[ISN] Linux Advisory Watch - June 5th 2009

From: InfoSec News <alerts_at_private>
Date: Tue, 9 Jun 2009 04:04:17 -0500 (CDT)
+----------------------------------------------------------------------+
| LinuxSecurity.com                                  Weekly Newsletter |
| June 5th, 2009                                  Volume 10, Number 23 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski_at_private> |
|                       Benjamin D. Thomas <bthomas_at_private> |
+----------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for apr-util, cups,
libapache-mod-jk, drupral, cyrus, mingw, pidgin, ocsinventory,
maniadrive, php, ntp, opensc, freetype, acpid, freetype, libmodplug,
gaim, rpmdrake, eggdrop, sudo, wireshark, and apache.  The distributors
include Debian, Fedora, Gentoo, Mandriva, Red Hat, Ubuntu, and Pardus.

---

>> Linux+DVD Magazine <<

In each issue you can find information concerning the best use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

Catch up with what professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software are doing!

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

Review: Googling Security: How Much Does Google Know About You
--------------------------------------------------------------
If I ask "How much do you know about Google?" You may not take even a
second to respond.  But if I may ask "How much does Google know about
you"? You may instantly reply "Wait... what!? Do they!?"  The book
"Googling Security: How Much Does Google Know About You" by Greg Conti
(Computer Science Professor at West Point) is the first book to reveal
how Google's vast information stockpiles could be used against you or
your business and what you can do to protect yourself.

http://www.linuxsecurity.com/content/view/145939

---

A Secure Nagios Server
----------------------
Nagios is a monitoring software designed to let you know about problems
on your hosts and networks quickly. You can configure it to be used on
any network. Setting up a Nagios server on any Linux distribution is a
very quick process however to make it a secure setup it takes some
work. This article will not show you how to install Nagios since there
are tons of them out there but it will show you in detail ways to
improve your Nagios security.

http://www.linuxsecurity.com/content/view/144088

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

------------------------------------------------------------------------

* EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
  ------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.22 (Version 3.0, Release 22).  This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.

  http://www.linuxsecurity.com/content/view/145668

------------------------------------------------------------------------

* Debian: New apr-util packages fix several vulnerabilities (Jun 4)
  -----------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149033

* Debian: New cups/cupsys packages fix denial of service (Jun 2)
  --------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149018

* Debian: New libapache-mod-jk packages fix information (Jun 2)
  -------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149017

* Debian: New Linux 2.6.26 packages fix several vulnerabilities (Jun 2)
  ---------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149006

* Debian: New drupal6 packages fix insufficient input sanitising (Jun 1)
  ----------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149003

* Debian: New cyrus-sasl2/cyrus-sasl2-heimdal packages fix arbitrary code execution (Jun 1)
  -----------------------------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149002

------------------------------------------------------------------------

* Fedora 10 Update: mingw32-opensc-0.11.8-1.fc10 (Jun 2)
  ------------------------------------------------------
  CVE-2009-1603    A minor update fixing security problem within
  pkcs11-tool command.
  http://www.opensc-project.org/pipermail/opensc-
  announce/2009-May/000025.html

  http://www.linuxsecurity.com/content/view/149013

* Fedora 11 Update: mingw32-opensc-0.11.8-1.fc11 (Jun 2)
  ------------------------------------------------------
  CVE-2009-1603    A minor update fixing security problem within
  pkcs11-tool command.
  http://www.opensc-project.org/pipermail/opensc-
  announce/2009-May/000025.html    OpenSC is a package for for
  accessing smart card devices.  Basic	functionality (e.g. SELECT
  FILE, READ BINARY) should work on any ISO  7816-4 compatible smart
  card.  Encryption and decryption using private  keys on the smart
  card is possible with PKCS #15 compatible cards, such as the FINEID
  (Finnish Electronic IDentity) card.  Swedish Posten  eID cards have
  also been confirmed to work.	  This is the MinGW cross-compiled
  Windows library.

  http://www.linuxsecurity.com/content/view/149014

* Fedora 10 Update: pidgin-2.5.6-1.fc10 (Jun 2)
  ---------------------------------------------
  This is a bugfix & security fix release of Pidgin.	The full
  ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog
   Details of the security fixes included are available at
  http://www.pidgin.im/news/security/

  http://www.linuxsecurity.com/content/view/149012

* Fedora 10 Update: ocsinventory-1.02.1-1.fc10 (Jun 2)
  ----------------------------------------------------
  2 Security fixes  - CVE-2009-1769 OCS Inventory NG: Authentication
  result varies for existent and non-existent users  - SQL injection
  and Unauthenticated Arbitrary File Read    Some Other minor bug fixes
     http://www.ocsinventory-ng.
  org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01
  returnid=64

  http://www.linuxsecurity.com/content/view/149011

* Fedora 11 Update: ocsinventory-1.02.1-1.fc11 (Jun 2)
  ----------------------------------------------------
  2 Security fixes  - CVE-2009-1769 OCS Inventory NG: Authentication
  result varies for existent and non-existent users  - SQL injection
  and Unauthenticated Arbitrary File Read    Some Other minor bug fixes
     http://www.ocsinventory-ng.
  org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01
  returnid=64

  http://www.linuxsecurity.com/content/view/149010

* Fedora 9 Update: ocsinventory-1.02.1-1.fc9 (Jun 2)
  --------------------------------------------------
  2 Security fixes  - CVE-2009-1769 OCS Inventory NG: Authentication
  result varies for existent and non-existent users  - SQL injection
  and Unauthenticated Arbitrary File Read    Some Other minor bug fixes
     http://www.ocsinventory-ng.
  org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01
  returnid=64

  http://www.linuxsecurity.com/content/view/149008

* Fedora 11 Update: pidgin-2.5.6-1.fc11 (Jun 2)
  ---------------------------------------------
  This is a bugfix & security fix release of Pidgin.	The full
  ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog
   Details of the security fixes included are available at
  http://www.pidgin.im/news/security/

  http://www.linuxsecurity.com/content/view/149009

* Fedora 9 Update: pidgin-2.5.6-1.fc9 (Jun 2)
  -------------------------------------------
  This is a bugfix & security fix release of Pidgin.	The full
  ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog
   Details of the security fixes included are available at
  http://www.pidgin.im/news/security/

  http://www.linuxsecurity.com/content/view/149007

* Fedora 9 Update: maniadrive-1.2-13.fc9 (May 29)
  -----------------------------------------------
  Update to PHP 5.2.9	 A heap-based buffer overflow flaw was found in
  PHP's mbstring extension. A remote attacker able to pass arbitrary
  input to a PHP script using mbstring conversion functions could cause
  the PHP interpreter to crash or, possibly, execute arbitrary code.
  (CVE-2008-5557)    A directory traversal flaw was found in PHP's
  ZipArchive::extractTo function. If PHP is used to extract a malicious
  ZIP archive, it could allow an attacker to write arbitrary files
  anywhere the PHP process has write permissions. (CVE-2008-5658) A
  buffer overflow flaw was found in PHP's imageloadfont function. If a
  PHP script allowed a remote attacker to load a carefully crafted font
  file, it could cause the PHP interpreter to crash or, possibly,
  execute arbitrary code. (CVE-2008-3658)    A memory disclosure flaw
  was found in the PHP gd extension's imagerotate function. A remote
  attacker able to pass arbitrary values as the "background color"
  argument of the function could, possibly, view portions of the PHP
  interpreter's memory. (CVE-2008-5498)    A cross-site scripting flaw
  was found in a way PHP reported errors for invalid cookies. If the
  PHP interpreter had "display_errors" enabled, a remote attacker able
  to set a specially-crafted cookie on a victim's system could possibly
  inject arbitrary HTML into an error message generated by PHP.
  (CVE-2008-5814)    A flaw was found in the handling of the
  "mbstring.func_overload" configuration setting. A value set for one
  virtual host, or in a user's .htaccess file, was incorrectly applied
  to other virtual hosts on the same server, causing the handling of
  multibyte character strings to not work correctly. (CVE-2009-0754)
  A flaw was found in PHP's json_decode function. A remote attacker
  could use this flaw to create a specially-crafted string which could
  cause the PHP interpreter to crash while being decoded in a PHP
  script. (CVE-2009-1271)    A flaw was found in the use of the uw-imap
  library by the PHP "imap" extension. This could cause the PHP
  interpreter to crash if the "imap" extension was used to read
  specially-crafted mail messages with long headers. (CVE-2008-2829)
  http://www.php.net/releases/5_2_7.php
  http://www.php.net/releases/5_2_8.php
  http://www.php.net/releases/5_2_9.php
  http://www.php.net/ChangeLog-5.php#5.2.9

  http://www.linuxsecurity.com/content/view/148993

* Fedora 9 Update: php-5.2.9-2.fc9 (May 29)
  -----------------------------------------
  Update to PHP 5.2.9	 A heap-based buffer overflow flaw was found in
  PHP's mbstring extension. A remote attacker able to pass arbitrary
  input to a PHP script using mbstring conversion functions could cause
  the PHP interpreter to crash or, possibly, execute arbitrary code.
  (CVE-2008-5557)    A directory traversal flaw was found in PHP's
  ZipArchive::extractTo function. If PHP is used to extract a malicious
  ZIP archive, it could allow an attacker to write arbitrary files
  anywhere the PHP process has write permissions. (CVE-2008-5658) A
  buffer overflow flaw was found in PHP's imageloadfont function. If a
  PHP script allowed a remote attacker to load a carefully crafted font
  file, it could cause the PHP interpreter to crash or, possibly,
  execute arbitrary code. (CVE-2008-3658)    A memory disclosure flaw
  was found in the PHP gd extension's imagerotate function. A remote
  attacker able to pass arbitrary values as the "background color"
  argument of the function could, possibly, view portions of the PHP
  interpreter's memory. (CVE-2008-5498)    A cross-site scripting flaw
  was found in a way PHP reported errors for invalid cookies. If the
  PHP interpreter had "display_errors" enabled, a remote attacker able
  to set a specially-crafted cookie on a victim's system could possibly
  inject arbitrary HTML into an error message generated by PHP.
  (CVE-2008-5814)    A flaw was found in the handling of the
  "mbstring.func_overload" configuration setting. A value set for one
  virtual host, or in a user's .htaccess file, was incorrectly applied
  to other virtual hosts on the same server, causing the handling of
  multibyte character strings to not work correctly. (CVE-2009-0754)
  A flaw was found in PHP's json_decode function. A remote attacker
  could use this flaw to create a specially-crafted string which could
  cause the PHP interpreter to crash while being decoded in a PHP
  script. (CVE-2009-1271)    A flaw was found in the use of the uw-imap
  library by the PHP "imap" extension. This could cause the PHP
  interpreter to crash if the "imap" extension was used to read
  specially-crafted mail messages with long headers. (CVE-2008-2829)
  http://www.php.net/releases/5_2_7.php
  http://www.php.net/releases/5_2_8.php
  http://www.php.net/releases/5_2_9.php
  http://www.php.net/ChangeLog-5.php#5.2.9

  http://www.linuxsecurity.com/content/view/148994

* Fedora 10 Update: maniadrive-1.2-13.fc10 (May 29)
  -------------------------------------------------
  Update to PHP 5.2.9	 A heap-based buffer overflow flaw was found in
  PHP's mbstring extension. A remote attacker able to pass arbitrary
  input to a PHP script using mbstring conversion functions could cause
  the PHP interpreter to crash or, possibly, execute arbitrary code.
  (CVE-2008-5557)    A directory traversal flaw was found in PHP's
  ZipArchive::extractTo function. If PHP is used to extract a malicious
  ZIP archive, it could allow an attacker to write arbitrary files
  anywhere the PHP process has write permissions. (CVE-2008-5658) A
  buffer overflow flaw was found in PHP's imageloadfont function. If a
  PHP script allowed a remote attacker to load a carefully crafted font
  file, it could cause the PHP interpreter to crash or, possibly,
  execute arbitrary code. (CVE-2008-3658)    A memory disclosure flaw
  was found in the PHP gd extension's imagerotate function. A remote
  attacker able to pass arbitrary values as the "background color"
  argument of the function could, possibly, view portions of the PHP
  interpreter's memory. (CVE-2008-5498)    A cross-site scripting flaw
  was found in a way PHP reported errors for invalid cookies. If the
  PHP interpreter had "display_errors" enabled, a remote attacker able
  to set a specially-crafted cookie on a victim's system could possibly
  inject arbitrary HTML into an error message generated by PHP.
  (CVE-2008-5814)    A flaw was found in the handling of the
  "mbstring.func_overload" configuration setting. A value set for one
  virtual host, or in a user's .htaccess file, was incorrectly applied
  to other virtual hosts on the same server, causing the handling of
  multibyte character strings to not work correctly. (CVE-2009-0754)
  A flaw was found in PHP's json_decode function. A remote attacker
  could use this flaw to create a specially-crafted string which could
  cause the PHP interpreter to crash while being decoded in a PHP
  script. (CVE-2009-1271)    A flaw was found in the use of the uw-imap
  library by the PHP "imap" extension. This could cause the PHP
  interpreter to crash if the "imap" extension was used to read
  specially-crafted mail messages with long headers. (CVE-2008-2829)
  http://www.php.net/releases/5_2_7.php
  http://www.php.net/releases/5_2_8.php
  http://www.php.net/releases/5_2_9.php
  http://www.php.net/ChangeLog-5.php#5.2.9

  http://www.linuxsecurity.com/content/view/148991

* Fedora 10 Update: php-5.2.9-2.fc10 (May 29)
  -------------------------------------------
  Update to PHP 5.2.9	 A heap-based buffer overflow flaw was found in
  PHP's mbstring extension. A remote attacker able to pass arbitrary
  input to a PHP script using mbstring conversion functions could cause
  the PHP interpreter to crash or, possibly, execute arbitrary code.
  (CVE-2008-5557)    A directory traversal flaw was found in PHP's
  ZipArchive::extractTo function. If PHP is used to extract a malicious
  ZIP archive, it could allow an attacker to write arbitrary files
  anywhere the PHP process has write permissions. (CVE-2008-5658) A
  buffer overflow flaw was found in PHP's imageloadfont function. If a
  PHP script allowed a remote attacker to load a carefully crafted font
  file, it could cause the PHP interpreter to crash or, possibly,
  execute arbitrary code. (CVE-2008-3658)    A memory disclosure flaw
  was found in the PHP gd extension's imagerotate function. A remote
  attacker able to pass arbitrary values as the "background color"
  argument of the function could, possibly, view portions of the PHP
  interpreter's memory. (CVE-2008-5498)    A cross-site scripting flaw
  was found in a way PHP reported errors for invalid cookies. If the
  PHP interpreter had "display_errors" enabled, a remote attacker able
  to set a specially-crafted cookie on a victim's system could possibly
  inject arbitrary HTML into an error message generated by PHP.
  (CVE-2008-5814)    A flaw was found in the handling of the
  "mbstring.func_overload" configuration setting. A value set for one
  virtual host, or in a user's .htaccess file, was incorrectly applied
  to other virtual hosts on the same server, causing the handling of
  multibyte character strings to not work correctly. (CVE-2009-0754)
  A flaw was found in PHP's json_decode function. A remote attacker
  could use this flaw to create a specially-crafted string which could
  cause the PHP interpreter to crash while being decoded in a PHP
  script. (CVE-2009-1271)    A flaw was found in the use of the uw-imap
  library by the PHP "imap" extension. This could cause the PHP
  interpreter to crash if the "imap" extension was used to read
  specially-crafted mail messages with long headers. (CVE-2008-2829)
  http://www.php.net/releases/5_2_7.php
  http://www.php.net/releases/5_2_8.php
  http://www.php.net/releases/5_2_9.php
  http://www.php.net/ChangeLog-5.php#5.2.9

  http://www.linuxsecurity.com/content/view/148992

* Fedora 9 Update: ntp-4.2.4p7-1.fc9 (May 29)
  -------------------------------------------
  This update fixes a denial of service issue if autokey is enabled
  (default is disabled) and a crash in ntpq.

  http://www.linuxsecurity.com/content/view/148990

* Fedora 9 Update: opensc-0.11.8-1.fc9 (May 29)
  ---------------------------------------------
  A minor update fixing security problem within pkcs11-tool command.
  http://www
  .opensc-project.org/pipermail/opensc-announce/2009-May/000025.html

  http://www.linuxsecurity.com/content/view/148989

* Fedora 10 Update: opensc-0.11.8-1.fc10 (May 29)
  -----------------------------------------------
  A minor update fixing security problem within pkcs11-tool command.
  http://www
  .opensc-project.org/pipermail/opensc-announce/2009-May/000025.html

  http://www.linuxsecurity.com/content/view/148988

* Fedora 10 Update: ntp-4.2.4p7-1.fc10 (May 29)
  ---------------------------------------------
  This update fixes a denial of service issue if autokey is enabled
  (default is disabled) and a crash in ntpq.

  http://www.linuxsecurity.com/content/view/148987

* Fedora 11 Update: opensc-0.11.8-1.fc11 (May 29)
  -----------------------------------------------
  A minor update fixing security problem within pkcs11-tool command.
  http://www
  .opensc-project.org/pipermail/opensc-announce/2009-May/000025.html

  http://www.linuxsecurity.com/content/view/148986

* Fedora 11 Update: freetype1-1.4-0.8.pre.fc11 (May 28)
  -----------------------------------------------------
  Port of freetype2 security fixes

  http://www.linuxsecurity.com/content/view/148978

* Fedora 9 Update: acpid-1.0.6-8.fc9 (May 28)
  -------------------------------------------
  Fixed CVE-2009-0798 (too many open files DoS)

  http://www.linuxsecurity.com/content/view/148977

* Fedora 10 Update: acpid-1.0.6-11.fc10 (May 28)
  ----------------------------------------------
  Fixed CVE-2009-0798 (too many open files DoS)

  http://www.linuxsecurity.com/content/view/148976

* Fedora 9 Update: eggdrop-1.6.19-4.fc9 (May 28)
  ----------------------------------------------
  mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and
  earlier allows remote attackers to cause a denial of service (crash)
  via a crafted PRIVMSG that causes an empty string to trigger a
  negative string length copy. NOTE: this issue exists because of an
  incorrect fix for CVE-2007-2807. The current remote denial of service
  is tracked as CVE-2009-1789.

  http://www.linuxsecurity.com/content/view/148974

* Fedora 10 Update: eggdrop-1.6.19-4.fc10 (May 28)
  ------------------------------------------------
  mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and
  earlier allows remote attackers to cause a denial of service (crash)
  via a crafted PRIVMSG that causes an empty string to trigger a
  negative string length copy. NOTE: this issue exists because of an
  incorrect fix for CVE-2007-2807. The current remote denial of service
  is tracked as CVE-2009-1789.

  http://www.linuxsecurity.com/content/view/148975

* Fedora 10 Update: freetype1-1.4-0.8.pre.fc10 (May 28)
  -----------------------------------------------------
  Port of freetype2 security fixes

  http://www.linuxsecurity.com/content/view/148973

------------------------------------------------------------------------

* Gentoo: Asterisk Multiple (May 30)
  ----------------------------------
  Multiple vulnerabilities have been found in Asterisk allowing for
  Denial of Service and username disclosure.

  http://www.linuxsecurity.com/content/view/148996

------------------------------------------------------------------------

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:128 ] libmodplug (Jun 4)
  ----------------------------------------------------------------------------
  Multiple security vulnerabilities has been identified and fixed in
  libmodplug: Integer overflow in the CSoundFile::ReadMed function
  (src/load_med.cpp) in libmodplug before 0.8.6, as used in
  gstreamer-plugins and other products, allows context-dependent
  attackers to execute arbitrary code via a MED file with a crafted (1)
  song comment or (2) song name, which triggers a heap-based buffer
  overflow (CVE-2009-1438). Buffer overflow in the PATinst function in
  src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted
  remote attackers to cause a denial of service and possibly execute
  arbitrary code via a long instrument name (CVE-2009-1513). The
  updated packages have been patched to prevent this.

  http://www.linuxsecurity.com/content/view/149032

* Mandriva: Subject: [Security Announce] [ MDVA-2009:089 ] openssl (Jun 4)
  ------------------------------------------------------------------------
  This update fixes a build problem with openssl-0.9.7g-2.8.20060mlcs4
  on Corporate Server 4.

  http://www.linuxsecurity.com/content/view/149031

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:127 ] gaim (Jun 3)
  ----------------------------------------------------------------------
  It was discovered that Gaim did not properly handle certain malformed
  messages in the MSN protocol handler. A remote attacker could send a
  specially crafted message and possibly execute arbitrary code with
  user privileges. (CVE-2008-2927)

  http://www.linuxsecurity.com/content/view/149026

* Mandriva: Subject: [Security Announce] [ MDVA-2009:088 ] rpmdrake (Jun 3)
  -------------------------------------------------------------------------
  This update fixes one issues with MandrivaUpdate: in previous update,
  a fix wrongly break the displaying of update descriptions & reasons.

  http://www.linuxsecurity.com/content/view/149021

* Mandriva: Subject: [Security Announce] [ MDVA-2009:087 ] mandriva-kde4-config (Jun 3)
  -------------------------------------------------------------------------------------
  This update introduces the kde4 artwork for the upcoming Mandriva
  2009 Spring Flash version.

  http://www.linuxsecurity.com/content/view/149020

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:126 ] eggdrop (Jun 1)
  -------------------------------------------------------------------------
  mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and
  earlier allows remote attackers to cause a denial of service (crash)
  via a crafted PRIVMSG that causes an empty string to trigger a
  negative string length copy.	NOTE: this issue exists because of an
  incorrect fix for CVE-2007-2807 (CVE-2009-1789).

  http://www.linuxsecurity.com/content/view/149005

* Mandriva: Subject: [Security Announce] [ MDVA-2009:086 ] sudo (May 31)
  ----------------------------------------------------------------------
  The version of sudo shipped with 2009.1 has an incorrect path to
  /etc/ldap.conf compiled in. This means that users who have their sudo
  config supplied by their ldap server will find their rules no longer
  apply. This updated package uses the correct /etc/ldap.conf file. See
  http://www.sudo.ws/sudo/readme_ldap.html for more information on
  configuring sudo with ldap.

  http://www.linuxsecurity.com/content/view/148999

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:125 ] wireshark (May 31)
  ----------------------------------------------------------------------------
  A vulnerability has been identified and corrected in wireshark: o
  Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20
  through 1.0.7 allows remote attackers to cause a denial of service
  (crash) via crafted PCNFSD packets (CVE-2009-1829). This update
  provides Wireshark 1.0.8, which is not vulnerable to this issue.

  http://www.linuxsecurity.com/content/view/148998

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:124 ] apache (May 31)
  -------------------------------------------------------------------------
  Multiple vulnerabilities has been found and corrected in apache:
  Memory leak in the zlib_stateful_init function in
  crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h
  allows remote attackers to cause a denial of service (memory
  consumption) via multiple calls, as demonstrated by initial SSL
  client handshakes to the Apache HTTP Server mod_ssl that specify a
  compression algorithm (CVE-2008-1678). Note that this security issue
  does not really apply as zlib compression is not enabled in the
  openssl build provided by Mandriva, but apache is patched to address
  this issue anyway (conserns 2008.1 only). Cross-site scripting (XSS)
  vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache
  2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module
  in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to
  inject arbitrary web script or HTML via wildcards in a pathname in an
  FTP URI (CVE-2008-2939). Note that this security issue was initially
  addressed with MDVSA-2008:195 but the patch fixing the issue was
  added but not applied in 2009.0. The Apache HTTP Server 2.2.11 and
  earlier 2.2 versions does not properly handle Options=IncludesNOEXEC
  in the AllowOverride directive, which allows local users to gain
  privileges by configuring (1) Options Includes, (2) Options
  +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and
  then inserting an exec element in a .shtml file (CVE-2009-1195). This
  update provides fixes for these vulnerabilities.

  http://www.linuxsecurity.com/content/view/148997

* Mandriva: Subject: [Security Announce] [ MDVA-2009:076-1 ] kdelibs (May 29)
  ---------------------------------------------------------------------------
  On Mandriva Linux 2009.0, installing a KDE3 package wouldn't
  automatically install the locales package for the system's language.
  This update fixes the issue.

  Update:

  On the previous kdelibs update we added a require on kde-i18n. After
  some discussion it appears that adding a suggests is a better choice.
  This also fixes the update, which would not work via MandrivaUpdate.

  http://www.linuxsecurity.com/content/view/148985

* Mandriva: Subject: [Security Announce] [ MDVA-2009:085 ] mesa (May 28)
  ----------------------------------------------------------------------
  A bug in mesa would cause hardware accelerated yuv conversion to
  fail, resulting in videos being displayed with wrong colors while
  using a gl video output driver. This update fixes this issue.

  http://www.linuxsecurity.com/content/view/148979

------------------------------------------------------------------------

* RedHat: Important: cups security update (Jun 3)
  -----------------------------------------------
  Updated cups packages that fix one security issue are now available
  for Red Hat Enterprise Linux 5. This update has been rated as having
  important security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/149027

* RedHat: Important: kernel-rt security and bug fix update (Jun 3)
  ----------------------------------------------------------------
  Updated kernel-rt packages that fix several security issues and
  various bugs are now available for Red Hat Enterprise MRG 1.1.3. This
  update has been rated as having important security impact by the Red
  Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/149028

* RedHat: Important: cups security update (Jun 3)
  -----------------------------------------------
  Updated cups packages that fix multiple security issues are now
  available for Red Hat Enterprise Linux 3 and 4. This update has been
  rated as having important security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/149029

* RedHat: Important: kernel security and bug fix update (Jun 2)
  -------------------------------------------------------------
  Updated kernel packages that fix two security issues and two bugs are
  now available for Red Hat Enterprise Linux 4.7 Extended Update
  Support. This update has been rated as having important security
  impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/149015

* RedHat: Low: Red Hat Enterprise Linux 2.1 - End Of Life (Jun 1)
  ---------------------------------------------------------------
  This is the End Of Life notification for Red Hat Enterprise Linux
  2.1.

  http://www.linuxsecurity.com/content/view/149000

------------------------------------------------------------------------

* Slackware:   ntp (Jun 4)
  ------------------------
  New ntp packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
  10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security
  issues. More details about this issue may be found in the Common
  Vulnerabilities and Exposures (CVE) database:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252

  http://www.linuxsecurity.com/content/view/149030

------------------------------------------------------------------------

* Ubuntu:  Pidgin vulnerabilities (Jun 3)
  ---------------------------------------
  It was discovered that Pidgin did not properly handle certain
  malformed messages when sending a file using the XMPP protocol
  handler. If a user were tricked into sending a file, a remote
  attacker could send a specially crafted response and cause Pidgin to
  crash, or possibly execute arbitrary code with user privileges.
  (CVE-2009-1373) It was discovered that Pidgin did not properly handle
  certain malformed messages in the QQ protocol handler. A remote
  attacker could send a specially crafted message and cause Pidgin to
  crash. This issue only affected Ubuntu 8.10 and 9.04. (CVE-2009-1374)
  It was discovered that Pidgin did not properly handle certain
  malformed messages in the XMPP and Sametime protocol handlers. A
  remote attacker could send a specially crafted message and cause
  Pidgin to crash. (CVE-2009-1375) It was discovered that Pidgin did
  not properly handle certain malformed messages in the MSN protocol
  handler. A remote attacker could send a specially crafted message and
  possibly execute arbitrary code with user privileges. (CVE-2009-1376)

  http://www.linuxsecurity.com/content/view/149023

* Ubuntu:  Gaim vulnerabilities (Jun 3)
  -------------------------------------
  It was discovered that Gaim did not properly handle certain malformed
  messages when sending a file using the XMPP protocol handler. If a
  user were tricked into sending a file, a remote attacker could send a
  specially crafted response and cause Gaim to crash, or possibly
  execute arbitrary code with user privileges. (CVE-2009-1373) It was
  discovered that Gaim did not properly handle certain malformed
  messages in the MSN protocol handler. A remote attacker could send a
  specially crafted message and possibly execute arbitrary code with
  user privileges. (CVE-2009-1376)

  http://www.linuxsecurity.com/content/view/149024

* Ubuntu:  CUPS vulnerability (Jun 3)
  -----------------------------------
  Anibal Sacco discovered that CUPS did not properly handle certain
  network operations. A remote attacker could exploit this flaw and
  cause the CUPS server to crash, resulting in a denial of service.

  http://www.linuxsecurity.com/content/view/149025

------------------------------------------------------------------------

* Pardus: Libsndfile: Multiple (Jun 3)
  ------------------------------------
  exploited by malicious people to cause a DoS (Denial of Service).

  http://www.linuxsecurity.com/content/view/149019

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request_at_private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_____________________________________________
Visit the InfoSec News security bookstore!
http://www.shopinfosecnews.org 
Received on Tue Jun 09 2009 - 02:04:17 PDT

This archive was generated by hypermail 2.2.0 : Tue Jun 09 2009 - 02:19:12 PDT