+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| August 11th 2006 Volume 7, Number 33a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were relesed for ruby, gnupg, freeciv, dhcp,
chmlib, krb5, drupal, gallery, ncompress, seamonkey, firefox,
thunderbird, libvncserver, mta, libtiff, mysql, webmin, x11vnc,
clamav, dumb, kerberos, and apache. The distributors include Debian,
Gentoo, Fedora, Mandriva, Red Hat and SuSE.
---
CRYPTOCard Two-Factor Authentication
Are you a Linux consultant with expertise in network security?
Join CRYPTOCard's Linux Consultants program and learn about how you can
help your clients implement secure authentication solutions. Click here
for more information:
http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=cc_nl
---
Goodbye, Netwosix. Hello, EnGarde!
Linux Netwosix was originally created with the goal of providing
a security environment for building and creating new security-
related solutions. With the passing of time I realized that the
project has failed to achieve its goals within 3 years of hard
work. This, among many reasons, is the most important because I
never received help from anyone. Regardless of the fact that
Netwosix has been downloaded by more than 60,000 users all
around the world, I'm here to announce the shutting down of
my dear project. Day after day I understand that I can't
create a "valid security-oriented product" alone.
If people choose to join the project since I made this decision,
I choose the way. I want to thank them but now I think that the
most important thing to do is this. There are a lot of GNU/Linux
distributions in the "arena" and I don't think that creating a
new one every day is a good move for GNU/Linux itself. So I
realized that it was better to help a well-known project to
realize something really important and big.
For this reason I decided to move to Guardian Digital, one of
the most important opensource security companies. It's really
growing quickly. I will work on their EnGarde Secure Linux and
in some way I am continuing to work on a really "secure" GNU/
Linux distribution. There I can work with a lot of good hackers
and it's a good possibility for me to exchange knowledge and
improve my skills.
With this letter, I would like to thank everyone who did
contribute to the project by downloading it and sending me
many comforting and encouraging email and my apologies for
the shutting down the project. I'd like to give my special
thanks to Dave Wreski, CEO of Guardian Digital, and
Ryan W. Maple for the great job position there.
Thanks,
Vincenzo Ciaglia - Guardian Digital, Inc.
----------------------
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption.
While this won.t prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
---
Review: How To Break Web Software
With a tool so widely used by so many different types of
people like the World Wide Web, it is necessary for everyone
to understand as many aspects as possible about its
functionality. From web designers to web developers to web
users, this is a must read. Security is a job for everyone
and How To Break Web Software by Mike Andrews and James A.
Whittaker is written for everyone to understand.
http://www.linuxsecurity.com/content/view/122713/49/
---
EnGarde Secure Linux v3.0.7 Now Available
Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.7 (Version 3.0, Release 7). This
release includes several bug fixes and feature enhancements
to the Guardian Digital WebTool and the SELinux policy,
several updated packages, and several new packages
available for installation.
http://www.linuxsecurity.com/content/view/123016/65/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New ruby1.6 packages fix privilege escalation
3rd, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123948
* Debian: New GnuPG packages fix denial of service
3rd, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123950
* Debian: New GnuPG2 packages fix denial of service
4th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123956
* Debian: New freeciv packages fix arbitrary code execution
4th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123959
* Debian: New dhcp packages fix denial of service
4th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123960
* Debian: New chmlib packages fix denial of service
7th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123982
* Debian: New krb5 packages fix privilege escalation
9th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124013
* Debian: New drupal packages fix cross-site scripting
9th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124437
* Debian: New gallery packages fix several vulnerabilities
9th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124441
* Debian: New ncompress packages fix potential code execution
10th, August, 2006
Tavis Ormandy from the Google Security Team discovered a missing
boundary check in ncompress, the original Lempel-Ziv compress and
uncompress programs, which allows a specially crafted datastream to
underflow a buffer with attacker controlled data.
http://www.linuxsecurity.com/content/view/124446
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
* Fedora Core 5 Update: krb5-1.4.3-5.1
9th, August, 2006
This update addresses MITKRB-SA-2006-001.
http://www.linuxsecurity.com/content/view/124436
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: Mozilla SeaMonkey Multiple vulnerabilities
3rd, August, 2006
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla SeaMonkey.
http://www.linuxsecurity.com/content/view/123949
* Gentoo: Mozilla Firefox Multiple vulnerabilities
3rd, August, 2006
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla Firefox.
http://www.linuxsecurity.com/content/view/123951
* Gentoo: Mozilla Thunderbird Multiple vulnerabilities
3rd, August, 2006
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla Thunderbird.
http://www.linuxsecurity.com/content/view/123953
* Gentoo: LibVNCServer Authentication bypass
4th, August, 2006
VNC servers created with LibVNCServer accept insecure protocol types,
even when the server does not offer it, resulting in unauthorized
access to the server.
http://www.linuxsecurity.com/content/view/123957
* Gentoo: Courier MTA Denial of Service vulnerability
4th, August, 2006
Courier MTA has fixed a DoS issue related to usernames containing a
"=" character.
http://www.linuxsecurity.com/content/view/123958
* Gentoo: libTIFF Multiple vulnerabilities
4th, August, 2006
libTIFF contains several vulnerabilities that could result in
arbitrary code execution.
http://www.linuxsecurity.com/content/view/123972
* Gentoo: Mozilla Firefox Multiple vulnerabilities
5th, August, 2006
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla Firefox.
http://www.linuxsecurity.com/content/view/123973
* Gentoo: GnuPG Integer overflow vulnerability
5th, August, 2006
GnuPG is vulnerable to an integer overflow that could lead to the
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/123974
* Gentoo: MySQL Denial of Service
6th, August, 2006
An authenticated user can crash MySQL through invalid parameters to
the date_format function.
http://www.linuxsecurity.com/content/view/123975
* Gentoo: pike SQL injection vulnerability
6th, August, 2006
A flaw in the input handling could lead to the execution of arbitrary
SQL statements in the underlying PostgreSQL database.
http://www.linuxsecurity.com/content/view/123976
* Gentoo: Webmin, Usermin File Disclosure
6th, August, 2006
Webmin and Usermin are vulnerable to an arbitrary file disclosure
through a specially crafted URL.
http://www.linuxsecurity.com/content/view/123977
* Gentoo: x11vnc Authentication bypass in included LibVNCServer code
7th, August, 2006
VNC servers created with x11vnc accept insecure protocol types, even
when the server does not offer it, resulting in the possibility of
unauthorized access to the server.
http://www.linuxsecurity.com/content/view/123983
* Gentoo: ClamAV Heap buffer overflow
8th, August, 2006
ClamAV is vulnerable to a heap-based buffer overflow resulting in a
Denial of Service and potentially remote execution of arbitrary code.
http://www.linuxsecurity.com/content/view/123995
* Gentoo: GnuPG Integer overflow vulnerability
8th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/123998
* Gentoo: DUMB Heap buffer overflow
8th, August, 2006
A heap-based buffer overflow in DUMB could result in the execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/124001
* Gentoo: MIT Kerberos 5 Multiple local privilege escalation (test
Falco for security@)
10th, August, 2006
Some applications shipped with MIT Kerberos 5 are vulnerable to local
privilege escalation.
http://www.linuxsecurity.com/content/view/124448
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated clamav packages fix vulnerability
8th, August, 2006
Damian Put discovered a boundary error in the UPX extraction module
in ClamAV which is used to unpack PE Windows executables. This could
be abused to cause a Denial of Service issue and potentially allow
for the execution of arbitrary code with the permissions of the user
running clamscan or clamd. Updated packages have been patched to
correct this issue.
http://www.linuxsecurity.com/content/view/124009
* Mandriva: Updated krb5 packages fix local privilege escalation
vulnerability
9th, August, 2006
A flaw was discovered in some bundled Kerberos-aware packages that
would fail to check the results of the setuid() call. This call can
fail in some circumstances on the Linux 2.6 kernel if certain user
limits are reached, which could be abused by a local attacker to get
the applications to continue to run as root, possibly leading to an
elevation of privilege.
http://www.linuxsecurity.com/content/view/124438
* Mandriva: Updated ncompress packages fix vulnerability
9th, August, 2006
Tavis Ormandy, of the Google Security Team, discovered that
ncompress, when uncompressing data, performed no bounds checking,
which could allow a specially crafted datastream to underflow a .bss
buffer with attacker controlled data. Updated packages have been
patched to correct this issue.
http://www.linuxsecurity.com/content/view/124439
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Important: krb5 security update
8th, August, 2006
Updated krb5 packages are now available for Red Hat Enterprise Linux
4 to correct a privilege escalation security flaw. This update has
been rated as having important security impact by the Red Hat
Security Response Team.
http://www.linuxsecurity.com/content/view/124002
* RedHat: Important: apache security update
8th, August, 2006
Updated Apache httpd packages that correct a security issue are now
available for Red Hat Enterprise Linux 2.1. This update has been
rated as having important security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/124003
+---------------------------------+
| Distribution: SuSE | ----------------------------//
+---------------------------------+
* SuSE: clamav (SUSE-SA:2006:046)
9th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124385
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
