+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| October 13th 2006 Volume 7, Number 42a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for Thunderbird, XFree86, libwmf,
openssl, mono, gzip, flash, ncompress, php, cups, glibc, python, and
the Linux kernel. The distributors include Debian, Fedora, Gentoo,
Mandriva, Red Hat, and SuSE.
---
Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.
http://www.msia.norwich.edu/linsec/
---
What is EnGarde Secure Linux?
EnGarde Secure Linux is not just another "repackaged" Linux
distribution, but a modern open source system built from the
ground up to provide secure services in the threatening world
of the modern Internet. EnGarde Secure Linux is the creation of
Guardian Digital, Inc. a pioneer in open source security since
1999, and has been developed since then in collaboration with
the worldwide community of open source security enthusiasts
and professionals. Guardian Digital provides a secure and
consistent environment for EnGarde Secure Linux through the
Guardian Digital WebTool and the Guardian Digital Secure
Network. A server-only system, EnGarde Secure Linux is
administered securely and remotely using the WebTool, a
custom interface that both simplifies server administration
and guides the system user in maintaining a secure
configurations for all of the services that comprise
EnGarde. The Guardian Digital Secure Network maintains
the consistency and security of EnGarde by providing
system upgrades and security patches that have been
constructed by Guardian Digital's engineering team to
relieve the user of the burden of maintaining the system
in a consistent and secure state.
Defense In Depth In EnGarde Secure Linux
Security is the primary consideration in designing every
element of EnGarde Secure Linux. Guardian Digital applies
basic security principles like "least privilege", "no
unnecessary services" and "default-deny" rules to every
level of EnGarde from access to kernel itself to defense
of the network perimeter. Security begins with the
selection of the best available open source packages,
chosen and tailored for maximum security and following
software security best-practices. The next level of
protection comes from a complete re-engineering of the
standard Linux security model using Security Enhanced
Linux (SELinux). SELinux implements the principle of
"Mandatory Access Control" which places each program
and process under the control of its own SELinux policy,
limiting its access to files and resources and effectively
containing any intrusions or compromises. EnGarde Secure
Linux builds on this secure foundation by placing all
administration of EnGarde and its services under the
control of the Guardian Digital WebTool. The Guardian
Digital WebTool is a secure, remote graphical administration
interface that is carefully tailored, not just to simplify
administration, but to help maintain secure practices and
configurations. For example, EnGarde, through the WebTool,
limits user and IP access by default for most services
like FTP file transfers and POP/IMAP mail retrieval. For
services that must be publicly accessible like Web service
and mail transport, the WebTool offers simple setup of
SSL-enabled encrypted services. The WebTool also mandates
secure practices like encrypted passwords and prevents
hazardous configurations like open mail relays. EnGarde
Secure Linux extends its secure environment through the
use of a carefully integrated selection of the best open
source security tools for detecting compromises and
intrusions at all levels. EnGarde generates special
security-focused system logs to help the administrator
identify potential compromises, and adds to this host-based
intrusion detection tools. EnGarde monitors the system for
potential network compromises and intrusions using the
open source Snort intrusion detection system, adding its
own NetDiff port status monitoring software.
http://www.linuxsecurity.com/content/view/125195/171/
---
EnGarde Secure Linux v3.0.9 Now Available
Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.9 (Version 3.0, Release 9). This release
includes several bug fixes and feature enhancements to the
Guardian Digital WebTool and the SELinux policy, several
updated packages, and a couple of new packages available for
installation.
http://www.linuxsecurity.com/content/view/125147/169/
---
RFID with Bio-Smart Card in Linux
In this paper, we describe the integration of fingerprint template
and RF smart card for clustered network, which is designed on Linux
platform and Open source technology to obtain biometrics security.
Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a
Personal Identification Number (PIN) and the card holder is
authenticated using the biometrics template stored in the smart
card that is based on the fingerprint verification. The fingerprint
verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire
parameters of smart security controller like PIN options, Reader
delay, real-time clock, alarm option and cardholder access
conditions.
http://www.linuxsecurity.com/content/view/125052/171/
---
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New Mozilla Thunderbird packages fix several
vulnerabilities
5th, October, 2006
Updated package.
http://www.linuxsecurity.com/content/view/125166
* Debian: New Mozilla packages fix several vulnerabilities
6th, October, 2006
Several security related problems have been discovered in Mozilla and
derived products. The Common Vulnerabilities and Exposures project
identifies the following vulnerabilities: CVE-2006-2788 CVE-2006-4340
CVE-2006-4565 CVE-2006-4566 CVE-2006-4568 CVE-2006-4570 CVE-2006-4571
http://www.linuxsecurity.com/content/view/125177
* Debian: New XFree86 packages fix several vulnerabilities
9th, October, 2006
Several vulnerabilities have been discovered in the X Window System,
which may lead to the execution of arbitrary code or denial of
service. The Common Vulnerabilities and Exposures project identifies
the following problems: CVE-2006-3467 CVE-2006-3739 CVE-2006-3740
CVE-2006-4447
http://www.linuxsecurity.com/content/view/125197
* Debian: New libwmf packages fix arbitrary code execution
9th, October, 2006
Updated package.
http://www.linuxsecurity.com/content/view/125199
* Debian: new openssl096 packages fix denial of service
10th, October, 2006
Updated package.
http://www.linuxsecurity.com/content/view/125208
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
* Fedora Core 5 Update: mono-1.1.13.7-2.fc5.1
6th, October, 2006
The Mono runtime implements a JIT engine for the ECMA CLI virtual
machine (as well as a byte code interpreter, the class loader, the
garbage collector, threading system and metadata access libraries.
This advisory covers CVEID: CVE-2006-5072 Mono insecure temporary
file usage
http://www.linuxsecurity.com/content/view/125187
* Fedora Core 5 Update: gzip-1.3.5-7.fc5
10th, October, 2006
Gzip should be installed on your Red Hat Linux system, because it is
a very commonly used data compression program. The following CVDIDs
were addressed: CVE-2006-4334 CVE-2006-4335 CVE-2006-4336
CVE-2006-4338 CVE-2006-4337
http://www.linuxsecurity.com/content/view/125204
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: Adobe Flash Player Arbitrary code execution
5th, October, 2006
Multiple input validation errors have been identified that allow
arbitrary code execution on a user's system via the handling of
malicious Flash files.
http://www.linuxsecurity.com/content/view/125165
* Gentoo: ncompress Buffer Underflow
6th, October, 2006
A buffer underflow vulnerability has been reported in ncompress
allowing for the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/125181
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated php packages fix integer overflow vulnerability
5th, October, 2006
An integer overflow was discovered in the PHP memory handling
routines. If a script can cause memory allocation based on untrusted
user data, a remote attacker sending a carefully crafted request
could execute arbitrary code as the 'apache' user. Updated packages
have been patched to correct these issues.
http://www.linuxsecurity.com/content/view/125174
* Mandriva: Updated cups package corrects bugs
7th, October, 2006
A bug in the shipped version of CUPS would allow for the unexpected
deletion of cupsd.conf and cause a crash of CUPS. This issue, as
well as many other bugs, have been corrected in CUPS 1.2.4, which is
being provided with this update.
http://www.linuxsecurity.com/content/view/125188
* Mandriva: Updated glibc package are available for new kernels
10th, October, 2006
Updated glibc packages are being provided to ensure that kernel and
user-space tools are in sync. This update also fixes a bug present
on x86_64 platforms where strncmp() is mis-optimized.
http://www.linuxsecurity.com/content/view/125209
* Mandriva: Updated python packages fix vulnerability
10th, October, 2006
A vulnerability in python's repr() function was discovered by
Benjamin C. Wiley Sittler. It was found that the function did not
properly handle UTF-32/UCS-4 strings, so an application that used
repr() on certin untrusted data could possibly be exploited to
execute arbitrary
code with the privileges of the user running the python application.
Updated packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/125210
* Mandriva: Updated kernel packages fix multiple vulnerabilities and
bugs
11th, October, 2006
Stephane Eranian discovered an issue with permon2.0 where, under
certain circumstances, the perfmonctl() system call may not correctly
manage the file descriptor reference count, resulting in the system
possibly running out of file structure (CVE-2006-3741).
http://www.linuxsecurity.com/content/view/125216
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Important: php security update
5th, October, 2006
Updated PHP packages that fix an integer overflow flaw are now
available for Red Hat Enterprise Linux 2.1. This update has been
rated as having important security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/125170
* RedHat: Important: kernel security update
5th, October, 2006
Updated kernel packages that fix several security issues in the Red
Hat Enterprise Linux 4 kernel are now available. This security
advisory has been rated as having important security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/125173
* RedHat: Important: python security update
9th, October, 2006
Updated Python packages are now available to correct a security issue
in Red Hat Enterprise Linux 3 and 4. This update has been rated as
having important security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/125200
+---------------------------------+
| Distribution: SuSE | ----------------------------//
+---------------------------------+
* SuSE: php4,php5 (SUSE-SA:2006:059)
9th, October, 2006
The ini_restore() method could be exploited to reset options such as
open_basedir when set via the web server config file to their default
value set in php.ini (CVE-2006-4625). Additionally php5 on all
products as well as php4 on SLES8 were vulnerable to an integer
overflow problem in the memory allocation routine. This bug can be
exploited to execute arbitrary code with the uid of the web server
(CVE-2006-4812). Thanks to Stefan Esser for reporting the problem.
http://www.linuxsecurity.com/content/view/125194
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
