Linux Advisory Watch - August 4th 2006

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+---------------------------------------------------------------------+
|  LinuxSecurity.com                               Weekly Newsletter  |
|  August 4th 2006                              Volume 7, Number 32a  |
+---------------------------------------------------------------------+

  Editors:      Dave Wreski                     Benjamin D. Thomas
                dave@xxxxxxxxxxxxxxxxx          ben@xxxxxxxxxxxxxxxxx

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week.  It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for asterisk, drupal, ethereal,
heartbeat, osiris, apache, apache2, sitebar, mantis, thunderbird,
libtunepimp, gpdf, tiff, cfs, wireshark, httpd, java, dump, gnupg,
gnome-icon-theme, php, pdnsd, ruby, Quake3, MySQL, Nagios,
libextractor, quagga, cherrypy, opera, dia, tor, pound, awstats,
vixie cron, wordpress, zgv, spamassassin, cscope, dokuwiki,
openldap, sendmail, typespeed, aRts, KDM, wv2, EntergyMech,
Mutt, Tikiwiki, Kiax, mpg123, libTiff, postgresql, libpng,
xine-lib, gimp, wireshark, samba, php, libwmf, mod_rewrite,
safe-level, freeciv, kdegraphics, seamonkey, firefox, gnupg,
freetype.  The distributors include Debian, Fedora, Gentoo,
Mandriva, Red Hat, and SuSE.

---

CRYPTOCard Two-Factor Authentication

Are you a Linux consultant with expertise in network security?
Join CRYPTOCard's Linux Consultants program and learn about how you can
help your clients implement secure authentication solutions. Click here
for more information:

http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=cc_nl

---

EnGarde Secure Community 3.0.8 Released

Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.8 (Version 3.0, Release 8). This release includes
several bug fixes and feature enhancements to the Guardian Digital
WebTool, several updated packages, and several new packages
available for installation.

The following reported bugs from bugs.engardelinux.org are fixed
in this release:

#0000024 Kernel 2.6.14.3 is out
#0000026 PHP5 packages are not compiled with MySQL support
#0000049 Perl 5.8.8 is out.
#0000058 Can't install package perl-MIME-Base64 ...
#0000069 Kernel Upgrade to Suupport NATH323
#0000070 Alias Resolution Problem
#0000071 Issues creating new mail addresses...
#0000072 WebTool Log Refresh
#0000074 WebTool Package List

Several other bugs are fixed in this release as well.

New features include:

* A new Italian translation of the Guardian Digital WebTool,
courtesy of Vincenzo Ciaglia.

To use this translation go into to the WebTool Configuration module,
click on your username (normally 'admin'), and select Italian from
the drop-down.

* A new "Guardian Digital WebTool API Guide" document on
engardelinux.org.This document is intended for people who are
interested in extending the Guardian Digital WebTool by writing
new interfaces/modules and for people who are interested in using
the API for other applications.

This document was written by Ankit Patel with contributions
from Ryan W. Maple.

* Updated PCI tables and better detection of more recent hardware.

* Updated glibc (2.3.6), kernel (2.6.17.7), and perl (5.8.8) packages.

* The latest stable versions of asterisk (1.2.10),
bacula (1.38.11), clamav (0.88.3), gdb (6.5), gnupg (1.4.4),
john (1.7.2), mrtg (2.14.5), postfix (2.2.11), procps (3.2.7),
samba (3.0.23a), snort (2.4.5) and zaptel (1.2.7).

* A couple of new packages:

- freepops (0.0.99)
FreePOPs is a daemon that acts as a local pop3 server, translating
local pop3 requests to remote http requests to supported webmails.

- hwdata (0.177) and pciutils (2.2.1)
hwdata contains various hardware identification and configuration
data, such as the pci.ids database and MonitorsDb databases. The
pciutils package contains various utilities for inspecting and
setting devices connected to the PCI bus.

- perl-Authen-Smb (0.91)
This package supplies a perl module for authenticating against
an SMB password server.

- squid (2.6.STABLE1)
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and
especially hot objects cached in RAM, caches DNS lookups,
supports non-blocking DNS lookups, and implements negative
caching of failed requests.

All new users downloading EnGarde Secure Linux for the first
time or users who use the LiveCD environment should download
this release.

Users who are currently using EnGarde Secure Linux do not need
to download this release -- they can update their machines via
the Guardian Digital Secure Network WebTool module.

Downloading
-----------
Below are the MD5 sums for the i686 and x86_64 ISO images:

36bcfe87468515355a1e41fc6bd7230fengarde-community-3.0.8.i686.iso
f86fac5b78a1fd5a69d6e38684d35bdcengarde-community-3.0.8.x86_64.iso

You may download this ISO image via FTP or BitTorrent by following
the "Download Now!" link from engardelinux.org:

http://www.engardelinux.org/
http://www.linuxsecurity.com/content/view/123902/65/

----------------------


Packet Sniffing Overview

The best way to secure you against sniffing is to use encryption.
While this won.t prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.

http://www.linuxsecurity.com/content/view/123570/49/

---

Review: How To Break Web Software

With a tool so widely used by so many different types of
people like the World Wide Web, it is necessary for everyone
to understand as many aspects as possible about its
functionality. From web designers to web developers to web
users, this is a must read. Security is a job for everyone
and How To Break Web Software by Mike Andrews and James A.
Whittaker is written for everyone to understand.

http://www.linuxsecurity.com/content/view/122713/49/

---

EnGarde Secure Linux v3.0.7 Now Available

Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.7 (Version 3.0, Release 7).  This
release includes several bug fixes and feature enhancements
to the Guardian Digital WebTool and the SELinux policy,
several updated packages, and several new packages
available for installation.

http://www.linuxsecurity.com/content/view/123016/65/

--------

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf


+---------------------------------+
|  Distribution: Debian           | ----------------------------//
+---------------------------------+

* Debian: New Asterisk packages fix denial of service
  27th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123749


* Debian: New drupal packages fix execution of arbitrary web script
code (revised packages)
  27th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123758


* Debian: New ethereal packages fix several vulnerabilities
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123767


* Debian: New heartbeat packages fix local denial of service
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123768


* Debian: New osiris packages fix arbitrary code execution
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123774


* Debian: New apache package fix buffer overflow
  1st, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123897


* Debian: New apache2 packages fix buffer overflow
  1st, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123901


* Debian: New sitebar packages fix cross-site scripting
  1st, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123903


* Debian: New mantis packages fix execution of arbitrary web script
code
  1st, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123912


* Debian: New Mozilla Thunderbird packages fix several
vulnerabilities
  2nd, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123916


* Debian: New libtunepimp packages fix arbitrary code execution
  2nd, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123917


* Debian: New gpdf packages fix denial of service
  2nd, August, 2006

"infamous41md" and Chris Evans discovered several heap based buffer
overflows in xpdf, the Portable Document Format (PDF) suite, which
are also present in gpdf, the viewer with Gtk bindings, and which can
lead to a denial of service by crashing the application or possibly
to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123933


* Debian: New tiff packages fix several vulnerabilities
  2nd, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123935


* Debian: New cfs packages fix denial of service
  2nd, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123939



+---------------------------------+
|  Distribution: Fedora           | ----------------------------//
+---------------------------------+

* Fedora Core 5 Update: wireshark-0.99.2-fc5.2
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123775


* Fedora Core 4 Update: httpd-2.0.54-10.4
  28th, July, 2006

This update fixes a security issue in the mod_rewrite module. Mark
Dowd of McAfee Avert Labs reported an off-by-one security problem in
the LDAP scheme handling of the mod_rewrite module.

http://www.linuxsecurity.com/content/view/123776


* Fedora Core 5 Update: httpd-2.2.2-1.2
  28th, July, 2006

This update fixes a security issue in the mod_rewrite module. Mark
Dowd of McAfee Avert Labs reported an off-by-one security problem in
the LDAP scheme handling of the mod_rewrite module.

http://www.linuxsecurity.com/content/view/123777


* Fedora Core 5 Update: java-1.4.2-gcj-compat-1.4.2.0-40jpp_83rh.1
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123877


* Fedora Extras dump-package security update (CVE-2006-3668)
  31st, July, 2006

Luigi Auriemma discovered that DUMB, a tracker music library,
performs insufficient sanitising of values parsed from IT music
files. This could result in a heap-based buffer overflow in the
it_read_envelope function in Dynamic Universal Music Bibliotheque
(DUMB) 0.9.3 and earlier and current CVS as of 20060716, including
libdumb, allows user-complicit attackers to execute arbitrary code
via a ".it" (Impulse Tracker) file with an envelope with a large
number of nodes.


http://www.linuxsecurity.com/content/view/123889


* Fedora Core 5 Update: libtiff-3.7.4-8
  2nd, August, 2006

The libtiff package contains a library of functions for manipulating
TIFF (Tagged Image File Format) files. Tavis Ormandy of Google
discovered a number of flaws in libtiff during a security audit. An
attacker could create a carefully crafted TIFF file in such a way
that it was possible to cause an application linked with libtiff to
crash or possibly execute arbitrary code. (CVE-2006-3459,
CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463,
CVE-2006-3464, CVE-2006-3465) All users are advised to upgrade to
these updated packages,
which contain backported fixes for these issues.

http://www.linuxsecurity.com/content/view/123921


* Fedora Core 4 Update: libtiff-3.7.1-6.fc4.3
  2nd, August, 2006

The libtiff package contains a library of functions for manipulating
TIFF (Tagged Image File Format) files. Tavis Ormandy of Google
discovered a number of flaws in libtiff during a security audit. An
attacker could create a carefully crafted TIFF file in such a way
that it was possible to cause an application linked with libtiff to
crash or possibly execute arbitrary code. (CVE-2006-3459,
CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463,
CVE-2006-3464, CVE-2006-3465) All users are advised to upgrade to
these updated packages,
which contain backported fixes for these issues.

http://www.linuxsecurity.com/content/view/123922


* Fedora Core 4 Update: gnupg-1.4.5-1
  2nd, August, 2006

This update upgrades GnuPG to version 1.4.5 to correct errors in the
parsing of certain types of packets.

http://www.linuxsecurity.com/content/view/123940


* Fedora Core 5 Update: gnupg-1.4.5-2
  2nd, August, 2006

This update upgrades GnuPG to version 1.4.5 to correct errors in the
parsing of certain types of packets.

http://www.linuxsecurity.com/content/view/123941


* Fedora Core 5 Update: gnome-icon-theme-2.14.2-1.fc5.2
  2nd, August, 2006

The %post script in the gnome-icon-theme package had problems with
icon theme names containing spaces. This update fixes this problem.

http://www.linuxsecurity.com/content/view/123942



+---------------------------------+
|  Distribution: Gentoo           | ----------------------------//
+---------------------------------+

* Gentoo: PHP Multiple vulnerabilities
  28th, July, 2006

PHP is affected by multiple issues, including a buffer overflow in
wordwrap() which may lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123810


* Gentoo: Mozilla Thunderbird Multiple vulnerabilities
  28th, July, 2006

Several vulnerabilities in Mozilla Thunderbird allow attacks ranging
from script execution with elevated privileges to information leaks.

http://www.linuxsecurity.com/content/view/123811


* Gentoo: pdnsd Denial of Service and potential arbitrary code
execution
  28th, July, 2006

pdnsd is vulnerable to a buffer overflow that may result in arbitrary
code execution.

http://www.linuxsecurity.com/content/view/123812


* Gentoo: Ruby Denial of Service
  28th, July, 2006

Ruby WEBrick and XMLRPC servers are vulnerable to Denial of Service.

http://www.linuxsecurity.com/content/view/123813


* Gentoo: Quake 3 engine based games Buffer Overflow
  28th, July, 2006

The Quake 3 engine has a vulnerability that could be exploited to
execute arbitrary code.

http://www.linuxsecurity.com/content/view/123814


* Gentoo: MySQL Information leakage
  28th, July, 2006

A MySQL server may leak information to unauthorized users.

http://www.linuxsecurity.com/content/view/123815


* Gentoo: MySQL Information leakage
  28th, July, 2006

For a short time version 4.0.27 was incorrectly listed as vulnerable
and the resolution incorrectly forced an upgrade to 4.1.x for 4.0.x
users. The updated sections appear below.

http://www.linuxsecurity.com/content/view/123816


* Gentoo: Nagios Buffer overflow
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123817


* Gentoo: libextractor Two heap-based buffer overflows
  28th, July, 2006

libextractor is vulnerable to two heap overflow vulnerabilities which
could lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123818


* Gentoo: Quagga Routing Suite Multiple vulnerabilities
  28th, July, 2006

Quagga's RIP daemon allows the injection of routes and the disclosure
of routing information. The BGP daemon is vulnerable to a Denial of
Service.

http://www.linuxsecurity.com/content/view/123819


* Gentoo: CherryPy Directory traversal vulnerability
  28th, July, 2006

CherryPy is vulnerable to a directory traversal that could allow
attackers to read arbitrary files.

http://www.linuxsecurity.com/content/view/123820


* Gentoo: libTIFF Multiple vulnerabilities
  28th, July, 2006

Multiple vulnerabilities in libTIFF could lead to the execution of
arbitrary code or a Denial of Service.

http://www.linuxsecurity.com/content/view/123821


* Gentoo: Opera Buffer overflow
  28th, July, 2006

Opera contains an integer signedness error resulting in a buffer
overflow which may allow a remote attacker to execute arbitrary code.

http://www.linuxsecurity.com/content/view/123822


* Gentoo: shadow Privilege escalation
  28th, July, 2006

A security issue in shadow allows a local user to perform certain
actions with escalated privileges.

http://www.linuxsecurity.com/content/view/123823


* Gentoo: Dia Format string vulnerabilities
  28th, July, 2006

Format string vulnerabilities in Dia may lead to the execution of
arbitrary code.

http://www.linuxsecurity.com/content/view/123824


* Gentoo: Tor Several vulnerabilities
  28th, July, 2006

Tor is vulnerable to a possible buffer overflow, a Denial of Service,
information disclosure and information leak.

http://www.linuxsecurity.com/content/view/123825


* Gentoo: Pound HTTP request smuggling
  28th, July, 2006

Pound is vulnerable to HTTP request smuggling, which could be
exploited to bypass security restrictions or poison web caches.

http://www.linuxsecurity.com/content/view/123826


* Gentoo: AWStats Remote execution of arbitrary code
  28th, July, 2006

AWStats contains a bug in the sanitization of the input parameters
which can lead to the remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123827


* Gentoo: Vixie Cron Privilege Escalation
  28th, July, 2006

Vixie Cron allows local users to execute programs as root.

http://www.linuxsecurity.com/content/view/123828


* Gentoo: WordPress Arbitrary command execution
  28th, July, 2006

WordPress fails to sufficiently check the format of cached username
data.

http://www.linuxsecurity.com/content/view/123829


* Gentoo: zgv Heap overflow
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123830


* Gentoo: SpamAssassin Execution of arbitrary code
  28th, July, 2006

SpamAssassin, when running with certain options, could allow local or
even remote attackers to execute arbitrary commands, possibly as the
root user.

http://www.linuxsecurity.com/content/view/123831


* Gentoo: Cscope Many buffer overflows
  28th, July, 2006

Cscope is vulnerable to multiple buffer overflows that could lead to
the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123832


* Gentoo: JPEG library Denial of Service
  28th, July, 2006

The JPEG library is vulnerable to a Denial of Service.

http://www.linuxsecurity.com/content/view/123833


* Gentoo: Mozilla Firefox Multiple vulnerabilities
  28th, July, 2006

Vulnerabilities in Mozilla Firefox allow privilege escalations for
JavaScript code, cross site scripting attacks, HTTP response
smuggling and possibly the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123834


* Gentoo: MySQL SQL Injection
  28th, July, 2006

MySQL is vulnerable to an SQL Injection flaw in the multi-byte
encoding process.

http://www.linuxsecurity.com/content/view/123835


* Gentoo: Tor Several vulnerabilities
  28th, July, 2006

Tor is vulnerable to a possible buffer overflow, a Denial of Service,
information disclosure and information leak.

http://www.linuxsecurity.com/content/view/123836


* Gentoo: GDM Privilege escalation
  28th, July, 2006

An authentication error in GDM could allow users to gain elevated
privileges.

http://www.linuxsecurity.com/content/view/123837


* Gentoo: Asterisk IAX2 video frame buffer overflow
  28th, July, 2006

Asterisk contains a bug in the IAX2 channel driver making it
vulnerable to the remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123838


* Gentoo: DokuWiki PHP code injection
  28th, July, 2006

A flaw in DokuWiki's spell checker allows for the execution of
arbitrary PHP commands, even without proper authentication.

http://www.linuxsecurity.com/content/view/123839


* Gentoo: OpenLDAP Buffer overflow
  28th, July, 2006

The OpenLDAP replication server slurpd contains a buffer overflow
that could result in arbitrary code execution.

http://www.linuxsecurity.com/content/view/123840


* Gentoo: PAM-MySQL Multiple vulnerabilities
  28th, July, 2006

Vulnerabilities in PAM-MySQL can lead to a Denial of Service, making
it impossible to log into a machine.

http://www.linuxsecurity.com/content/view/123841


* Gentoo: Sendmail Denial of Service
  28th, July, 2006

Faulty multipart MIME messages can cause forked Sendmail processes to
crash.

http://www.linuxsecurity.com/content/view/123842


* Gentoo: Typespeed Remote execution of arbitrary code
  28th, July, 2006

A buffer overflow in the network code of Typespeed can lead to the
execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123843


* Gentoo: Mozilla Thunderbird Multiple vulnerabilities
  28th, July, 2006

Several vulnerabilities in Mozilla Thunderbird allow cross site
scripting, JavaScript privilege escalation and possibly execution of
arbitrary code.

http://www.linuxsecurity.com/content/view/123844


* Gentoo: aRts Privilege escalation
  28th, July, 2006

The artswrapper part of aRts allows local users to execute arbitrary
code with elevated privileges.

http://www.linuxsecurity.com/content/view/123845


* Gentoo: KDM Symlink vulnerability
  28th, July, 2006

KDM is vulnerable to a symlink vulnerability that can lead to
disclosure of information.

http://www.linuxsecurity.com/content/view/123846


* Gentoo: wv2 Integer overflow
  28th, July, 2006

An integer overflow could allow an attacker to execute arbitrary
code.

http://www.linuxsecurity.com/content/view/123847


* Gentoo: Hashcash Possible heap overflow
  28th, July, 2006

A heap overflow vulnerability in the Hashcash utility could allow an
attacker to execute arbitrary code.

http://www.linuxsecurity.com/content/view/123848


* Gentoo: EnergyMech Denial of Service
  28th, July, 2006

A Denial of Service vulnerability was discovered in EnergyMech that
is easily exploitable via IRC.

http://www.linuxsecurity.com/content/view/123849


* Gentoo: Mutt Buffer overflow
  28th, July, 2006

Mutt contains a buffer overflow that could result in arbitrary code
execution.

http://www.linuxsecurity.com/content/view/123850


* Gentoo: Horde Web Application Framework XSS vulnerability
  28th, July, 2006

The Horde Web Application Framework is vulnerable to a cross-site
scripting vulnerability.

http://www.linuxsecurity.com/content/view/123851


* Gentoo: Tikiwiki SQL injection and multiple XSS vulnerabilities
  28th, July, 2006

An SQL injection vulnerability and multiple XSS vulnerabilities have
been discovered.

http://www.linuxsecurity.com/content/view/123852


* Gentoo: Kiax Arbitrary code execution
  28th, July, 2006

A security vulnerability in the iaxclient library could lead to the
execution of arbitrary code by a remote attacker.

http://www.linuxsecurity.com/content/view/123853


* Gentoo: mpg123 Heap overflow
  28th, July, 2006

A heap overflow in mpg123 was discovered, which could result in the
execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123854


* Gentoo: FreeType Multiple integer overflows
  28th, July, 2006

Multiple remotely exploitable buffer overflows have been discovered
in FreeType, resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123855


* Gentoo: libTIFF Multiple buffer overflows
  28th, July, 2006

libTIFF contains buffer overflows that could result in arbitrary code
execution.

http://www.linuxsecurity.com/content/view/123856


* Gentoo: PostgreSQL SQL injection
  28th, July, 2006

A flaw in the multibyte character handling allows execution of
arbitrary SQL statements.

http://www.linuxsecurity.com/content/view/123857


* Gentoo: PostgreSQL SQL injection
  28th, July, 2006

A flaw in the multibyte character handling allows execution of
arbitrary SQL statements.

http://www.linuxsecurity.com/content/view/123858


* Gentoo: PostgreSQL SQL injection
  28th, July, 2006

A flaw in the multibyte character handling allows execution of
arbitrary SQL statements.

http://www.linuxsecurity.com/content/view/123859


* Gentoo: libpng Buffer overflow
  28th, July, 2006

A buffer overflow has been found in the libpng library that could
lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123860


* Gentoo: xine-lib Buffer overflow
  28th, July, 2006

A buffer overflow has been found in the libmms library shipped with
xine-lib, potentially resulting in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123861


* Gentoo: GIMP Buffer overflow
  28th, July, 2006

GIMP is prone to a buffer overflow which may lead to the execution of
arbitrary code when loading specially crafted XCF files.

http://www.linuxsecurity.com/content/view/123862


* Gentoo: GIMP Buffer overflow
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123863


* Gentoo: Wireshark Multiple vulnerabilities
  28th, July, 2006

Wireshark (formerly known as Ethereal) is vulnerable to several
security issues, potentially allowing the execution of arbitrary code
by a remote attacker.

http://www.linuxsecurity.com/content/view/123864


* Gentoo: Samba Denial of Service vulnerability
  28th, July, 2006

A large number of share connection requests could cause a Denial of
Service within Samba.

http://www.linuxsecurity.com/content/view/123865


* Gentoo: TunePimp Buffer overflow
  28th, July, 2006

A vulnerability in TunePimp has been reported which could lead to the
execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123866


* Gentoo: OpenOffice.org Multiple vulnerabilities
  28th, July, 2006

OpenOffice.org is affected by three security vulnerabilities which
can be exploited to allow the execution of arbitrary code by a remote
attacker.

http://www.linuxsecurity.com/content/view/123868


* Gentoo: Audacious Multiple heap and buffer overflows
  29th, July, 2006

The adplug library included in Audacious is vulnerable to various
overflows that could result in the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123878


* Gentoo: Samba Denial of Service vulnerability
  30th, July, 2006

A large number of share connection requests could cause a Denial of
Service within Samba.

http://www.linuxsecurity.com/content/view/123879


* Gentoo: PHP Multiple vulnerabilities
  30th, July, 2006

The initial fix did not properly fix the CVE-2006-1990 issue on 64
bit systems. The updated sections appear below.

http://www.linuxsecurity.com/content/view/123880


* Gentoo: Apache Off-by-one flaw in mod_rewrite
  1st, August, 2006

A flaw in mod_rewrite could result in a Denial of Service or the
execution of arbitrary code.

http://www.linuxsecurity.com/content/view/123900



+---------------------------------+
|  Distribution: Mandriva         | ----------------------------//
+---------------------------------+

* Mandriva: Updated libwmf packages fixes integer overflow
vulnerability
  28th, July, 2006

Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple
products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5)
libgsf, and  (6) imagemagick allows remote attackers to execute
arbitrary code via the MaxRecordSize header field in a WMF file.
Updated packages have been patched to correct this issue.

http://www.linuxsecurity.com/content/view/123778


* Mandriva: Updated apache packages fix mod_rewrite vulnerability
  28th, July, 2006

Mark Dowd, of McAffee Avert Labs, discovered a potential remotely
exploitable off-by-one flaw in Apache's mod_rewrite ldap scheme
handling.

http://www.linuxsecurity.com/content/view/123779


* Mandriva: Updated ruby packages fix safe-level vulnerabilities
  28th, July, 2006

A number of flaws were discovered in the safe-level restrictions in
the Ruby language.  Because of these flaws, it would be possible for
an attacker to create a carefully crafted malicious script that could
allow them to bypass certain safe-level restrictions. Updated
packages have been patched to correct this issue.

http://www.linuxsecurity.com/content/view/123874


* Mandriva: Updated freeciv packages fix DoS vulnerabilities
  31st, July, 2006

Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul
2006 and earlier, allows remote attackers to cause a denial of
service (crash) and possibly execute arbitrary code via a (1)
negative chunk_length or a (2) large chunk->offset value in a
PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_
player_attribute_chunk function in common/packets.c,
and (3) a large packet->length value in the handle_unit_orders
function in server/unithand.c.


http://www.linuxsecurity.com/content/view/123895


* Mandriva: Updated ImageMagick packages fix infinite loop issue
  31st, July, 2006

ImageMagick-5.5.7, in the ReadTIFFImage function, was found to be
susceptible to a condition that consumes 100% of the system cpu if
attempting to view a carefully crafted tif image using the "display"
or "identify" programs. This has already been addressed in newer
versions of ImageMagick and only effects the Corp3 products.

http://www.linuxsecurity.com/content/view/123896


* Mandriva: Updated kdegraphics packages fix multiple libtiff
vulnerabilities
  1st, August, 2006

Tavis Ormandy, Google Security Team, discovered several
vulnerabilites the libtiff image processing library.

http://www.linuxsecurity.com/content/view/123913


* Mandriva: Updated libtiff packages fix multiple vulnerabilities
  1st, August, 2006

Tavis Ormandy, Google Security Team, discovered several
vulnerabilites the libtiff image processing library.

http://www.linuxsecurity.com/content/view/123914



+---------------------------------+
|  Distribution: Red Hat          | ----------------------------//
+---------------------------------+

* RedHat: Critical: seamonkey security update
  27th, July, 2006

Updated seamonkey packages that fix several security bugs are now
available
for Red Hat Enterprise Linux 3. This update has been rated as having
critical security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/123760


* RedHat: Moderate: ruby security update
  27th, July, 2006

Updated ruby packages that fix security issues are now available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/123763


* RedHat: Critical: firefox security update
  28th, July, 2006

Updated firefox packages that fix several security bugs are now
available for Red Hat Enterprise Linux 4.  This update has been rated
as having critical security impact by the Red
Hat Security Response Team.

http://www.linuxsecurity.com/content/view/123875


* RedHat: Critical: thunderbird security update
  28th, July, 2006

Updated thunderbird packages that fix several security bugs are now
available for Red Hat Enterprise Linux 4. This update has been rated
as having critical security impact by the Red
Hat Security Response Team.

http://www.linuxsecurity.com/content/view/123876


* RedHat: Important: libtiff security update
  2nd, August, 2006

Updated libtiff packages that fix several security flaws are now
available for Red Hat Enterprise Linux. This update has been rated
as having important security impact by the Red Hat Security Response
Team.

http://www.linuxsecurity.com/content/view/123936


* RedHat: Moderate: gnupg security update
  2nd, August, 2006

Updated GnuPG packages that fix a security issue is now available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/123937


* RedHat: Critical: seamonkey security update
  2nd, August, 2006

Updated seamonkey packages that fix several security bugs in the
mozillapackage are now available for Red Hat Enterprise Linux 4.
This update has been rated as having critical security impact by
the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/123938


+---------------------------------+
|  Distribution: SuSE             | ----------------------------//
+---------------------------------+

* SuSE: apache,apache2 mod_rewrite problem
  28th, July, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123773


* SuSE: libtiff (SUSE-SA:2006:044)
  1st, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123905


* SuSE: freetype2 (SUSE-SA:2006:045)
  1st, August, 2006

Updated package.

http://www.linuxsecurity.com/content/view/123907



------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux