[ISN] Linux Advisory Watch - July 6th 2009

From: InfoSec News <alerts_at_private>
Date: Wed, 8 Jul 2009 01:46:59 -0500 (CDT)
+----------------------------------------------------------------------+
| LinuxSecurity.com                                  Weekly Newsletter |
| July 6th, 2009                                  Volume 10, Number 28 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski_at_private> |
|                       Benjamin D. Thomas <bthomas_at_private> |
+----------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for xorg-x11-xfs, modsecurity,
libwmf, wireshark, apache,  phpMyAdmin, Ruby, kde4, timezone, imap,
php, ruby, openswan, pidgin, seamonkey, ghostscript,
mozilla-thunderbird, perl, nagios, samba, and tiff.  The distributors
include Gentoo, Mandriva, Red Hat,  Slackware, SuSE, Ubuntu, and
Pardus.

---

>> Linux+DVD Magazine <<

In each issue you can find information concerning the best use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

Catch up with what professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software are doing!

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

Review: Googling Security: How Much Does Google Know About You
--------------------------------------------------------------
If I ask "How much do you know about Google?" You may not take even a
second to respond.  But if I may ask "How much does Google know about
you"? You may instantly reply "Wait... what!? Do they!?"  The book
"Googling Security: How Much Does Google Know About You" by Greg Conti
(Computer Science Professor at West Point) is the first book to reveal
how Google's vast information stockpiles could be used against you or
your business and what you can do to protect yourself.

http://www.linuxsecurity.com/content/view/145939

---

A Secure Nagios Server
----------------------
Nagios is a monitoring software designed to let you know about problems
on your hosts and networks quickly. You can configure it to be used on
any network. Setting up a Nagios server on any Linux distribution is a
very quick process however to make it a secure setup it takes some
work. This article will not show you how to install Nagios since there
are tons of them out there but it will show you in detail ways to
improve your Nagios security.

http://www.linuxsecurity.com/content/view/144088

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

------------------------------------------------------------------------

* EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
  ------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.22 (Version 3.0, Release 22).  This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.

  http://www.linuxsecurity.com/content/view/145668

------------------------------------------------------------------------

* Fedora 9 Update: xorg-x11-xfs-1.0.5-2.1.fc9 (Jul 2)
  ---------------------------------------------------


  http://www.linuxsecurity.com/content/view/149289

* Fedora 10 Update: xorg-x11-xfs-1.0.5-3.1.fc10 (Jul 2)
  -----------------------------------------------------


  http://www.linuxsecurity.com/content/view/149290

------------------------------------------------------------------------

* Gentoo: ModSecurity Denial of Service (Jul 2)
  ---------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D Two vulnerabilities in ModSecurity might
  lead to a Denial of Service.

  http://www.linuxsecurity.com/content/view/149300

* Gentoo: libwmf User-assisted execution of arbitrary (Jul 2)
  -----------------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D libwmf bundles an old GD version which
  contains a "use-after-free" vulnerability.

  http://www.linuxsecurity.com/content/view/149299

* Gentoo: Wireshark Multiple vulnerabilities (Jun 30)
  ---------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D Multiple vulnerabilities have been
  discovered in Wireshark which allow for Denial of Service
  (application crash) or remote code execution.

  http://www.linuxsecurity.com/content/view/149283

* Gentoo: Apache Tomcat JK Connector Information (Jun 29)
  -------------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D An error in the Apache Tomcat JK Connector
  might allow for an information disclosure flaw.

  http://www.linuxsecurity.com/content/view/149278

* Gentoo: phpMyAdmin Multiple vulnerabilities (Jun 29)
  ----------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D Multiple errors in phpMyAdmin might allow
  the remote execution of arbitrary code or a Cross-Site Scripting
  attack.

  http://www.linuxsecurity.com/content/view/149277

* Gentoo: Ruby Denial of Service (Jun 28)
  ---------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D A flaw in the Ruby standard library might
  allow remote attackers to cause a Denial of Service attack.

  http://www.linuxsecurity.com/content/view/149271

------------------------------------------------------------------------

* Mandriva: Subject: [Security Announce] [ MDVA-2009:123 ] kde4 (Jul 1)
  ---------------------------------------------------------------------
  Mandriva Linux 2009 Spring was released with KDE4 version 4.2.2. This
  update upgrades KDE4 in Mandriva Linux 2009 Spring to version 4.2.4,
  which brings many bugfixes and overall improvements.

  http://www.linuxsecurity.com/content/view/149288

* Mandriva: Subject: [Security Announce] [ MDVA-2009:122 ] timezone (Jun 29)
  --------------------------------------------------------------------------
  Updated timezone packages are being provided for older Mandriva Linux
  systems that do not contain new Daylight Savings Time information and
  Time Zone information for some locations. These updated packages
  contain the new information.

  http://www.linuxsecurity.com/content/view/149274

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:146 ] imap (Jun 29)
  -----------------------------------------------------------------------
  Security vulnerabilities has been identified and fixed in University
  of Washington IMAP Toolkit: Multiple stack-based buffer overflows in
  (1) University of Washington IMAP Toolkit 2002 through 2007c, (2)
  University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP
  allow (a) local users to gain privileges by specifying a long folder
  extension argument on the command line to the tmail or dmail program;
  and (b) remote attackers to execute arbitrary code by sending e-mail
  to a destination mailbox name composed of a username and '+'
  character followed by a long string, processed by the tmail or
  possibly dmail program (CVE-2008-5005). smtp.c in the c-client
  library in University of Washington IMAP Toolkit 2007b allows remote
  SMTP servers to cause a denial of service (NULL pointer dereference
  and application crash) by responding to the QUIT command with a close
  of the TCP connection instead of the expected 221 response code
  (CVE-2008-5006). Off-by-one error in the rfc822_output_char function
  in the RFC822BUFFER routines in the University of Washington (UW)
  c-client library, as used by the UW IMAP toolkit before imap-2007e
  and other applications, allows context-dependent attackers to cause a
  denial of service (crash) via an e-mail message that triggers a
  buffer overflow (CVE-2008-5514). The updated packages have been
  patched to prevent this. Note that the software was renamed to
  c-client starting from Mandriva Linux 2009.0 and only provides the
  shared c-client library for the imap functions in PHP.

  http://www.linuxsecurity.com/content/view/149273

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:145 ] php (Jun 28)
  ----------------------------------------------------------------------
  A vulnerability has been found and corrected in PHP: - Fixed upstream
  bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg
  files). The updated packages have been patched to correct these
  issues.

  http://www.linuxsecurity.com/content/view/149270

------------------------------------------------------------------------

* RedHat: Moderate: ruby security update (Jul 2)
  ----------------------------------------------
  Updated ruby packages that fix multiple security issues are now
  available for Red Hat Enterprise Linux 4 and 5. This update has been
  rated as having moderate security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/149296

* RedHat: Important: openswan security update (Jul 2)
  ---------------------------------------------------
  Updated openswan packages that fix multiple security issues are now
  available for Red Hat Enterprise Linux 5. This update has been rated
  as having important security impact by the Red Hat Security Response
  Team.

  http://www.linuxsecurity.com/content/view/149294

* RedHat: Moderate: pidgin security and bug fix update (Jul 2)
  ------------------------------------------------------------
  Updated pidgin packages that fix one security issue and one bug are
  now available for Red Hat Enterprise Linux 4 and 5. This update has
  been rated as having moderate security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/149295

* RedHat: Important: seamonkey security update (Jun 30)
  -----------------------------------------------------
  Updated seamonkey packages that fix a security issue are now
  available for Red Hat Enterprise Linux 3 and 4. This update has been
  rated as having important security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/149284

* RedHat: Important: kernel security and bug fix update (Jun 30)
  --------------------------------------------------------------
  Updated kernel packages that fix several security issues and various
  bugs are now available for Red Hat Enterprise Linux 4. This update
  has been rated as having important security impact by the Red Hat
  Security Response Team.

  http://www.linuxsecurity.com/content/view/149280

------------------------------------------------------------------------

* Slackware:   ghostscript (Jun 30)
  ---------------------------------
  New ghostscript packages are available for Slackware 12.1, 12.2, and
  -current to fix security issues. More details about this issue may be
  found in the Common Vulnerabilities and Exposures (CVE) database:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792

  http://www.linuxsecurity.com/content/view/149279

* Slackware:   mozilla-thunderbird (Jun 28)
  -----------------------------------------
  New mozilla-thunderbird packages are available for Slackware 10.2,
  11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More
  details about the issues may be found here:
  http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.h
  tml

  http://www.linuxsecurity.com/content/view/149269

------------------------------------------------------------------------

* SuSE: IBM Java 6 (SUSE-SA:2009:036) (Jul 2)
  -------------------------------------------


  http://www.linuxsecurity.com/content/view/149301

* SuSE: Acrobat Reader (SUSE-SA:2009:035) (Jul 1)
  -----------------------------------------------


  http://www.linuxsecurity.com/content/view/149287

------------------------------------------------------------------------

* Ubuntu:  Perl vulnerability (Jul 2)
  -----------------------------------
  It was discovered that the Compress::Raw::Zlib Perl module
  incorrectly handled certain zlib compressed streams. If a user or
  automated system were tricked into processing a specially crafted
  compressed stream or file, a remote attacker could crash the
  application, leading to a denial of service.

  http://www.linuxsecurity.com/content/view/149298

* Ubuntu:  Nagios vulnerability (Jul 2)
  -------------------------------------
  It was discovered that Nagios did not properly parse certain commands
  submitted using the WAP web interface. An authenticated user could
  exploit this flaw and execute arbitrary programs on the server.

  http://www.linuxsecurity.com/content/view/149297

------------------------------------------------------------------------

* Pardus: Samba: Security Bypass (Jun 30)
  ---------------------------------------
  by malicious users to  bypass  certain  security  restrictions  and
  by malicious people to potentially compromise a user's system.

  http://www.linuxsecurity.com/content/view/149282

* Pardus: Tiff: Buffer Underflow (Jun 30)
  ---------------------------------------
  malicious people to cause a DoS (Denial of Service) or  to
  potentially compromise an application using the library.

  http://www.linuxsecurity.com/content/view/149281

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request_at_private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_______________________________________________      
Attend Black Hat USA, July 25-30 in Las Vegas, 
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Tue Jul 07 2009 - 23:46:59 PDT

This archive was generated by hypermail 2.2.0 : Tue Jul 07 2009 - 23:57:41 PDT