[ISN] Linux Advisory Watch: June 25th, 2010

From: InfoSec News <alerts_at_private>
Date: Mon, 28 Jun 2010 00:41:50 -0500 (CDT)
+----------------------------------------------------------------------+
| LinuxSecurity.com                               Linux Advisory Watch |
| June 25th, 2010                                 Volume 11, Number 26 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski_at_private> |
|                       Benjamin D. Thomas <bthomas_at_private> |
+----------------------------------------------------------------------+

Thank you for reading the Linux Advisory Watch Security Newsletter. The 
purpose of this document is to provide our readers with a quick summary of 
each week's vendor security bulletins and pointers on methods to improve 
the security posture of your open source system.

Vulnerabilities affect nearly every vendor virtually every week, so be 
sure to read through to find the updates your distributor have made 
available.

Understand: Fork Bombing Attack
-------------------------------
As the variety of attacks and threats grow, you need to be prepared.  In 
this HOWTO, get a feeling for the Fork Bombing Attack, what it is, how it 
works, where it comes from, how to deal with it and more.
http://www.linuxsecurity.com/content/view/129220


Review: Hacking: The Art of Exploitation, Second Edition
--------------------------------------------------------
If you've ever wondered what a "buffer overflow" was, or how a "denial
of service" attack works beyond just a basic understanding, then there
is no better book that will help you to delve into the	nitty-gritty
than Hacking: The Art of Exploitation, Second Edition, by Jon
Erickson.

http://www.linuxsecurity.com/content/view/152556

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

------------------------------------------------------------------------

* EnGarde Secure Community 3.0.22 Now Available!
   ----------------------------------------------
   Guardian Digital is happy to announce the release of EnGarde Secure
   Community 3.0.22 (Version 3.0, Release 22).  This release includes
   many updated packages and bug fixes and some feature enhancements to
   the EnGarde Secure Linux Installer and the SELinux policy.

   http://www.linuxsecurity.com/content/view/145668

------------------------------------------------------------------------

* Debian: 2063-1: pmount: insecure temporary file (Jun 17)
   --------------------------------------------------------
   Dan Rosenberg discovered that pmount, a wrapper around the standard
   mount program which permits normal users to mount removable devices
   without a matching /etc/fstab entry, creates files in /var/lock
   insecurely. [More...]

   http://www.linuxsecurity.com/content/view/152637

* Debian: 2062-1: sudo: missing input sanitization (Jun 17)
   ---------------------------------------------------------
   Anders Kaseorg and Evan Broder discovered a vulnerability in sudo, a
   program designed to allow a sysadmin to give limited root privileges
   to users, that allows a user with sudo permissions on certain
   programs to [More...]

   http://www.linuxsecurity.com/content/view/152627

------------------------------------------------------------------------

* Mandriva: 2010:126: mozilla-thunderbird (Jun 24)
   ------------------------------------------------
   Multiple vulnerabilities has been found and corrected in
   mozilla-thunderbird: Unspecified vulnerability in Mozilla Firefox 3
   allows remote attackers to execute arbitrary code via unknown vectors
   that trigger memory [More...]

   http://www.linuxsecurity.com/content/view/152683

* Mandriva: 2010:125: firefox (Jun 24)
   ------------------------------------
   Security issues were identified and fixed in firefox: An unspecified
   function in the JavaScript implementation in Mozilla Firefox creates
   and exposes a temporary footprint when there is a current login to a
   web site, which makes it easier for remote [More...]

   http://www.linuxsecurity.com/content/view/152675

* Mandriva: 2010:124: pulseaudio (Jun 23)
   ---------------------------------------
   The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10
   and 0.9.19 allows local users to change the ownership and permissions
   of arbitrary files via a symlink attack on a /tmp/.esd-#####
   temporary file (CVE-2009-1299). [More...]

   http://www.linuxsecurity.com/content/view/152674

* Mandriva: 2010:123: libneon0.27 (Jun 23)
   ----------------------------------------
   This update fixes a reported buffer overflow found with ntlm
   authentication (MDV #59779). This advisory obsoletes MDVA-2010:172
   [More...]
   _____________________________________________________________________

   http://www.linuxsecurity.com/content/view/152669

* Mandriva: 2010:122: fastjar (Jun 22)
   ------------------------------------
   A vulnerability has been discovered and corrected in fastjar:
   Directory traversal vulnerability in the extract_jar function in
   jartool.c in FastJar 0.98 allows remote attackers to create or
   overwrite arbitrary files via a .. (dot dot) in a non-initial
   [More...]

   http://www.linuxsecurity.com/content/view/152665

* Mandriva: 2010:121: pango (Jun 22)
   ----------------------------------
   A vulnerability has been discovered and corrected in pango: Array
   index error in the hb_ot_layout_build_glyph_classes function in
   pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows
   context-dependent attackers to cause a denial of service (application
   [More...]

   http://www.linuxsecurity.com/content/view/152664

* Mandriva: 2010:120: squirrelmail (Jun 21)
   -----------------------------------------
   A vulnerability was reported in the SquirrelMail Mail Fetch plugin,
   wherein (when the plugin is activated by the administrator) a user is
   allowed to specify (without restriction) any port number for their
   external POP account settings. While the intention is to allow users
   to access POP3 servers using non-standard ports, this also allows
   [More...]

   http://www.linuxsecurity.com/content/view/152656

* Mandriva: 2010:119: samba (Jun 17)
   ----------------------------------
   A vulnerability has been discovered and corrected in samba: Samba
   versions 3.0.x, 3.2.x and 3.3.x are affected by a memory corruption
   vulnerability. Code dealing with the chaining of SMB1 packets did not
   correctly validate an input field provided by the [More...]

   http://www.linuxsecurity.com/content/view/152636

* Mandriva: 2010:118: sudo (Jun 17)
   ---------------------------------
   A vulnerability has been discovered and corrected in sudo: The secure
   path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0
   through 1.7.2p6 does not properly handle an environment that contains
   multiple PATH variables, which might allow local users [More...]

   http://www.linuxsecurity.com/content/view/152628

------------------------------------------------------------------------

* Red Hat: 2010:0501-01: firefox: Critical Advisory (Jun 22)
   ----------------------------------------------------------
   Updated firefox packages that address several security issues, fix
   bugs, add numerous enhancements, and upgrade Firefox to version
   3.6.4, are now available for Red Hat Enterprise Linux 5. [More...]

   http://www.linuxsecurity.com/content/view/152668

* Red Hat: 2010:0500-01: firefox: Critical Advisory (Jun 22)
   ----------------------------------------------------------
   An updated firefox package that addresses security issues, fixes
   bugs, adds numerous enhancements, and upgrades Firefox to version
   3.6.4, is now available for Red Hat Enterprise Linux 4. [More...]

   http://www.linuxsecurity.com/content/view/152666

* Red Hat: 2010:0499-01: seamonkey: Critical Advisory (Jun 22)
   ------------------------------------------------------------
   Updated seamonkey packages that fix several security issues are now
   available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security
   Response Team has rated this update as having critical [More...]

   http://www.linuxsecurity.com/content/view/152667

* Red Hat: 2010:0490-01: cups: Important Advisory (Jun 17)
   --------------------------------------------------------
   Updated cups packages that fix three security issues are now
   available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat
   Security Response Team has rated this update as having [More...]

   http://www.linuxsecurity.com/content/view/152639

* Red Hat: 2010:0489-01: java-1.5.0-ibm: Critical Advisory (Jun 17)
   -----------------------------------------------------------------
   Updated java-1.5.0-ibm packages that fix several security issues are
   now available for Red Hat Enterprise Linux 4 Extras and 5
   Supplementary. The Red Hat Security Response Team has rated this
   update as having critical [More...]

   http://www.linuxsecurity.com/content/view/152638

------------------------------------------------------------------------

* Slackware: 2010-169-01: samba: Security Update (Jun 18)
   -------------------------------------------------------
   New samba packages are available for Slackware 10.0, 10.1, 10.2,
   11.0, 12.0, 12.1, 12.2, and 13.0 to fix a security issue.  [More
   Info...]

   http://www.linuxsecurity.com/content/view/152646

------------------------------------------------------------------------

* Ubuntu: 954-1: tiff vulnerabilities (Jun 21)
   --------------------------------------------
   Kevin Finisterre discovered that the TIFF library did not correctly
   handlecertain image structures.  If a user or automated system were
   trickedinto opening a specially crafted TIFF image, a remote attacker
   couldexecute arbitrary code with user privileges, or crash the
   application,leading to a denial of service. (CVE-2010-1411) [More...]

   http://www.linuxsecurity.com/content/view/152659

* Ubuntu: 955-1: OPIE vulnerability (Jun 21)
   ------------------------------------------
   Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE
   incorrectlyhandled long usernames. A remote attacker could exploit
   this with a craftedusername and make applications linked against
   libopie crash, leading to adenial of service. [More...]

   http://www.linuxsecurity.com/content/view/152657

* Ubuntu: 952-1: CUPS vulnerabilities (Jun 21)
   --------------------------------------------
   Adrian Pastor and Tim Starling discovered that the CUPS web
   interfaceincorrectly protected against cross-site request forgery
   (CSRF) attacks. Ifan authenticated user were tricked into visiting a
   malicious website whilelogged into CUPS, a remote attacker could
   modify the CUPS configuration andpossibly steal confidential data.
   (CVE-2010-0540) [More...]

   http://www.linuxsecurity.com/content/view/152658

------------------------------------------------------------------------

* Pardus: 2010-82: texlive-core: Integer Overflow (Jun 24)
   --------------------------------------------------------
   An integer overflow has been fixed in texlive-core which can be used
   by malicious people to execute arbitrary code.

   http://www.linuxsecurity.com/content/view/152676

* Pardus: 2010-85: perl-libwww: Unexpected Download (Jun 24)
   ----------------------------------------------------------
   A vulnerability has been fixed in perl-libwww which can allow
   malicious users to overwrite existing files (such as .bashrc)

   http://www.linuxsecurity.com/content/view/152677

* Pardus: 2010-86: ncompress: Integer Underflow (Jun 24)
   ------------------------------------------------------
   An integer underflow vulnerability has been fixed which can be used
   by malicious people to cause denial of service.

   http://www.linuxsecurity.com/content/view/152678

* Pardus: 2010-87: dhcp: Denial of Service (Jun 24)
   -------------------------------------------------
   A vulnerability has been fixed in dhcp which can be used by malicious
   people to cause denial of service

   http://www.linuxsecurity.com/content/view/152679

* Pardus: 2010-88: perl: Multiple Vulnerabilities (Jun 24)
   --------------------------------------------------------
   Multiple vulnerabilities in Safe.pm module in perl have been fixed.

   http://www.linuxsecurity.com/content/view/152680

* Pardus: 2010-84: dvipng: Denial of Service (Jun 24)
   ---------------------------------------------------
   Multiple array index errors have been fixed which can allow malicious
   users to cause denial of service.

   http://www.linuxsecurity.com/content/view/152681

* Pardus: 2010-83: flashplugin: Multiple (Jun 24)
   -----------------------------------------------
   Multiple vulnerabilities have been fixed in flashplugin.

   http://www.linuxsecurity.com/content/view/152682

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request_at_private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com
Received on Sun Jun 27 2010 - 22:41:50 PDT

This archive was generated by hypermail 2.2.0 : Sun Jun 27 2010 - 22:47:05 PDT