+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | August 24th 2007 Volume 8, Number 34a | +---------------------------------------------------------------------+ Editors: Dave Wreski Benjamin D. Thomas dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week advisories were released for tcpdump, gpdf, kdegraphics, ClamAV, Xfce, SquirrelMail, MySQL, gimp, seamonkey, xfce4-terminal, and libvorbis. The distributors include Debian, Fedora, Gentoo, Red Hat, Slackware, and Ubuntu. -- >> Linux+DVD Magazine << Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc. In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- * EnGarde Secure Linux v3.0.16 Now Available Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.16 (Version 3.0, Release 16). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features. http://www.engardelinux.org/modules/download/ --- Review: Practical Packet Analysis In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work. http://www.linuxsecurity.com/content/view/128459/171/ --- Robert Slade Review: "Information Security and Employee Behaviour" The best way to secure you against sniffing is to use encryption. While this won't prevent a sniffer from functioning, it will ensure that what a sniffer reads is pure junk. http://www.linuxsecurity.com/content/view/128404/171/ -------- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ * Debian: New tcpdump packages fix arbitrary code execution 11th, August, 2007 It was discovered that an integer overflow in the BGP dissector of tcpdump, a powerful tool for network monitoring and data acquisition, may lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/128976 * Debian: New gpdf packages fix arbitrary code execution 13th, August, 2007 It was discovered that an integer overflow in xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. http://www.linuxsecurity.com/content/view/128984 * Debian: New kdegraphics packages fix arbitrary code execution 13th, August, 2007 It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. http://www.linuxsecurity.com/content/view/128985 * Debian: New Linux 2.6.18 packages fix several vulnerabilities 15th, August, 2007 Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems below. http://www.linuxsecurity.com/content/view/128996 +---------------------------------+ | Distribution: Fedora | ----------------------------// +---------------------------------+ * Fedora Core 6 Update: kernel-2.6.22.1-32.fc6 9th, August, 2007 The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c in the Linux kernel before 2.6.22 allows remote attackers to cause a denial of service (crash) via an encoded, out-of-range index value for a choice field, which triggers a NULL pointer dereference. http://www.linuxsecurity.com/content/view/128958 +---------------------------------+ | Distribution: Gentoo | ----------------------------// +---------------------------------+ * Gentoo: ClamAV Denial of Service 9th, August, 2007 A vulnerability has been discovered in ClamAV, allowing for a Denial of Service. http://www.linuxsecurity.com/content/view/128962 * Gentoo: GD Multiple vulnerabilities 9th, August, 2007 Multiple vulnerabilities have been discovered in GD, allowing for the execution of arbitrary code. http://www.linuxsecurity.com/content/view/128963 * Gentoo: Net:DNS: Multiple vulnerabilities 11th, August, 2007 Multiple vulnerabilities have been discovered in the Net::DNS Perl module, allowing for a Denial of Service and a cache poisoning attack. http://www.linuxsecurity.com/content/view/128977 * Gentoo: Xfce Terminal Remote arbitrary code execution 11th, August, 2007 A vulnerability has been discovered in the Xfce Terminal program, allowing for the remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/128978 * Gentoo: SquirrelMail G/PGP plugin Arbitrary code execution 11th, August, 2007 Multiple vulnerabilities have been discovered in SquirrelMail, allowing for the remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/128979 * Gentoo: MySQL Denial of Service and information leakage 16th, August, 2007 A Denial of Service vulnerability and a table structure information leakage vulnerability were found in MySQL. http://www.linuxsecurity.com/content/view/128999 +---------------------------------+ | Distribution: Red Hat | ----------------------------// +---------------------------------+ * RedHat: Moderate: kernel security and bugfix update 16th, August, 2007 Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 3 kernel are now available. These new kernel packages contain fixes for the security issues described below: This securit advisory has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/128998 +---------------------------------+ | Distribution: Slackware | ----------------------------// +---------------------------------+ * Slackware: gimp 11th, August, 2007 New gimp packages are available for Slackware 10.2, 11.0, and 12.0 to fix security issues. More details about this issue may be found in the http://www.linuxsecurity.com/content/view/128972 * Slackware: seamonkey 11th, August, 2007 New seamonkey packages are available for Slackware 11.0 and 12.0 to fix various security issues. http://www.linuxsecurity.com/content/view/128974 * Slackware: xpdf 11th, August, 2007 New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix an integer overflow. http://www.linuxsecurity.com/content/view/128975 +---------------------------------+ | Distribution: Ubuntu | ----------------------------// +---------------------------------+ * Ubuntu: xfce4-terminal vulnerability 13th, August, 2007 Lasse Karkkainen discovered that the Xfce Terminal did not correctly escape shell meta-characters during "Open Link" actions. If a remote attacker tricked a user into opening a specially crafted URI, they could execute arbitrary commands with the user's privileges. http://www.linuxsecurity.com/content/view/128987 * Ubuntu: libvorbis vulnerabilities 16th, August, 2007 David Thiel discovered that libvorbis did not correctly verify the size of certain headers, and did not correctly clean up a broken stream. If a user were tricked into processing a specially crafted Vorbis stream, a remote attacker could execute arbitrary code with the user's privileges. http://www.linuxsecurity.com/content/view/128997 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------