execute
  arbitrary PHP code via vectors related to templates and (1) a
  dollar-sign character, aka php executed in templates

  http://www.linuxsecurity.com/content/view/148055

* Mandriva: [ MDVSA-2009:047-1 ] vim (Feb 24)
  -------------------------------------------
  Python has a variable called sys.path that contains all paths where
  Python loads modules by using import scripting procedure. A wrong
  handling of that variable enables local attackers to execute
  arbitrary code via Python scripting in the current Vim working
  directory (CVE-2009-0316). This update provides fix for that
  vulnerability.

  http://www.linuxsecurity.com/content/view/148054

* Mandriva: [ MDVSA-2009:047-1 ] vim (Feb 24)
  -------------------------------------------
  Python has a variable called sys.path that contains all paths where
  Python loads modules by using import scripting procedure. A wrong
  handling of that variable enables local attackers to execute
  arbitrary code via Python scripting in the current Vim working
  directory (CVE-2009-0316). This update provides fix for that
  vulnerability.

  http://www.linuxsecurity.com/content/view/148053

* Mandriva: [ MDVSA-2009:048-1 ] epiphany (Feb 24)
  ------------------------------------------------
  Python has a variable called sys.path that contains all paths where
  Python loads modules by using import scripting procedure. A wrong
  handling of that variable enables local attackers to execute
  arbitrary code via Python scripting in the current Epiphany working
  directory (CVE-2008-5985). This update provides fix for that
  vulnerability.

  http://www.linuxsecurity.com/content/view/148052

* Mandriva: [ MDVSA-2009:049-1 ] pycrypto (Feb 23)
  ------------------------------------------------
  A vulnerability have been discovered and corrected in PyCrypto ARC2
  module 2.0.1, which allows remote attackers to cause a denial of
  service and possibly execute arbitrary code via a large ARC2 key
  length (CVE-2009-0544).

  http://www.linuxsecurity.com/content/view/148051

* Mandriva: [ MDVSA-2009:051 ] libpng (Feb 23)
  --------------------------------------------
  A number of vulnerabilities have been found and corrected in libpng:
  Fixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was
  allready fixed in Mandriva Linux 2009.0. Fix the function
  png_check_keyword() that allowed setting arbitrary bytes in the
  process memory to 0 (CVE-2008-5907). Fix a potential DoS (Denial of
  Service) or to potentially compromise an application using the
  library (CVE-2009-0040). The updated packages have been patched to
  prevent this.

  http://www.linuxsecurity.com/content/view/148048

* Mandriva: [ MDVSA-2009:050-1 ] python-pycrypto (Feb 23)
  -------------------------------------------------------
  A vulnerability have been discovered and corrected in PyCrypto ARC2
  module 2.0.1, which allows remote attackers to cause a denial of
  service and possibly execute arbitrary code via a large ARC2 key
  length (CVE-2009-0544)

  http://www.linuxsecurity.com/content/view/148047

* Mandriva: [ MDVSA-2009:050 ] python-pycrypto (Feb 20)
  -----------------------------------------------------
  A vulnerability have been discovered and corrected in PyCrypto ARC2
  module 2.0.1, which allows remote attackers to cause a denial of
  service and possibly execute arbitrary code via a large ARC2 key
  length (CVE-2009-0544). The updated packages have been patched to
  prevent this.

  http://www.linuxsecurity.com/content/view/148042

* Mandriva: [ MDVSA-2009:049 ] pycrypto (Feb 20)
  ----------------------------------------------
  A vulnerability have been discovered and corrected in PyCrypto ARC2
  module 2.0.1, which allows remote attackers to cause a denial of
  service and possibly execute arbitrary code via a large ARC2 key
  length (CVE-2009-0544). The updated packages have been patched to
  prevent this.

  http://www.linuxsecurity.com/content/view/148041

* Mandriva: [ MDVSA-2009:048 ] epiphany (Feb 20)
  ----------------------------------------------
  Python has a variable called sys.path that contains all paths where
  Python loads modules by using import scripting procedure. A wrong
  handling of that variable enables local attackers to execute
  arbitrary code via Python scripting in the current Epiphany working
  directory (CVE-2008-5985). This update provides fix for that
  vulnerability.

  http://www.linuxsecurity.com/content/view/148040

* Mandriva:  MDVSA-2009:047 ] vim (Feb 20)
  ----------------------------------------
  Python has a variable called sys.path that contains all paths where
  Python loads modules by using import scripting procedure. A wrong
  handling of that variable enables local attackers to execute
  arbitrary code via Python scripting in the current Vim working
  directory (CVE-2009-0316). This update provides fix for that
  vulnerability.

  http://www.linuxsecurity.com/content/view/148039

* Mandriva: [ MDVSA-2009:045 ] php (Feb 20)
  -----------------------------------------
  A number of vulnerabilities have been found and corrected in PHP.

  http://www.linuxsecurity.com/content/view/148038

* Mandriva: [ MDVA-2009:028 ] libzip (Feb 20)
  -------------------------------------------
  Some problems were discovered and corrected with php-zip in CS4: PHP
  complains about a missing zip_add_dir symbol that is present in
  libzip-0.8+. New packages has been built to correct this problem.

  http://www.linuxsecurity.com/content/view/148037

* Mandriva: [ MDVSA-2009:046 ] dia (Feb 20)
  -----------------------------------------
  Python has a variable called sys.path that contains all paths where
  Python loads modules by using import scripting procedure. A wrong
  handling of that variable enables local attackers to execute
  arbitrary code via Python scripting in the current dia working
  directory (CVE-2008-5984). This update provides fix for that
  vulnerability.

  http://www.linuxsecurity.com/content/view/148036

* Mandriva:[ MDVSA-2009:044 ] firefox (Feb 20)
  --------------------------------------------
  Security vulnerabilities have been discovered and corrected in the
  latest Mozilla Firefox 3.x, version 3.0.5 (CVE-2009-0352,
  CVE-2009-0353, CVE-2009-0354, CVE-2009-0355, CVE-2009-0356,
  CVE-2009-0357, CVE-2009-0358). This update provides the latest
  Mozilla Firefox 3.x to correct these issues. As Mozilla Firefox 2.x
  has been phased out, version 3.x is also being provided for Mandriva
  Linux 2008 Spring.

  http://www.linuxsecurity.com/content/view/148034

* Mandriva: [ MDVA-2009:027 ] kernel (Feb 20)
  -------------------------------------------
  Some problems were discovered and corrected in the Linux 2.6 kernel:
  Support was added for Intel 82567LM-3/82567LF-3/82567LM-4 network
  adapters, a bug in sunrpc causing oops when restarting nfsd was
  fixed, a bug in Walkman devices was workarounded, the sound drivers
  got some fixes, and a few more things were fixed. Check the package
  changelog for details. To update your kernel, please follow the
  directions located at:
  http://www.mandriva.com/en/security/kernelupdate

  http://www.linuxsecurity.com/content/view/148033

* Mandriva: [ MDVSA-2009:043 ] gnumeric (Feb 19)
  ----------------------------------------------
  Python has a variable called sys.path that contains all paths where
  Python loads modules by using import scripting procedure. A wrong
  handling of that variable enables local attackers to execute
  arbitrary code via Python scripting in the current Gnumeric working
  directory (CVE-2009-0318). This update provides fix for that
  vulnerability.

  http://www.linuxsecurity.com/content/view/148032

* Mandriva: [ MDVA-2009:026-1 ] samba (Feb 19)
  --------------------------------------------
  This update fixes two minor issues with samba. Package does not
  install from update because of missing dependency (#47979). Fix
  dependencies because /usr/include/tdb.h was moved from
  libsmbclient0-devel to libtdb-devel and this led to a file conflict
  and prevented a smooth upgrade. This update fixes both issues.

  http://www.linuxsecurity.com/content/view/148029

* Mandriva: [ MDVA-2009:026-1 ] samba (Feb 19)
  --------------------------------------------
  This update fixes two minor issues with samba. Package does not
  install from update because of missing dependency (#47979). Fix
  dependencies because /usr/include/tdb.h was moved from
  libsmbclient0-devel to libtdb-devel and this led to a file conflict
  and prevented a smooth upgrade. This update fixes both issues.

  http://www.linuxsecurity.com/content/view/148028

* Mandriva: [ MDVA-2009:026 ] samba (Feb 19)
  ------------------------------------------
  This update fixes two minor issues with samba. Package does not
  install from update because of missing dependency (#47979). Fix
  dependencies because /usr/include/tdb.h was moved from
  libsmbclient0-devel to libtdb-devel and this led to a file conflict
  and prevented a smooth upgrade. This update fixes both issues.

  http://www.linuxsecurity.com/content/view/148026

------------------------------------------------------------------------

* RedHat: Critical: flash-plugin security update (Feb 25)
  -------------------------------------------------------
  An updated Adobe Flash Player package that fixes several security
  issues is now available for Red Hat Enterprise Linux 5 Supplementary.
  This update has been rated as having critical security impact by the
  Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/148069

* RedHat: Critical: flash-plugin security update (Feb 25)
  -------------------------------------------------------
  An updated Adobe Flash Player package that fixes several security
  issues is now available for Red Hat Enterprise Linux 3 and 4 Extras.
  This update has been rated as having critical security impact by the
  Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/148070

* RedHat: Important: kernel security update (Feb 24)
  --------------------------------------------------
  Updated kernel packages that resolve several security issues are now
  available for Red Hat Enterprise Linux 5.2 Extended Update Support.
  This update has been rated as having important security impact by the
  Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/148063

* RedHat: Moderate: imap security update (Feb 19)
  -----------------------------------------------
  Updated imap packages to fix a security issue are now available for
  Red Hat Enterprise Linux 3. This update has been rated as having
  moderate security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/148030

* RedHat: Important: cups security update (Feb 19)
  ------------------------------------------------
  Updated cups packages that fix a security issue are now available for
  Red Hat Enterprise Linux 3. This update has been rated as having
  important security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/148031

------------------------------------------------------------------------

* Slackware: git (Feb 20)
  -----------------------
  New git packages are available for Slackware 12.0, 12.1, 12.2, and
  -current to fix security issues. More details about this issue may be
  found in the Common Vulnerabilities and Exposures (CVE) database.

  http://www.linuxsecurity.com/content/view/148044

* Slackware: libpng (Feb 20)
  --------------------------
  New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
  10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security
  issue. More details about this issue may be found in the Common
  Vulnerabilities and Exposures (CVE) database.

  http://www.linuxsecurity.com/content/view/148043

------------------------------------------------------------------------

* SuSE: flash-player (SUSE-SA:2009:011) (Feb 26)
  ----------------------------------------------
  Specially crafted swf files could cause a buffer overflow in
  flash-player. Attackers could potentially exploit that to execute
  code on the victim's machine (CVE-2009-0519, CVE-2009-0520,
  CVE-2009-0521).

  http://www.linuxsecurity.com/content/view/148082

* SuSE: Linux kernel (SUSE-SA:2009:010) (Feb 26)
  ----------------------------------------------
  This update fixes several security issues and lots of bugs in the
  openSUSE 11.1 kernel.

  http://www.linuxsecurity.com/content/view/148081

------------------------------------------------------------------------

* Pardus: Libpng: Denial of Service (Feb 23)
  ------------------------------------------
  A vulnerability has been reported in libpng, which can be exploited
  by  malicious people to cause a DoS (Denial of Service) or  to
  potentially  compromise an application using the library.

  http://www.linuxsecurity.com/content/view/148046


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request_at_private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Sun Mar 01 2009 - 23:07:28 PST

This archive was generated by hypermail 2.2.0 : Sun Mar 01 2009 - 23:11:59 PST