+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| August 3rd 2007 Volume 8, Number 31a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.
This week advisories were released for bind, xfs, file, gdm, mediaplayer,
tcpdump, VLC, Fail2ban, qt3, cups, kdegraphics, poppler, xpdf, tetex,
firefox, and gimp. The distributors include Debian, Fedora, Gentoo,
Mandriva, Red Hat, Slackware, and Ubuntu.
--
>> Linux+DVD Magazine <<
Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.
In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.
http://www.linuxsecurity.com/ads/adclick.php?bannerid=26
---
* EnGarde Secure Linux v3.0.15 Now Available
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.15 (Version 3.0, Release 15). This release includes many
updated packages and bug fixes, some feature enhancements to Guardian
Digital WebTool and the SELinux policy, and a few new features.
http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.15
---
Review: Practical Packet Analysis
In the introduction, McIlwraith points out that security awareness
training properly consists of communication, raising of issues, and
encouragement to modify behaviour. (This will come as no surprise
to those who recall the definition of training as the modification
of attitudes and behaviour.) He also notes that security professionals
frequently concentrate solely on presentation of problems. The
remainder of the introduction looks at other major security
activities, and the part that awareness plays in ensuring that
they actually work.
http://www.linuxsecurity.com/content/view/128459/171/
---
Robert Slade Review: "Information Security and Employee Behaviour"
The best way to secure you against sniffing is to use encryption. While
this won't prevent a sniffer from functioning, it will ensure that what a
sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/128404/171/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New bind9 packages fix DNS cache poisoning
26th, July, 2007
Amit Klein discovered that the BIND name server generates predictable
DNS query IDs, which may lead to cache poisoning attacks. For the
oldstable distribution (sarge) this problem has been fixed in version
9.2.4-1sarge3. An update for mips, powerpc and hppa is not yet
available, they will be released soon.
http://www.linuxsecurity.com/content/view/128862
* Debian: New xfs packages fix privilege escalation
30th, July, 2007
It was discovered that a race condition in the init.d script of the X
Font Server allows the modification of file permissions of arbitrary files
if the local administrator can be tricked into restarting the X font
server.
http://www.linuxsecurity.com/content/view/128875
* Debian: New file packages fix arbitrary code execution
31st, July, 2007
Colin Percival discovered an integer overflow in file, a file type
classification tool, which may lead to the execution of arbitrary
code.
http://www.linuxsecurity.com/content/view/128888
* Fedora Core 6 Update: bind-9.3.4-7.P1.fc6
27th, July, 2007
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. This update fixes the following flaw.
Allows cache-poisoning type of attack, no workaround, affect only
outgoing queries.
http://www.linuxsecurity.com/content/view/128868
* Fedora Core 6 Update: gdm-2.16.5-2.fc6
2nd, August, 2007
Gdm (the GNOME Display Manager) is a highly configurable
reimplementation of xdm, the X Display Manager. JLANTHEA reported a
denial of service flaw in the way that gdm listens on its unix domain
socket. Any local user can
crash the locally running X session.
http://www.linuxsecurity.com/content/view/128903
* Fedora Core 6 Update: tcpdump-3.9.4-11.fc6
2nd, August, 2007
Integer overflow in print-bgp.c in the BGP dissector in
tcpdump 3.9.6 and earlier allows remote attackers to execute
arbitrary code via crafted TLVs in a BGP packet, related to
an unchecked return value.
http://www.linuxsecurity.com/content/view/128904
* Gentoo: VLC media player Format string vulnerabilities
28th, July, 2007
A vulnerability has been discovered in VLC media player, allowing for
the remote execution of arbitrary code.David Thiel from iSEC Partners
Inc. discovered format string errors in various plugins when parsing
data. The affected plugins include Vorbis,
Theora, CDDA and SAP.
http://www.linuxsecurity.com/content/view/128870
* Gentoo: Fail2ban Denial of Service
28th, July, 2007
Fail2ban is vulnerable to a Denial of Service attack.A remote
attacker could send specially crafted SSH login banners to the
vulnerable host, which would prevent any ssh connection to the host
and result in a Denial of Service.
http://www.linuxsecurity.com/content/view/128871
* Gentoo: tcpdump Integer overflow
28th, July, 2007
A vulnerability has been discovered in tcpdump, allowing for the
execution of arbitrary code, possibly with root privileges.A remote
attacker could send specially crafted BGP packets on a network being
monitored with tcpdump, possibly resulting in the execution of
arbitrary code with the privileges of the user running tcpdump, which
is usually root.
http://www.linuxsecurity.com/content/view/128872
* Mandriva: Updated qt3 packages fix multiple vulnerabilities
1st, August, 2007
A number of format string flaws have been discovered in how Qt
handled error messages by Dirk Mueller and Tracey Parry of Portcullis
Computer Security. If an application linked against Qt created an error
message from user-supplied data in a certain way, it could possibly
lead to the execution of arbitrary code or a denial of service.
This update provides packages which are patched to prevent these
issues.
http://www.linuxsecurity.com/content/view/128894
* Mandriva: Updated Firefox packages fix multiple
1st, August, 2007
A number of security vulnerabilities have been discovered and
corrected in the latest Mozilla Firefox program, version 2.0.0.6.
This update provides the latest Firefox to correct these issues.
As well, it provides Firefox 2.0.0.6 for older products.
http://www.linuxsecurity.com/content/view/128897
* RedHat: Important: cups security update
30th, July, 2007
Updated CUPS packages that fix a security issue in PDF handling are
now available for Red Hat Enterprise Linux 3, 4, and 5. Maurycy Prodeus
discovered an integer overflow flaw in the way CUPS processes PDF
files. An attacker could create a malicious PDF file that could
potentially execute arbitrary code when printed.
http://www.linuxsecurity.com/content/view/128876
* RedHat: Important: kdegraphics security update
30th, July, 2007
Updated kdegraphics packages that fix a security issue in PDF
handling are now available for Red Hat Enterprise Linux 4, and 5.
Maurycy Prodeus discovered an integer overflow flaw in the processing
of PDF files.
http://www.linuxsecurity.com/content/view/128877
* RedHat: Important: gpdf security update
30th, July, 2007
Updated kdegraphics packages that fix a security issue in PDF
handling are now available for Red Hat Enterprise Linux 4.
http://www.linuxsecurity.com/content/view/128878
* RedHat: Important: poppler security update
30th, July, 2007
Updated poppler packages that fix a security issue in PDF handling
are now available for Red Hat Enterprise Linux 5. This update has been
rated as having important secur Maurycy Prodeus discovered an integer
overflow flaw in the processing of PDF files.
http://www.linuxsecurity.com/content/view/128879
* RedHat: Important: xpdf security update
30th, July, 2007
Updated xpdf packages that fix a security issue in PDF handling are
now available for Red Hat Enterprise Linux 2.1, 3, and 4. Maurycy
Prodeus discovered an integer overflow flaw in the processing of PDF
files. An attacker could create a malicious PDF file that would
cause Xpdf to crash or potentially execute arbitrary code when
opened.
http://www.linuxsecurity.com/content/view/128880
* RedHat: Moderate: qt security update
31st, July, 2007
Updated qt packages that correct an integer overflow flaw are now
available.Several format string flaws were found in Qt error message
handling. If an application linked against Qt created an error
message from user supplied data in a certain way, it could lead to
a denial of service or possibly allow the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/128887
* RedHat: Important: tetex security update
1st, August, 2007
Updated tetex packages that fix a security issue in PDF handling are
now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. Maurycy
Prodeus discovered an integer overflow flaw in the processing of PDF
files. An attacker could create a malicious PDF file that would
cause TeTeX to crash or potentially execute arbitrary code when
opened. This update has been rated as having important security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/128891
* Slackware: bind
26th, July, 2007
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
10.1, 10.2, 11.0, and 12.0 to fix security issues.
http://www.linuxsecurity.com/content/view/128864
* Slackware: firefox
1st, August, 2007
New mozilla-firefox packages are available for Slackware 11.0 and
12.0 to fix security issues. Note that Firefox 1.5.x has reached its
EOL (end of life) and is no longer being updated by mozilla.com.
http://www.linuxsecurity.com/content/view/128895
* Ubuntu: tcpdump vulnerability
30th, July, 2007
A flaw was discovered in the BGP dissector of tcpdump. Remote
attackers could send specially crafted packets and execute arbitrary
code with user privileges.
http://www.linuxsecurity.com/content/view/128883
* Ubuntu: Firefox vulnerabilities
31st, July, 2007
A flaw was discovered in handling of "about:blank" windows used by
addons. A malicious web site could exploit this to modify the
contents, or steal confidential data (such as passwords), of other
web pages. Jesper Johansson discovered that spaces and double-quotes
were not correctly handled when launching external programs. In rare
configurations, after tricking a user into opening a malicious web
page, an attacker could execute helpers with arbitrary arguments
with the user's privileges.
http://www.linuxsecurity.com/content/view/128890
* Ubuntu: Gimp vulnerability
2nd, August, 2007
Sean Larsson discovered multiple integer overflows in Gimp. By
tricking a user into opening a specially crafted DICOM, PNM, PSD,
PSP, RAS, XBM, or XWD image, a remote attacker could exploit this
to execute arbitrary code with the user's privileges.
http://www.linuxsecurity.com/content/view/128898
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
