+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| August 10th 2007 Volume 8, Number 32a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.
This week advisories were released for iceweasel, xulrunner, iceape,
xpdf, poppler, libextractor, tetex-bin, bochs, pdfkit, gdm, tcpdump,
kernel, flashplayer, libarchive, gd, java, libgtop2, gdm, thunderbird,
qt, and koffice. The distributors include Debian, Fedora, Gentoo,
Mandrake, Red Hat, and Ubuntu.
--
>> Linux+DVD Magazine <<
Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.
In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.
http://www.linuxsecurity.com/ads/adclick.php?bannerid=26
---
* EnGarde Secure Linux v3.0.16 Now Available
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.16 (Version 3.0, Release 16). This release includes
many updated packages and bug fixes, some feature enhancements to
Guardian Digital WebTool and the SELinux policy, and a few new
features.
http://www.engardelinux.org/modules/download/
---
Review: Practical Packet Analysis
In the introduction, McIlwraith points out that security awareness
training properly consists of communication, raising of issues, and
encouragement to modify behaviour. (This will come as no surprise
to those who recall the definition of training as the modification
of attitudes and behaviour.) He also notes that security professionals
frequently concentrate solely on presentation of problems. The
remainder of the introduction looks at other major security
activities, and the part that awareness plays in ensuring that
they actually work.
http://www.linuxsecurity.com/content/view/128459/171/
---
Robert Slade Review: "Information Security and Employee Behaviour"
The best way to secure you against sniffing is to use encryption. While
this won't prevent a sniffer from functioning, it will ensure that what a
sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/128404/171/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New iceweasel packages fix several vulnerabilities
3rd, August, 2007
Several remote vulnerabilities have been discovered in the Iceweasel
web browser, an unbranded version of the Firefox browser. The Common
Vulnerabilities and Exposures project identifies the security flaws.
"moz_bug_r_a4" discovered that a regression in the handling of
"about:blank" windows used by addons may lead to an attacker being
able to modify the content of web sites.
http://www.linuxsecurity.com/content/view/128912
* Debian: New xulrunner packages fix several vulnerabilities
4th, August, 2007
Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the security flaws."moz_bug_r_a4"
discovered that a regression in the handling of "about:blank" windows
used by addons may lead to an attacker being able to modify the
content of web sites.
http://www.linuxsecurity.com/content/view/128916
* Debian: New iceape packages fix several vulnerabilities
4th, August, 2007
Several remote vulnerabilities have been discovered in the Iceape
internet suite, an unbranded version of the Seamonkey Internet Suite.
http://www.linuxsecurity.com/content/view/128917
* Debian: New xpdf packages fix arbitrary code execution
4th, August, 2007
It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is
opened.
http://www.linuxsecurity.com/content/view/128918
* Debian: New poppler packages fix arbitrary code execution
4th, August, 2007
It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is
opened.
http://www.linuxsecurity.com/content/view/128919
* Debian: New libextractor packages fix arbitrary code execution
5th, August, 2007
It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is
opened.
http://www.linuxsecurity.com/content/view/128921
* Debian: New tetex-bin packages fix arbitrary code execution
6th, August, 2007
It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is opened.
http://www.linuxsecurity.com/content/view/128927
* Debian: New bochs packages fix privilege escalation
7th, August, 2007
Tavis Ormandy discovered that bochs, a highly portable IA-32 PC
emulator, is vulnerable to a buffer overflow in the emulated NE2000
network device driver, which may lead to privilege escalation.
http://www.linuxsecurity.com/content/view/128936
* Debian: New pdfkit.framework packages fix arbitrary code
7th, August, 2007
It was discovered that an integer overflow in the xpdf PDF viewer may
lead to the execution of arbitrary code if a malformed PDF file is opened.
http://www.linuxsecurity.com/content/view/128938
* Fedora Core 6 Update: gdm-2.16.5-2.fc6
2nd, August, 2007
Gdm (the GNOME Display Manager) is a highly configurable
reimplementation of xdm, the X Display Manager. JLANTHEA reported a
denial of service flaw in the way that gdm listens on its unix domain
socket. Any local user can crash the locally running X session.
http://www.linuxsecurity.com/content/view/128903
* Fedora Core 6 Update: tcpdump-3.9.4-11.fc6
2nd, August, 2007
Integer overflow in print-bgp.c in the BGP dissector in
tcpdump 3.9.6 and earlier allows remote attackers to execute
arbitrary code via crafted TLVs in a BGP packet, related to
an unchecked return value.
http://www.linuxsecurity.com/content/view/128904
* Fedora Core 6 Update: kernel-2.6.22.1-32.fc6
9th, August, 2007
The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c
in the Linux kernel before 2.6.22 allows remote attackers to cause
a denial of service (crash) via an encoded, out-of-range index value
for a choice field, which triggers a NULL pointer dereference.
http://www.linuxsecurity.com/content/view/128958
* Gentoo: Macromedia Flash Player Remote arbitrary code execution
8th, August, 2007
Multiple vulnerabilities have been discovered in Macromedia Flash
Player, allowing for the remote execution of arbitrary code. Mark
Hills discovered some errors when interacting with a browser for
keystrokes handling (CVE-2007-2022). Stefano Di Paola and Giorgio
Fedon =66rom Minded Security discover
http://www.linuxsecurity.com/content/view/128953
* Gentoo: Xvid Array indexing vulnerabilities
8th, August, 2007
Several array indexing vulnerabilities were discovered in Xvid.
An attacker could exploit these vulnerabilities to execute arbitrary
code by tricking a user or automated system into processing a
malicious video file with an application that makes use of the Xvid
library.
http://www.linuxsecurity.com/content/view/128954
* Gentoo: libarchive (formerly named as bsdtar) Multiple pax
Extension Header Vulnerabilities
8th, August, 2007
Multiple vulnerabilities were found in libarchive (formerly named as
app-archive/bsdtar), possibly allowing for the execution of arbitrary
code or a Denial of Service.
http://www.linuxsecurity.com/content/view/128955
* Mandriva: Updated gd packages fix several vulnerabilities
3rd, August, 2007
GD versions prior to 2.0.35 have a number of bugs which
potentially lead to denial of service and possibly other issues.
Integer overflow in gdImageCreateTrueColor function in the GD
Graphics Library (libgd) before 2.0.35 allows user-assisted remote
attackers to have unspecified remote attack vectors and impact.
http://www.linuxsecurity.com/content/view/128915
* RedHat: Critical: java-1.4.2-ibm security update
6th, August, 2007
Updated java-1.4.2-ibm packages to correct a set of security issues
are now available for Red Hat Enterprise Linux 3 and 4 Extras and Red
Hat Enterprise Linux 5 Supplementary. A security vulnerability in the
Java Web Start component was discovered.
http://www.linuxsecurity.com/content/view/128925
* RedHat: Critical: java-1.5.0-sun security update
6th, August, 2007
Updated java-1.5.0-sun packages that correct several security issues
are available for Red Hat Enterprise Linux 4 Extras. The Javadoc tool
was able to generate HTML documentation pages that contained cross-site
scripting (XSS) vulnerabilities.
http://www.linuxsecurity.com/content/view/128926
* RedHat: Moderate: libgtop2 security update
7th, August, 2007
An updated libgtop2 package that fixes a security issue and a
functionality bug is now available for Red Hat Enterprise Linux 4.A
flaw was found in the way libgtop2 handled long filenames mapped into
the address space of a process. An attacker could execute arbitrary
code on behalf of the user running gnome-system-monitor by executing
a process and mapping a file with a specially crafted name into the
processes' address space. This update has been rated as having
moderate security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/128933
* RedHat: Moderate: gdm security and bug fix update
7th, August, 2007
An updated gdm package that fixes a security issue is now available
for Red Hat Enterprise Linux 5.A flaw was found in the way Gdm listens
on its unix domain socket. A local user could crash a running X
session by writing malicious data to Gdm's unix domain socket.
This update has been rated as having moderate security impact by
the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/128934
* RedHat: Critical: java-1.5.0-ibm security update
7th, August, 2007
Updated java-1.5.0-ibm packages that correct several security issues
are now available for Red Hat Enterprise Linux 4 Extras and 5
Supplementary. A security vulnerability in the Java Web Start component
was discovered. An untrusted application could elevate it's privileges,
allowing it to read and write local files that are accessible to the
user running the Java Web Start application.
http://www.linuxsecurity.com/content/view/128935
* RedHat: Important: kernel security update
8th, August, 2007
Updated kernel packages that fix a number of security issues are now
available for Red Hat Enterprise Linux 2.1 (32-bit architectures).
This security advisory has been rated as having important security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/128951
* RedHat: Important: kernel security update
8th, August, 2007
Updated kernel packages that fix a number of security issues are now
available for Red Hat Enterprise Linux 2.1 (64-bit architectures).
This security advisory has been rated as having important security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/128952
* Slackware: thunderbird
3rd, August, 2007
New Thunderbird packages are available for Slackware 11.0 and 12.0
to fix two possible security issues. This package may also be used
on many older versions of Slackware (though we're not certain how far
http://www.linuxsecurity.com/content/view/128914
* Ubuntu: Gimp vulnerability
2nd, August, 2007
Sean Larsson discovered multiple integer overflows in Gimp. By
tricking a user into opening a specially crafted DICOM, PNM, PSD,
PSP, RAS, XBM, or XWD image, a remote attacker could exploit this
to execute arbitrary code with the user's privileges.
http://www.linuxsecurity.com/content/view/128898
* Ubuntu: Qt vulnerability
3rd, August, 2007
Several format string vulnerabilities have been discovered in Qt
warning messages. By causing an application to process specially
crafted input data which triggered Qt warnings, this could be
exploited to execute arbitrary code with the privilege of the user
running the application.
http://www.linuxsecurity.com/content/view/128908
* Ubuntu: koffice vulnerability
3rd, August, 2007
Derek Noonburg discovered an integer overflow in the Xpdf function
StreamPredictor::StreamPredictor(). By importing a specially crafted
PDF file into KWord, this could be exploited to run arbitrary code
with the user's privileges.
http://www.linuxsecurity.com/content/view/128909
* Ubuntu: poppler vulnerability
7th, August, 2007
USN-496-1 fixed a vulnerability in koffice. This update provides the
corresponding updates for poppler, the library used for PDF handling
in Gnome. Derek Noonburg discovered an integer overflow in the Xpdf
function StreamPredictor::StreamPredictor(). By importing a specially
crafted PDF file into KWord, this could be exploited to run arbitrary
code with the user's privileges.
http://www.linuxsecurity.com/content/view/128939
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
