+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| September 29th 2006 Volume 7, Number 40a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for gnutls11, openssl, gzip,
ImageMagick, GnuTLS, tikiwiki, openssh, opera, firefox, thunderbird,
webmin, fibric, php, squirrelmail, php, flash-player, mozilla, and
the Linux kernel. The distributors include Debian, Gentoo, Mandriva,
Red Hat, and SuSE.
---
Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.
http://www.msia.norwich.edu/linsec/
---
Access Control Systems and Biometric Smart card
The client stores a user.s certificate including a public
and a private key that are issued by a certification authority
in advance. A random number (RN) generated by the server is
encrypted with the private key in the client, then the encrypted
random number (ERN) is validated in the server with both CA's and
the use's certificate.
In the case of embedding a fingerprint matching function into the
server, the transmission of fingerprint images from the client to
the server is required. This requirement means that other
transmission protocols specialized for user validation must be
added to the system. However, this is not desirable for standard
entity authentication systems because of the prohibitive cost.
Therefore, the matching function must be embedded in the client
in this case. For a similar reason, the templates must be stored
in the client. Although there are actually many choices of
connection between fingerprint matching and entity authentication,
activation of the user's private key or the encryption function
depending on the result of the fingerprint matching is appropriate
in consideration of matching junction and the template residing
in the client.
The card memory is organized as 8192 Bit EEPROM, which is split
into 16 sectors with 4 blocks. One block consists of 16 bytes.
The first block of the memory is reserved for manufacturer data
like 32 bit serial number. This is a read only block. It is
named as "Block 0". Access conditions for the Data Blocks are
defined in the Sector Trailers. According to these conditions
data can be read, written, incremented, decremented, transferred
or restored either with Key A, Key B or never. The RF Smart
card consists of two types of Data Blocks: Read/write blocks,
Value blocks.
http://www.linuxsecurity.com/content/view/125052/171/
----------------------
* EnGarde Secure Community 3.0.8 Released
1st, August, 2006
Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.8 (Version 3.0, Release 8). This release
includes several bug fixes and feature enhancements to the Guardian
Digital WebTool, several updated packages, and several new
packages available for installation.
http://www.linuxsecurity.com/content/view/123902
---
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
---
Review: How To Break Web Software
With a tool so widely used by so many different types of
people like the World Wide Web, it is necessary for everyone
to understand as many aspects as possible about its
functionality. From web designers to web developers to web
users, this is a must read. Security is a job for everyone
and How To Break Web Software by Mike Andrews and James A.
Whittaker is written for everyone to understand.
http://www.linuxsecurity.com/content/view/122713/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New gnutls11 packages fix RSA signature forgery
cryptographic weakness
22nd, September, 2006
Daniel Bleichenbacher discovered a flaw in GNU TLS cryptographic
package that could allow an attacker to generate a forged signature
that GNU TLS will accept as valid.
http://www.linuxsecurity.com/content/view/125056
* Debian: New Linux 2.4.27 packages fix several vulnerabilities
25th, September, 2006
Several security related problems have been discovered in the Linux
kernel which may lead to a denial of service or even the execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/125068
* Debian: New Linux 2.6.8 packages fix several vulnerabilities
25th, September, 2006
Several security related problems have been discovered in the Linux
kernel which may lead to a denial of service or even the execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/125070
* Debian: New Linux 2.6.8 packages fix several vulnerabilities
26th, September, 2006
Updated package.
http://www.linuxsecurity.com/content/view/125077
* Debian: New openssl packages fix denial of service
28th, September, 2006
Multiple vulnerabilities have been discovered in the OpenSSL
cryptographic software package that could allow an attacker to launch
a denial of service attack by exhausting system resources or crashing
processes on a victim's computer. The following CVE IDs have been
addressed: CVE-2006-2940 CVE-2006-3738 CVE-2006-4343 CVE-2006-2937
http://www.linuxsecurity.com/content/view/125102
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: gzip Multiple vulnerabilities
23rd, September, 2006
gzip is affected by multiple vulnerabilities, including buffer
overflows and infinite loops, possibly allowing the execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/125065
* Gentoo: ImageMagick Multiple Vulnerabilities
26th, September, 2006
Multiple buffer overflows have been discovered in ImageMagick, which
could potentially result in the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/125083
* Gentoo: GnuTLS RSA Signature Forgery
26th, September, 2006
GnuTLS fails to handle excess data which could allow an attacker to
forge a PKCS #1 v1.5 signature.
http://www.linuxsecurity.com/content/view/125084
* Gentoo: Tikiwiki Arbitrary command execution
26th, September, 2006
Tikiwiki contains a cross-site scripting (XSS) vulnerability as well
as a second vulnerability which may allow remote execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/125085
* Gentoo: OpenSSH Denial of Service
27th, September, 2006
A flaw in the OpenSSH daemon allows remote unauthenticated attackers
to cause a Denial of Service.
http://www.linuxsecurity.com/content/view/125090
* Gentoo: Opera RSA signature forgery
28th, September, 2006
Opera fails to correctly verify certain signatures.
http://www.linuxsecurity.com/content/view/125098
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated Firefox packages fix multiple vulnerabilities
21st, September, 2006
A number of security vulnerabilities have been discovered and
corrected in the latest Mozilla Firefox program, version 1.5.0.7.
This update provides the latest Firefox to correct these issues.
http://www.linuxsecurity.com/content/view/125049
* Mandriva: Updated Thunderbird packages fix multiple vulnerabilities
22nd, September, 2006
A number of security vulnerabilities have been discovered and
corrected in the latest Mozilla Thunderbird program, version 1.5.0.7.
This update provides the latest Thunderbird to correct these issues.
http://www.linuxsecurity.com/content/view/125063
* Mandriva: Updated webmin packages fix XSS vulnerability
22nd, September, 2006
Webmin before 1.296 and Usermin before 1.226 does not properly handle
a URL with a null ("%00") character, which allows remote attackers to
conduct cross-site scripting (XSS), read CGI program source code,
list directories, and possibly execute programs. Updated packages
have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/125064
* Mandriva: Updated Fibric package interaction with curl
28th, September, 2006
The Fibric tool, used for updating packages on Corporate Server 4.0,
had difficulty with usernames that contained the '@' character when
curl is installed. No such problem exists when Fibric uses wget.
This update provides a fixed Fibric that better interacts with curl.
http://www.linuxsecurity.com/content/view/125094
* Mandriva: Updated webmin packages fix XSS vulnerability
28th, September, 2006
Webmin before 1.296 and Usermin before 1.226 does not properly handle
a URL with a null ("%00") character, which allows remote attackers to
conduct cross-site scripting (XSS), read CGI program source code,
list directories, and possibly execute programs. Updated packages
have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/125095
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Moderate: php security update
21st, September, 2006
Updated PHP packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 3 and 4. This update has been
rated as having moderate security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/125044
* RedHat: Moderate: php security update
21st, September, 2006
Updated PHP packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 2.1. This update has been
rated as having moderate security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/125045
* RedHat: Moderate: squirrelmail security update
26th, September, 2006
A new squirrelmail package that fixes a security issue as well as
several bugs is now available for Red Hat Enterprise Linux 3 and 4.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/125081
+---------------------------------+
| Distribution: SuSE | ----------------------------//
+---------------------------------+
* SuSE: php4,php5 (SUSE-SA:2006:052)
21st, September, 2006
Various security problems have been fixed in the PHP script language
engine and its modules, versions 4 and 5. The PHP4 updated packages
were released on September 12, the PHP5 update packages were released
on September 20. The following CVE IDs have been resolved:
CVE-2006-2563 CVE-2006-4483 CVE-2006-4481 CVE-2006-4482 CVE-2006-4484
CVE-2006-4482 CVE-2006-4020
http://www.linuxsecurity.com/content/view/125043
* SuSE: flash-player (SUSE-SA:2006:053)
21st, September, 2006
Multiple input validation errors have been identified in the
Macromedia Flash Player that could lead to the potential execution of
arbitrary code. These vulnerabilities could be accessed through
content delivered from a remote location via the user's web browser,
email client, or other applications that include or reference the
Flash Player. (CVE-2006-3311, CVE-2006-3587, CVE-2006-3588) These
updates also include changes to prevent circumvention of the
"allowScriptAccess" option. (CVE-2006-4640)
http://www.linuxsecurity.com/content/view/125048
* SuSE: Mozilla Firefox,Thunderbird,
22nd, September, 2006
Security updates have been released that bring Mozilla Firefox to
version 1.5.0.7, Mozilla Thunderbird to version 1.5.0.7 and Mozilla
Seamonkey to 1.0.5.
http://www.linuxsecurity.com/content/view/125054
* SuSE: openssl,mozilla-nss RSA signature
22nd, September, 2006
If an RSA key with exponent 3 is used it may be possible to forge a
PKCS verify the certificate if they are not checking for excess data
in the RSA exponentiation result of the signature.
http://www.linuxsecurity.com/content/view/125055
* SuSE: gzip (SUSE-SA:2006:056)
26th, September, 2006
Updated package.
http://www.linuxsecurity.com/content/view/125082
* SuSE: kernel security problems
28th, September, 2006
Various security problems were found and fixed in the Linux kernel.
http://www.linuxsecurity.com/content/view/125099
* SuSE: openssl security problems
28th, September, 2006
Several security problems were found and fixed in the OpenSSL
cryptographic library.
http://www.linuxsecurity.com/content/view/125100
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
