+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| September 8th 2006 Volume 7, Number 37a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for sendmail, apache,
cheesetracker, capi4hylafax, imagemagic, MySQL, fastjar, Streamripper,
GTetrinet, OpenTTD, LibXfont, xorg, sudo, and openssl. The distributors
include Debian, Gentoo, and Mandriva.
---
Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.
http://www.msia.norwich.edu/linsec/
---
A Quick View at Proxy's
Proxy servers were originally developed to cache frequently
accessed web pages for computersbehind a common Internet
connection. In the early days of the Internet, wide area
links were veryslow, the Web was relatively small, and web
pages were static. The entire Proxy servers were originally
developed to cache frequently accessed web pages for
computersbehind a common Internet connection. In the early
days of the Internet, wide area links were veryslow, the
Web was relatively small, and web pages were static. The
entire Web consisted of only afew thousand websites shared
by scientists and academicians. Whenever an important
newselement hit a website, many scientists in the same
organization would visit that page (how manytimes have you
forwarded a link inside your company?). By caching that
page on a local server,proxies could eliminate redundant
Internet access to retrieve the same page over and over.
So, proxies were originally very effective at web caching.
When the Web went supernova, proxies became markedly less
effective at caching; the Web wasnow vast, web pages were
frequently dynamic (expiring as soon as they'd been
transmitted), andthe interests of users within a single
organization might range across a million web pages
before thesame site was hit three times.
http://www.linuxsecurity.com/content/view/114352/
SSH Port Forwarding
SSH is typically used for logging into remote servers so you
have shell access to do maintenance, read your email, restart
services, or whatever administration you require. SSH also
offers some other native services, such as file copy (using
scp and sftp) and remote command execution (using ssh with
a command on the command line after the hostname).
Whenever we SSH from one machine to another, we establish
a secure encrypted session. This first article in this SSH
series[1] looked at properly verifying a server's host key,
so that we can be sure that no attacker is able to perform
a man-in-the-middle attack and gain access to read or
manipulate what we do in that session. Other articles in
this series looked at removing the need for static
passwords using SSH user identities[2], and then using
ssh-agent[3] to automate the task of typing passphrases.
http://www.linuxsecurity.com/content/view/117782/
----------------------
* EnGarde Secure Community 3.0.8 Released
1st, August, 2006
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.8 (Version 3.0, Release 8). This release includes
several bug fixes and feature enhancements to the Guardian Digital
WebTool, several updated packages, and several new packages available
for installation.
http://www.linuxsecurity.com/content/view/123902
---
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption.
While this won.t prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
---
Review: How To Break Web Software
With a tool so widely used by so many different types of
people like the World Wide Web, it is necessary for everyone
to understand as many aspects as possible about its
functionality. From web designers to web developers to web
users, this is a must read. Security is a job for everyone
and How To Break Web Software by Mike Andrews and James A.
Whittaker is written for everyone to understand.
http://www.linuxsecurity.com/content/view/122713/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New sendmail packages fix denial of service
31st, August, 2006
A programming error has been discovered in sendmail, an alternative
mail transport agent for Debian, that could allow a remote attacker
to crash the sendmail process by sending a specially crafted email
message. Please note that in order to install this update you also
need libsasl2 library from proposed updates as outlined in DSA
1155-2.
http://www.linuxsecurity.com/content/view/124772
* Debian: New apache packages fix several vulnerabilities
4th, September, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124797
* Debian: New cheesetraceker packages fix buffer overflow
3rd, September, 2006
Updated package.
http://www.linuxsecurity.com/content/view/124792
* Debian: New capi4hylafax packages fix arbitrary command execution
1st, September, 2006
Lionel Elie Mamane discovered a security vulnerability in
capi4hylafax, tools for faxing over a CAPI 2.0 device, that allows
remote attackers to execute arbitrary commands on the fax receiving
system.
http://www.linuxsecurity.com/content/view/124781
* Debian: New imagemagick packages fix arbitrary code execution
4th, September, 2006
Several remote vulnerabilities have been discovered in Imagemagick, a
collection of image manipulation tools, which may lead to the
execution of arbitrary code. The Common Vulnerabilities and Exposures
project identifies the following problems: CVE-2006-2440
CVE-2006-3743 CVE-2006-3744
http://www.linuxsecurity.com/content/view/124803
* Debian: New MySQL 4.1 packages fix several vulnerabilities
5th, September, 2006
Several local vulnerabilities have been discovered in the MySQL
database server. The Common Vulnerabilities and Exposures project
identifies the following problems: CVE-2006-4226 CVE-2006-4380
http://www.linuxsecurity.com/content/view/124804
* Debian: New fastjar packages fix directory traversal
6th, September, 2006
Jrgen Weigert discovered that upon unpacking JAR archives fastjar
from the GNU Compiler Collection does not check the path for included
files and allows to create or overwrite files in upper directories.
http://www.linuxsecurity.com/content/view/124836
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: Streamripper Multiple remote buffer overflows
6th, September, 2006
Streamripper is vulnerable to multiple remote buffer overflows,
leading to the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/124824
* Gentoo: GTetrinet Remote code execution
6th, September, 2006
GTetrinet is vulnerable to a remote buffer overflow, potentially
leading to arbitrary code execution.
http://www.linuxsecurity.com/content/view/124826
* Gentoo: OpenTTD Remote Denial of Service
6th, September, 2006
The OpenTTD server is vulnerable to a remote Denial of Service.
http://www.linuxsecurity.com/content/view/124831
* Gentoo: LibXfont Multiple integer overflows
6th, September, 2006
A buffer overflow was discovered in the PCF font parser, potentially
resulting in the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/124834
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated xorg-x11/XFree86 packages fix potential
vulnerabilities
1st, September, 2006
X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload,
xtrans, and xterm, does not check the return values for setuid and
seteuid calls when attempting to drop privileges, which might allow
local users to gain privileges by causing those calls to fail, such
as by exceeding a ulimit.
http://www.linuxsecurity.com/content/view/124780
* Mandriva: Updated sudo packages whitelist environments
31st, August, 2006
Previous sudo updates were made available to sanitize certain
environment variables from affecting a sudo call, such as
PYTHONINSPECT, PERL5OPT, etc. While those updates were effective in
addressing those specific environment variables, other variables that
http://www.linuxsecurity.com/content/view/124779
* Mandriva: Updated MySQL packages fix DoS vuln, initscript bug
31st, August, 2006
MySQL before 4.1.13 allows local users to cause a denial of service
(persistent replication slave crash) via a query with multiupdate and
subselects. (CVE-2006-4380)
http://www.linuxsecurity.com/content/view/124776
* Mandriva: Updated openssl packages fix vulnerability
6th, September, 2006
Daniel Bleichenbacher recently described an attack on PKCS #1 v1.5
signatures where an RSA key with a small exponent used could be
vulnerable to forgery of a PKCS #1 v1.5 signature signed by that key.
Any software using OpenSSL to verify X.509 certificates is
potentially vulnerable to this issue, as well as any other use of
PKCS #1 v1.5, including software uses OpenSSL for SSL or TLS.
Updated packages are patched to address this issue.
http://www.linuxsecurity.com/content/view/124841
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
