+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| July 21st 2006 Volume 7, Number 30a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for rssh, samba, Linux kernel,
mysql-dfsg, zone, php, webmin, libtunepimp, gimp, wireshark, freetype,
libwmf, openssh, elfutils, and seamonkey. The distributors include
Debian, Mandriva, and Red Hat.
---
CRYPTOCard Two-Factor Authentication
Are you a Linux consultant with expertise in network security?
Join CRYPTOCard's Linux Consultants program and learn about how you can
help your clients implement secure authentication solutions. Click here
for more information:
http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=cc_nl
---
Packet Sniffing Overview
By: Suhas Desai
Prevention
The best way to secure you against sniffing is to use encryption.
While this won.t prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
Sniffing Tools
* tcpdump: Tcpdump is a powerful tool that allows us to sniff network
packets and make some statistical analysis out of those dumps. One
major drawback to tcpdump is the size of the flat file containing
the text output. But tcpdump allows us to precisely see all the
traffic and enables us to create statistical monitoring scripts.
* sniffit: Robust packet sniffer with good filtering.
* Ethereal: A free network protocol analyzer for UNIX and Windows.
It allows you to examine data from a live network or from a capture
file on disk.
* Hunt: The main goal of the HUNT project is to develop tools for
exploiting well-known weaknesses in the TCP/IP protocol suite.
* Dsniff: dsniff is a collection of tools for network auditing
and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf,
urlsnarf, and webspy passively monitor a network for interesting
data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and
macof facilitate the interception of network traffic normally
unavailable to an attacker (e.g, due to layer-2 switching).
sshmitm and webmitm implement active monkey-in-the-middle
attacks against redirected SSH and HTTPS sessions by
exploiting weak bindings in ad-hoc PKI.
Read full article:
http://www.linuxsecurity.com/content/view/123570/49/
----------------------
Review: How To Break Web Software
With a tool so widely used by so many different types of
people like the World Wide Web, it is necessary for everyone
to understand as many aspects as possible about its
functionality. From web designers to web developers to web
users, this is a must read. Security is a job for everyone
and How To Break Web Software by Mike Andrews and James A.
Whittaker is written for everyone to understand.
http://www.linuxsecurity.com/content/view/122713/49/
---
EnGarde Secure Linux v3.0.7 Now Available
Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.7 (Version 3.0, Release 7). This
release includes several bug fixes and feature enhancements
to the Guardian Digital WebTool and the SELinux policy,
several updated packages, and several new packages
available for installation.
http://www.linuxsecurity.com/content/view/123016/65/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New rssh packages fix privilege escalation
16th, July, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123592
* Debian: New samba packages fix denial of service
16th, July, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123593
* Debian: New Linux kernel 2.6.8 packages fix privilege escalation
16th, July, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123594
* Debian: New mysql-dfsg-4.1 packages fix denial of service
17th, July, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123616
* Debian: New zope2.7 packages fix information disclosure
18th, July, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123638
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated php packages fix multiple vulnerabilities
13th, July, 2006
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21
and earlier may allow remote attackers to execute arbitrary code via
malformed image files that trigger the overflows due to improper
calls to the gdMalloc function. One instance in gd_io_dp.c does not
appear to be corrected in the embedded copy of GD used in php to
build the php-gd package. CVE-2004-0941 CVE-2006-1017 CVE-2006-2563
CVE-2006-2660 CVE-2006-2906 CVE-2006-3017 CVE-2006-3018 CVE-2004-0941
CVE-2004-0990, CVE-2006-2906 CVE-2006-2563
http://www.linuxsecurity.com/content/view/123563
* Mandriva: Updated kernel packages fixes multiple vulnerabilities
13th, July, 2006
A number of vulnerabilities were discovered and corrected in the
Linux 2.6 kernel: CVE-2006-1343 CVE-2006-1368 CVE-2006-1528
CVE-2006-1856 CVE-2006-1857 CVE-2006-1858 CVE-2006-1859 CVE-2006-1860
CVE-2006-2274 CVE-2006-2445
http://www.linuxsecurity.com/content/view/123565
* Mandriva: Updated kernel packages fix privilege escalation
vulnerability
18th, July, 2006
A race condition in the Linux kernel 2.6.17.4 and earlier allows
local users to obtain root privileges due to a race condition in the
/proc filesystem.
http://www.linuxsecurity.com/content/view/123637
* Mandriva: Updated webmin packages fix arbitray file read
vulnerability.
18th, July, 2006
Webmin before 1.290 and Usermin before 1.220 calls the simplify_path
function before decoding HTML, which allows remote attackers to read
arbitrary files. NOTE: This is a different issue than CVE-2006-3274.
Updated packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/123640
* Mandriva: Updated libtunepimp packages fixes buffer overflow
vulnerabilities.
18th, July, 2006
Kevin Kofler discovered multiple stack-based buffer overflows in the
LookupTRM::lookup function in libtunepimp 0.4.2 that allow remote
user-complicit attackers to cause a denial of service (application
crash) and possibly execute code via a long (1) Album release date
(MBE_ReleaseGetDate), (2) data, or (3) error strings. Updated
packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/123641
* Mandriva: Updated gimp packages fix buffer overflow vulnerability.
18th, July, 2006
A buffer overflow in the xcf_load_vector function in
app/xcf/xcf-load.c for gimp 2.2.x allows user-complicit attackers to
cause a denial of service (crash) and possibly execute arbitrary code
via an XCF file with a large num_axes value in the VECTORS property.
Updated packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/123642
* Mandriva: Updated wireshark packages fix numerous vulnerabilities
19th, July, 2006
A number of vulnerabilities have been discovered in the Wireshark
(formerly Ethereal) network analyzer. These issues have been
corrected in Wireshark version 0.99.2 which is provided with this
update.
http://www.linuxsecurity.com/content/view/123643
* Mandriva: Updated freetype2 packages fixes overflow vulnerability.
20th, July, 2006
An additional overflow, similar to those corrected by patches for
CVE-2006-1861 was found in libfreetype. If a user loads a carefully
crafted font file with a program linked against FreeType, it could
cause the application to crash or execute arbitrary code as the user.
Updated packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/123671
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Important: kernel security update
13th, July, 2006
Updated kernel packages that fix a number of security issues as well
as other bugs are now available for Red Hat Enterprise Linux 2.1 (32
bit architectures) This security advisory has been rated as having
important security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123561
* RedHat: Moderate: kernel security update
13th, July, 2006
Updated kernel packages that fix a number of security issues as well
as other bugs are now available for Red Hat Enterprise Linux 2.1 (64
bit architectures) This security advisory has been rated as having
important security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123562
* RedHat: Moderate: freetype security update
18th, July, 2006
Updated freetype packages that fix several security flaws are now
available for Red Hat Enterprise Linux. This update has been rated as
having moderate security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/123619
* RedHat: Moderate: gnupg security update
18th, July, 2006
An updated GnuPG package that fixes a security issue is now
available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123620
* RedHat: Moderate: libwmf security update
18th, July, 2006
Updated libwmf packages that fix a security flaw are now available
for Red Hat Enterprise Linux 4. This update has been rated as having
moderate security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123621
* RedHat: Moderate: gimp security update
18th, July, 2006
Updated gimp packages that fix a security issue are now available for
Red Hat Enterprise Linux 4. This update has been rated as having
moderate security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123624
* RedHat: Low: openssh security update
20th, July, 2006
Updated openssh packages that fix bugs in sshd are now available for
Red Hat Enterprise Linux 3. This update has been rated as having low
security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123667
* RedHat: Low: elfutils security update
20th, July, 2006
Updated elfutils packages that address a minor security issue and
various other issues are now available. This update has been rated
as having low security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123668
* RedHat: Critical: seamonkey security update (was mozilla)
20th, July, 2006
Updated seamonkey packages that fix several security bugs in the
mozilla package are now available for Red Hat Enterprise Linux 3.
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/123669
* RedHat: Important: Updated kernel packages for Red Hat
20th, July, 2006
Updated kernel packages are now available as part of ongoing support
and maintenance of Red Hat Enterprise Linux version 3. This is the
eighth regular update. This security advisory has been rated as
having important security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/123670
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
