+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| April 5th 2007 Volume 8, Number 14a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for file, zope, krb, XMMS, Ekiga,
Squid, CUPS, Asterisk, Kerberos, OpenAFS, OpenPBS, zziplib, kdelibs,
openoffice, qt3, qt4, XFree86, xorg-x11, libXfont, mysql, ktorrent,
and gpg. The distributors include Debian, Gentoo, Mandriva,
Red Hat, Slackware, SuSE, and Ubuntu.
---
* EnGarde Secure Linux v3.0.13 Now Available
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.13 (Version 3.0, Release 13). This release includes
several bug fixes and feature enhancements to the SELinux policy
and several updated packages.
http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.13
---
Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.
http://www.msia.norwich.edu/linsec/
---
RFID with Bio-Smart Card in Linux
In this paper, we describe the integration of fingerprint template
and RF smart card for clustered network, which is designed on Linux
platform and Open source technology to obtain biometrics security.
Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a
Personal Identification Number (PIN) and the card holder is
authenticated using the biometrics template stored in the smart
card that is based on the fingerprint verification. The fingerprint
verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire
parameters of smart security controller like PIN options, Reader
delay, real-time clock, alarm option and cardholder access
conditions.
http://www.linuxsecurity.com/content/view/125052/171/
---
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New file packages fix arbitrary code execution
2nd, April, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127643
* Debian: New zope2.7 packages fix cross-site scripting flaw
2nd, April, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127653
* Debian: New krb5 packages fix several vulnerabilities
3rd, April, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127671
* Debian: New XMMS packages fix arbitrary code execution
4th, April, 2007
Multiple errors have been found in the skin handling routines in
xmms,
the X Multimedia System. These vulnerabilities could allow an
attacker to run arbitrary code as the user running xmms by inducing
the victim to load specially crafted interface skin files.
<p>
http://www.linuxsecurity.com/content/view/127695
* Gentoo: Ekiga Format string vulnerability
29th, March, 2007
A format string vulnerability in Ekiga may allow the remote execution
of arbitrary code.
http://www.linuxsecurity.com/content/view/127613
* Gentoo: file Integer underflow
30th, March, 2007
A buffer underflow vulnerability has been reported in file allowing
for the user-assisted execution of arbitrary code.
http://www.linuxsecurity.com/content/view/127634
* Gentoo: Squid Denial of Service
31st, March, 2007
Squid is affected by a Denial of Service vulnerability.
http://www.linuxsecurity.com/content/view/127638
* Gentoo: CUPS Denial of Service
31st, March, 2007
CUPS incorrectly handles partially-negotiated SSL connections
allowing for a Denial of Service.
http://www.linuxsecurity.com/content/view/127639
* Gentoo: Asterisk Two SIP Denial of Service vulnerabilities
2nd, April, 2007
Asterisk is vulnerable to two Denial of Service issues in the SIP
channel.
http://www.linuxsecurity.com/content/view/127651
* Gentoo: MIT Kerberos 5 Arbitrary remote code execution
3rd, April, 2007
Multiple vulnerabilities in MIT Kerberos 5 could potentially result
in unauthenticated remote root code execution.
http://www.linuxsecurity.com/content/view/127670
* Gentoo: OpenAFS Privilege escalation
3rd, April, 2007
OpenAFS is subject to a design flaw that could allow privilege
escalation on the client.
http://www.linuxsecurity.com/content/view/127672
* Gentoo: OpenPBS Multiple vulnerabilities
3rd, April, 2007
OpenPBS contains unspecified vulnerabilities which may allow for the
remote execution of arbitrary code or a Denial of Service.
http://www.linuxsecurity.com/content/view/127673
* Gentoo: zziplib Buffer Overflow
3rd, April, 2007
The zziplib library contains a buffer overflow vulnerability that
could lead to user-assisted remote execution of arbitrary code.
http://www.linuxsecurity.com/content/view/127674
* Mandriva: Updated xmms packages to address integer vulnerabilities
29th, March, 2007
Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly
other versions, allows user-assisted remote attackers to execute
arbitrary code via crafted header information in a skin bitmap image,
which triggers memory corruption. (CVE-2007-0653)
Integer underflow in X MultiMedia System (xmms) 1.2.10 allows
user-assisted remote attackers to execute arbitrary code via crafted
header information in a skin bitmap image, which results in a
stack-based buffer overflow. (CVE-2007-0654) Updated packages have
been patched to correct these issues.
http://www.linuxsecurity.com/content/view/127612
* Mandriva: Updated kdelibs packages to address FTP PASV issue in
konqueror
29th, March, 2007
The FTP protocol implementation in Konqueror 3.5.5 allows remote
servers to force the client to connect to other servers, perform a
proxied port scan, or obtain sensitive information by specifying an
alternate server address in a FTP PASV command. Updated packages have
been patched to address this issue.
http://www.linuxsecurity.com/content/view/127614
* Mandriva: Updated openoffice.org packages to address
vulnerabilities
29th, March, 2007
Stack-based buffer overflow in the StarCalc parser in OpenOffice.org
(OOo) Office Suite allows user-assisted remote attackers to execute
arbitrary code via a crafted document. (CVE-2007-0238) OpenOffice.org
(OOo) Office Suite allows user-assisted remote attackers to execute
arbitrary commands via shell metacharacters in a prepared
link in a crafted document. (CVE-2007-0239) Updated packages have
been patched to correct these issues.
http://www.linuxsecurity.com/content/view/127615
* Mandriva: Updated qt3 packages to address utf8 decoder bug
3rd, April, 2007
Andreas Nolden discover a bug in qt3, where the UTF8 decoder does not
reject overlong sequences, which can cause "/../" injection or (in
the case of konqueror) a "<script>" tag injection. Updated packages
have been patched to address this issue.
http://www.linuxsecurity.com/content/view/127680
* Mandriva: Updated kdelibs packages to address UTF8 issue in KJS
3rd, April, 2007
A bug was discovered in KJS where UTF8 decoding did not reject
overlong sequences. This vulnerability is similar to that discovered
by Andreas Nolden in QT3 and QT4, but at this current time there is
no known exploit for this issue. Updated packages have been patched
to address this issue.
http://www.linuxsecurity.com/content/view/127681
* Mandriva: Updated qt4 packages to address utf8 decoder bug
3rd, April, 2007
Andreas Nolden discover a bug in qt4, where the UTF8 decoder does not
reject overlong sequences, which can cause "/../" injection or (in
the case of konqueror) a "<script>" tag injection. Updated packages
have been patched to address this issue.
http://www.linuxsecurity.com/content/view/127682
* RedHat: Critical: krb5 security update
3rd, April, 2007
Updated krb5 packages that fix a number of issues are now available.
This update has been rated as having critical security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/127659
* RedHat: Important: XFree86 security update
3rd, April, 2007
Updated XFree86 packages that fix a number of security issues are now
available for Red Hat Enterprise Linux 2.1 and 3. This update has
been rated as having important security impact by the Red Hat
Security Response Team.
http://www.linuxsecurity.com/content/view/127662
* RedHat: Important: xorg-x11 security update
3rd, April, 2007
Updated X.org packages that fix several security issues are now
available for Red Hat Enterprise Linux 4. This update has been rated
as having important security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/127663
* RedHat: Important: xorg-x11-server security update
3rd, April, 2007
Updated X.org X11 server packages that fix a security issue are now
available for Red Hat Enterprise Linux 5. This update has been rated
as having important security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/127664
* RedHat: Moderate: squid security update
3rd, April, 2007
An updated squid package that fixes a security vulnerability is now
available for Red Hat Enterprise Linux 5. This update has been rated
as having moderate security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/127665
* RedHat: Important: libXfont security update
3rd, April, 2007
Updated X.org libXfont packages that fix a security issue are now
available for Red Hat Enterprise Linux 5. This update has been rated
as having important security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/127666
* RedHat: Moderate: mysql security update
3rd, April, 2007
Updated mysql packages that fix a security flaw are now available for
Red Hat Enterprise Linux 4. This update has been rated as having
moderate security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/127667
* Slackware: file [and bin package]
3rd, April, 2007
New file packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
10.1, 10.2, 11.0, and -current to fix a security issue.
http://www.linuxsecurity.com/content/view/127676
* Slackware: qt
3rd, April, 2007
New qt packages are available for Slackware 10.2, 11.0, and -current
to fix a security issue.
http://www.linuxsecurity.com/content/view/127677
* Slackware: ktorrent
3rd, April, 2007
New ktorrent packages are available for Slackware 11.0 and -current
to fix security issues.
http://www.linuxsecurity.com/content/view/127678
* SuSE: gpg (SUSE-SA:2007:024)
30th, March, 2007
Updated package.
http://www.linuxsecurity.com/content/view/127630
* Ubuntu: X.org vulnerabilities
3rd, April, 2007
Sean Larsson of iDefense Labs discovered that the MISC-XC extension
of Xorg did not correctly verify the size of allocated memory. An
authenticated user could send a specially crafted X11 request and
execute arbitrary code with root privileges. (CVE-2007-1003)Greg
MacManus of iDefense Labs discovered that the BDF font handling code
in Xorg and FreeType did not correctly verify the size of allocated
memory.
http://www.linuxsecurity.com/content/view/127675
* Ubuntu: krb5 vulnerabilities
3rd, April, 2007
The krb5 telnet service did not appropriately verify user names. A
remote attacker could log in as the root user by requesting a
specially crafted user name.
http://www.linuxsecurity.com/content/view/127679
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
