+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 3rd 2006 Volume 7, Number 45a | +---------------------------------------------------------------------+ Editors: Dave Wreski Benjamin D. Thomas dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for Qt, ethereal, screen, php, asterisk, mono, xupplicant, mutt, ruby, ImageMagick, PostgreSQL, and WvWare. The distributors include Debian, Debian, Mandriva, Red Hat, and Ubuntu. --- Earn an NSA recognized IA Masters Online The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/linsec/ --- EnGarde Secure Linux v3.0.9 Now Available Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.9 (Version 3.0, Release 9). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, several updated packages, and a couple of new packages available for installation. http://www.linuxsecurity.com/content/view/125147/169/ --- RFID with Bio-Smart Card in Linux In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions. http://www.linuxsecurity.com/content/view/125052/171/ --- Packet Sniffing Overview The best way to secure you against sniffing is to use encryption. While this won't prevent a sniffer from functioning, it will ensure that what a sniffer reads is pure junk. http://www.linuxsecurity.com/content/view/123570/49/ -------- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ * Debian: New Qt packages fix integer overflow 30th, October, 2006 An integer overflow has been found in the pixmap handling routines in the Qt GUI libraries. This could allow an attacker to cause a denial of service and possibly execute arbitrary code by providing a specially crafted image file and inducing the victim to view it in an application based on Qt. http://www.linuxsecurity.com/content/view/125434 * Debian: New ethereal packages fix denial of service 31st, October, 2006 Updated package. http://www.linuxsecurity.com/content/view/125515 * Debian: New screen packages fix arbitrary code execution 31st, October, 2006 Updated package. http://www.linuxsecurity.com/content/view/125516 * Gentoo: Cheese Tracker Buffer Overflow 26th, October, 2006 Cheese Tracker contains a buffer overflow allowing the remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/125409 +---------------------------------+ | Distribution: Gentoo | ----------------------------// +---------------------------------+ * Gentoo: PHP Integer overflow 30th, October, 2006 PHP is vulnerable to an integer overflow potentially allowing the remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/125432 * Gentoo: Asterisk Multiple vulnerabilities 30th, October, 2006 Asterisk is vulnerable to the remote execution of arbitrary code or a Denial of Service. http://www.linuxsecurity.com/content/view/125436 +---------------------------------+ | Distribution: Mandriva | ----------------------------// +---------------------------------+ * Mandriva: Updated mono packages fix vulnerability 27th, October, 2006 Sebastian Krahmer of the SUSE security team found that the System.CodeDom.Compiler classes in mono used temporary files in an insecure way that could allow a symbolic link attack to overwrite arbitrary files with the privileges of the user running a program that made use of those classes. http://www.linuxsecurity.com/content/view/125415 * Mandriva: Updated xsupplicant fixes possible remote root stack smash vulnerability 27th, October, 2006 Yannick Van Osselaer discovered a stack overflow in Xsupplicant, which could potentially be exploited by a remote, authenticated user to gain root priviledges. Additional code cleanups to fix potential memory leaks are also included. http://www.linuxsecurity.com/content/view/125416 * Mandriva: Updated mutt packages fix multiple vulnerabilities 27th, October, 2006 A race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems. (CVE-2006-5297) http://www.linuxsecurity.com/content/view/125417 * Mandriva: Updated screen packages fix vulnerability 27th, October, 2006 Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences. http://www.linuxsecurity.com/content/view/125418 * Mandriva: Updated ruby packages fix DoS vulnerability 27th, October, 2006 The CGI library in Ruby 1.8 allowed a remote attacker to cause a Denial of Service via an HTTP request with a multipart MIME body that contained an invalid boundary specifier, which would result in an infinite loop and CPU consumption. http://www.linuxsecurity.com/content/view/125430 * Mandriva: Updated ImageMagick packages fix vulnerabilities 30th, October, 2006 Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. http://www.linuxsecurity.com/content/view/125496 * Mandriva: Updated PostgreSQL packages fix vulnerabilities 30th, October, 2006 A vulnerability in PostgreSQL 8.1.x allowed remote authenticated users to cause a Denial of Service (daemon crash) via certain aggregate functions in an UPDATE statement which were not handled correctly (CVE-2006-5540). http://www.linuxsecurity.com/content/view/125497 +---------------------------------+ | Distribution: Red Hat | ----------------------------// +---------------------------------+ * RedHat: Moderate: qt security update 1st, November, 2006 Updated qt packages that correct an integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/125521 +---------------------------------+ | Distribution: Ubuntu | ----------------------------// +---------------------------------+ * Ubuntu: postgresql-8.1 vulnerabilities 1st, November, 2006 USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu 6.06 LTS. This update provides the corresponding update for Ubuntu 6.10. http://www.linuxsecurity.com/content/view/125517 * Ubuntu: imagemagick vulnerability 1st, November, 2006 M. Joonas Pihlaja discovered that ImageMagick did not sufficiently verify the validity of PALM and DCM images. When processing a specially crafted image with an application that uses imagemagick, this could be exploited to execute arbitrary code with the application's privileges. http://www.linuxsecurity.com/content/view/125518 * Ubuntu: screen vulnerability 1st, November, 2006 cstone and Rich Felker discovered a programming error in the UTF8 string handling code of "screen" leading to a denial of service. If a crafted string was displayed within a screen session, screen would crash or possibly execute arbitrary code. http://www.linuxsecurity.com/content/view/125522 * Ubuntu: Ruby vulnerability 1st, November, 2006 An error was found in Ruby's CGI library that did not correctly check for the end of multipart MIME requests. Using a crafted HTTP request, a remote user could cause a denial of service, where Ruby CGI applications would end up in a loop, monopolizing a CPU. http://www.linuxsecurity.com/content/view/125523 * Ubuntu: mutt vulnerabilities 1st, November, 2006 Race conditions were discovered in mutt's handling of temporary files. Under certain conditions when using a shared temp directory (the default), other local users could overwrite arbitrary files owned by the user running mutt. This vulnerability is more likely when the temp directory is over NFS. http://www.linuxsecurity.com/content/view/125524 * Ubuntu: wvWare vulnerability 1st, November, 2006 An integer overflow was discovered in the DOC file parser of the wv library. By tricking a user into opening a specially crafted MSWord (.DOC) file, remote attackers could execute arbitrary code with the user's privileges. http://www.linuxsecurity.com/content/view/125526 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------