+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| September 1st 2006 Volume 7, Number 36a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for sendmail, libmusicbrainz,
firefox, kdebase, ruby, streamripper, Motor, PHP, Wireshark,
Heimdal, Heartbeat, AlsaPlayer, ImageMagick, lesstif, binutils,
xorg-x11, MySQL, kernel, seakmonkey, and kdegraphics. The
distributors include Debian, Gentoo, Mandriva, and Red Hat.
---
Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.
http://www.msia.norwich.edu/linsec/
---
Steganography and Cyber Terrorism Communications
By: Dancho Danchev
Following my previous post on Cyber Terrorism Communications and
Propaganda, I'm continuing to summarize interesting findings on the
topic. The use of encryption to ensure the confidentiality of a
communication, be it criminals or terrorists taking advantage of
the speed and cheap nature of Internet communications, is often
taken as the de-facto type of communication. I feel that it's
steganographic communication in all of its variety that's playing
a crucial role in terrorist communications. It's never been about
the lack of publicly or even commercially obtainable steganographic
tools, but the ability to know where and what to look for. Here's
a brief comment on a rather hard to intercept communication tool:
SSSS - Shamir's Secret Sharing Scheme : "No other medium can
provide better speed, connectivity, and most importantly anonymity,
given it.s achieved and understood, and it often is.
Plain encryption might seem the obvious answer, but to me it.s
steganography, having the potential to fully hide within
legitimate (at least looking) data flow. Another possibility
is the use secret sharing schemes. A bit of a relevant tool
that can be fully utilized by any group of people wanting to
ensure their authenticity and perhaps everyone.s pulse, is
SSSS - Shamir's Secret Sharing Scheme. And no, I.m not giving
tips, just shredding light on the potential in here! The
way botnets of malware can use public forums to get commands,
in this very same fashion, terrorists could easily hide
sensitive communications by mixing it with huge amounts of
public data, while still keeping it secret."
Read More
http://ddanchev.blogspot.com/2006/08/steganography-and-cyber-terrorism.html
----------------------
* EnGarde Secure Community 3.0.8 Released
1st, August, 2006
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.8 (Version 3.0, Release 8). This release includes
several bug fixes and feature enhancements to the Guardian Digital
WebTool, several updated packages, and several new packages available
for installation.
http://www.linuxsecurity.com/content/view/123902
---
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption.
While this won.t prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
---
Review: How To Break Web Software
With a tool so widely used by so many different types of
people like the World Wide Web, it is necessary for everyone
to understand as many aspects as possible about its
functionality. From web designers to web developers to web
users, this is a must read. Security is a job for everyone
and How To Break Web Software by Mike Andrews and James A.
Whittaker is written for everyone to understand.
http://www.linuxsecurity.com/content/view/122713/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New sendmail packages fix denial of service
31st, August, 2006
A programming error has been discovered in sendmail, an alternative
mail transport agent for Debian, that could allow a remote attacker
to crash the sendmail process by sending a specially crafted email
message. Please note that in order to install this update you also
need libsasl2 library from proposed updates as outlined in DSA
1155-2.
http://www.linuxsecurity.com/content/view/124772
* Debian: New libmusicbrainz packages fix arbitrary code execution
30th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124762
* Debian: New Mozilla packages fix several vulnerabilities
29th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124741
* Debian: New Mozilla Firefox packages fix several vulnerabilities
29th, August, 2006
Several security related problems have been discovered in Mozilla and
derived products like Mozilla Firefox. The Common Vulnerabilities
and Exposures project identifies the following vulnerabilities:
CVE-2006-3805 CVE-2006-3806 CVE-2006-3807 CVE-2006-3808 CVE-2006-3809
CVE-2006-3811
http://www.linuxsecurity.com/content/view/124752
* Debian: New sendmail packages fix denial of service
24th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124677
* Debian: New kdebase packages fix information disclosure
27th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124717
* Debian: New ruby1.8 packages fix several vulnerabilities
27th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124718
* Debian: New streamripper packages fix arbitrary code execution
27th, August, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124721
* Debian: New Mozilla Thunderbird packages fix several problems
28th, August, 2006
everal security related problems have been discovered in Mozilla and
derived products such as Mozilla Thunderbird. The Common
Vulnerabilities and Exposures project identifies the following
vulnerabilities: CVE-2006-2779 CVE-2006-3805 CVE-2006-3806
CVE-2006-3807 CVE-2006-3808 CVE-2006-3809 CVE-2006-3810
http://www.linuxsecurity.com/content/view/124724
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: Motor Execution of arbitrary code
29th, August, 2006
Motor uses a vulnerable ktools library, which could lead to the
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/124761
* Gentoo: Motor Execution of arbitrary code
29th, August, 2006
Motor uses a vulnerable ktools library, which could lead to the
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/124747
* Gentoo: PHP Arbitary code execution
29th, August, 2006
PHP contains a function that, when used, could allow a remote
attacker to execute arbitrary code.
http://www.linuxsecurity.com/content/view/124751
* Gentoo: Wireshark Multiple vulnerabilities
29th, August, 2006
Wireshark is vulnerable to several security issues that may lead to a
Denial of Service and/or the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/124746
* Gentoo: Heimdal Multiple local privilege escalation vulnerabilities
24th, August, 2006
Certain Heimdal components, ftpd and rcp, are vulnerable to a local
privilege escalation.
http://www.linuxsecurity.com/content/view/124682
* Gentoo: Heartbeat Denial of Service
24th, August, 2006
Heartbeat is vulnerable to a Denial of Service which can be triggered
by a remote attacker without authentication.
http://www.linuxsecurity.com/content/view/124688
* Gentoo: AlsaPlayer Multiple buffer overflows
26th, August, 2006
AlsaPlayer is vulnerable to multiple buffer overflows which could
lead to the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/124716
* Gentoo: AlsaPlayer Multiple buffer
27th, August, 2006
AlsaPlayer is vulnerable to multiple buffer overflows which could
lead to the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/124720
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated musicbrainz packages fix buffer overflow
vulnerabilities
30th, August, 2006
Multiple buffer overflows in libmusicbrainz (aka mb_client or
MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and
earlier, allow remote attackers to cause a denial of service (crash)
or execute arbitrary code via (1) a long Location header by the HTTP
server, which triggers an overflow in the MBHttp::Download function
in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a
URL in an rdf:resource field in an RDF XML document, which triggers
overflows in many functions in lib/rdfparse.c. The updated packages
have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/124768
* Mandriva: Updated sendmail packages fix DoS vulnerabilities
30th, August, 2006
Moritz Jodeit discovered a vulnerability in sendmail when processing
very long header lines that could be exploited to cause a Denial of
Service by crashing sendmail. The updated packages have been patched
to correct this issue.
http://www.linuxsecurity.com/content/view/124767
* Mandriva: Updated ImageMagick packages fix vulnerabilities
29th, August, 2006
Multiple buffer overflows in ImageMagick before 6.2.9 allow
user-assisted attackers to execute arbitrary code via crafted XCF
images. (CVE-2006-3743) Multiple integer overflows in ImageMagick
before 6.2.9 allows user-assisted attackers to execute arbitrary code
via crafted Sun bitmap images that trigger heap-based buffer
overflows. (CVE-2006-3744) Integer overflow in the ReadSGIImage
function in sgi.c in ImageMagick before 6.2.9 allows user-assisted
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via large (1) bytes_per_pixel, (2) columns, and (3)
rows values, which trigger a heap-based buffer overflow.
(CVE-2006-4144) The updated packages have been patched to correct
these issues.
http://www.linuxsecurity.com/content/view/124750
* Mandriva: Updated lesstif packages fix potential local root
vulnerability
29th, August, 2006
The libXm library in LessTif 0.95.0 and earlier allows local users to
gain privileges via the DEBUG_FILE environment variable, which is
used to create world-writable files when libXm is run from a setuid
program. The updated packages have been rebuilt with the
--enable-production configure switch in order to correct this issue.
http://www.linuxsecurity.com/content/view/124740
* Mandriva: Updated binutils packages fix multiple vulnerabilities
29th, August, 2006
A stack-based buffer overflow in messages.c in the GNU as (gas)
assembler in Free Software Foundation GNU Binutils before 20050721
allows attackers to execute arbitrary code via a .c file with crafted
inline assembly code (CVE-2005-4807).
http://www.linuxsecurity.com/content/view/124739
* Mandriva: Updated xorg-x11 packages fix vulnerabilities
24th, August, 2006
An integer overflow flaw was discovered in how xorg-x11/XFree86
handles PCF files. A malicious authorized client could exploit the
issue to cause a DoS (crash) or potentially execute arbitrary code
with root privileges on the xorg-x11/XFree86 server. Updated packages
are patched to address this issue.
http://www.linuxsecurity.com/content/view/124693
* Mandriva: Updated MySQL packages fix user privilege vulnerabilities
24th, August, 2006
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to
access a table through a previously created MERGE table, even after
the user's privileges are revoked for the original table, which might
violate intended security policy (CVE-2006-4031).
http://www.linuxsecurity.com/content/view/124694
* Mandriva: Updated kernel packages fix multiple vulnerabilities
25th, August, 2006
Prior to and including 2.6.16-rc2, when running on x86_64 systems
with preemption enabled, local users can cause a DoS (oops) via
multiple ptrace tasks that perform single steps (CVE-2006-1066).
http://www.linuxsecurity.com/content/view/124704
* Mandriva: Updated wireshark packages fix multiple vulnerabilities
25th, August, 2006
Vulnerabilities in the SCSI, DHCP, and SSCOP dissectors were
discovered in versions of wireshark less than 0.99.3, as well as an
off-by-one error in the IPsec ESP preference parser if compiled with
ESP decryption support.
http://www.linuxsecurity.com/content/view/124706
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Moderate: ImageMagick security update
24th, August, 2006
Updated ImageMagick packages that fix several security issues are now
available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/124681
* RedHat: Critical: seamonkey security update (was
28th, August, 2006
Updated seamonkey packages that fix several security bugs in the
mozilla packages are now available for Red Hat Enterprise Linux 2.1.
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/124725
* RedHat: Moderate: kdegraphics security update
28th, August, 2006
Updated kdegraphics packages that fix several security flaws in kfax
are now available for Red Hat Enterprise Linux 2.1, and 3. This
update has been rated as having moderate security impact by the Red
Hat Security Response Team.
http://www.linuxsecurity.com/content/view/124726
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
