+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| September 7th 2007 Volume 8, Number 36a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the week. It
includes pointers to updated packages and descriptions of each
vulnerability.
This week advisories were released for vim, id3lib, clamav, pptpd, krb5,
librpcsecgss, vavoom, gallery, kdebase, mysql, cyrus-sasl, star, java,
and kerberos. The distributors include Debian, Fedora, Mandriva,
Red Hat, Slackware, and Ubuntu.
--
>> Linux+DVD Magazine <<
Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.
In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.
http://www.linuxsecurity.com/ads/adclick.php?bannerid=26
---
* EnGarde Secure Linux v3.0.16 Now Available
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.16 (Version 3.0, Release 16). This release includes
many updated packages and bug fixes, some feature enhancements to
Guardian Digital WebTool and the SELinux policy, and a few new
features.
http://www.engardelinux.org/modules/download/
---
Review: Ruby by Example
Learning a new language cannot be complete without a few 'real
world' examples. 'Hello world!'s and fibonacci sequences are
always nice as an introduction to certain aspects of programming,
but soon or later you crave something meatier to chew on. 'Ruby
by Example: Concepts and Code' by Kevin C. Baird provides a
wealth of knowledge via general to specialized examples of the
dynamic object oriented programming language, Ruby. Want to build
an mp3 playlist processor? How about parse out secret codes from
'Moby Dick'? Read on!
http://www.linuxsecurity.com/content/view/128840/171/
---
Robert Slade Review: "Information Security and Employee Behaviour"
The best way to secure you against sniffing is to use encryption. While
this won't prevent a sniffer from functioning, it will ensure that what a
sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/128404/171/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New Linux 2.6.18 packages fix several vulnerabilities
31st, August, 2007
Several local and remote vulnerabilities have been discovered in the
Linux kernel that may lead to a denial of service or the execution of
arbitrary code. The Common Vulnerabilities and Exposures project
identifies the below vulnerabilities.
http://www.linuxsecurity.com/content/view/129221
* Debian: New vim packages fix several vulnerabilities
1st, September, 2007
Several vulnerabilities have been discovered in the vim editor. Ulf
Harnhammar discovered that a format string flaw in helptags_one()
from src/ex_cmds.c (triggered through the "helptags" command) can
lead to the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/129224
* Debian: New id3lib3.8.3 packages fix denial of service
1st, September, 2007
Nikolaus Schulz discovered that a programming error in id3lib, an ID3
Tag Library, may lead to denial of service through symlink attacks.
http://www.linuxsecurity.com/content/view/129225
* Debian: New clamav packages fix several vulnerabilities
1st, September, 2007
Several remote vulnerabilities have been discovered in the Clam
anti-virus toolkit.
http://www.linuxsecurity.com/content/view/129226
* Debian: New pptpd packages fix regression
2nd, September, 2007
It was discovered that the PoPToP Point to Point Tunneling Server
contains a programming error, which allows the tear-down of a PPTP
connection through a malformed GRE packet, resulting in denial of
service.
http://www.linuxsecurity.com/content/view/129227
* Debian: New krb5 packages fix arbitrary code execution
4th, September, 2007
It was discovered that a buffer overflow of the RPC library of the
MIT Kerberos reference implementation allows the execution of arbitrary
code.
http://www.linuxsecurity.com/content/view/129236
* Debian: New librpcsecgss packages fix arbitrary code execution
4th, September, 2007
It was discovered that a buffer overflow of the library for secure
RPC communication over the rpcsec_gss protocol allows the execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/129237
* Debian: New krb5 packages fix arbitrary code execution
6th, September, 2007
It was discovered that a buffer overflow of the RPC library of the
MIT Kerberos reference implementation allows the execution of arbitrary
code. The original patch from DSA-1367-1 didn't address the problem fully.
http://www.linuxsecurity.com/content/view/129347
* Debian: New gforge packages fix SQL injection
6th, September, 2007
Sumit I. Siddharth discovered that Gforge, a collaborative
development tool performs insufficient input sanitising, which allows
SQL injection.
http://www.linuxsecurity.com/content/view/129348
+---------------------------------+
| Distribution: Fedora | ----------------------------//
+---------------------------------+
* Fedora 7 Update: vavoom-1.24-3.fc7
4th, September, 2007
Security update fixing various format strings vulnerabilities and a
DOS vulnerability in the vavoom server, this fixes: CVE-2007-4533,
CVE-2007-4534 & CVE-2007-4535. Also see bugzilla bug 256621.
http://www.linuxsecurity.com/content/view/129332
* Fedora 7 Update: gallery2-2.2-0.7..
4th, September, 2007
Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow
attackers to (1) rename items, (2) read and modify item properties,
or (3) lock and replace items via unknown vectors in (a) the WebDAV
module; and (4) edit unspecified data files using "linked items" in
(a) WebDAV and (b) Reupload modules.
http://www.linuxsecurity.com/content/view/129335
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated clamav packages vulnerabilities
31st, August, 2007
A vulnerability in ClamAV was discovered that could allow remote
attackers to cause a denial of service via a crafted RTF file or a
crafted HTML document with a data: URI, both of which trigger a NULL
dereference (CVE-2007-4510).
http://www.linuxsecurity.com/content/view/129223
* Mandriva: Updated tar packages fix vulnerabilities
4th, September, 2007
Dmitry V. Levin discovered a path traversal flaw in how GNU tar
extracted archives. A malicious user could create a tar archive that
could write to arbitrary fiels that the user running tar has write
access to. Updated packages have been patched to prevent these issues.
http://www.linuxsecurity.com/content/view/129338
* Mandriva: Updated krb5 packages fix vulnerabilities
6th, September, 2007
A stack buffer overflow vulnerability was discovered in the RPC
library used by Kerberos' kadmind program by Tenable Network
Security. A remote unauthenticated user who could access kadmind
would be able to trigger the flaw and cause it to crash (CVE-2007-3999).
http://www.linuxsecurity.com/content/view/129345
* Mandriva: Updated eggdrop package fix remote buffer overflow
6th, September, 2007
A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop
1.6.18, and possibly earlier, allows user-assisted, malicious remote
IRC servers to execute arbitrary code via a long private message.
Updated packages fix this issue.
http://www.linuxsecurity.com/content/view/129346
* Mandriva: Updated kdebase and kdelibs packages fix location
6th, September, 2007
konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers
to spoof the data: URI scheme in the address bar via a long URI with
trailing whitespace, which prevents the beginning of the URI from
being displayed. (CVE-2007-3820)
http://www.linuxsecurity.com/content/view/129349
* Mandriva: Updated MySQL packages fix vulnerabilities
6th, September, 2007
A vulnerability was found in MySQL's authentication protocol, making
it possible for a remote unauthenticated attacker to send a specially
crafted authentication request to the MySQL server causing it to
crash (CVE-2007-3780).
http://www.linuxsecurity.com/content/view/129350
* Mandriva: Updated krb5 packages fix vulnerabilities
7th, September, 2007
A stack buffer overflow vulnerability was discovered in the RPC
library used by Kerberos' kadmind program by Tenable Network
Security.
http://www.linuxsecurity.com/content/view/129390
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Moderate: aide security update
4th, September, 2007
A flaw was discovered in the way file checksums were stored in the
AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in the
file database not containing any file checksum information. This could
prevent AIDE from detecting certain file modifications.
http://www.linuxsecurity.com/content/view/129230
* RedHat: Moderate: kernel security and bugfix update
4th, September, 2007
Updated kernel packages that fix several security issues and bugs in
the Red Hat Enterprise Linux 4 kernel are now available.
http://www.linuxsecurity.com/content/view/129231
* RedHat: Moderate: cyrus-sasl security and bug fix update
4th, September, 2007
An updated cyrus-sasl package that addresses a security issue and
fixes various other bugs is now available for Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/129232
* RedHat: Moderate: star security update
4th, September, 2007
An updated star package that fixes a path traversal flaw is now
available. This update has been rated as having moderate security impact
by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/129233
* RedHat: Moderate: cyrus-sasl security update
4th, September, 2007
Updated cyrus-sasl packages that correct a security issue are now
available for Red Hat Enterprise Linux 3. This update has been rated
as having moderate security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/129234
* RedHat: Important: krb5 security update
4th, September, 2007
Updated krb5 packages that fix two security flaws are now available
for Red Hat Enterprise Linux 5.
http://www.linuxsecurity.com/content/view/129235
* RedHat: Important: krb5 security update
7th, September, 2007
Updated krb5 packages that correct a security flaw are now available
for Red Hat Enterprise Linux 5. The MIT Kerberos Team discovered a
problem with the originally published patch for svc_auth_gss.c
http://www.linuxsecurity.com/content/view/129352
+---------------------------------+
| Distribution: Slackware | ----------------------------//
+---------------------------------+
* Slackware: java (jre, jdk)
31st, August, 2007
Sun has released security advisories pertaining to both the Java
Runtime Environment and the Standard Edition Development Kit.
One such advisory may be found here:
http://www.linuxsecurity.com/content/view/129222
+---------------------------------+
| Distribution: Ubuntu | ----------------------------//
+---------------------------------+
* Ubuntu: Linux kernel vulnerabilities
31st, August, 2007
A buffer overflow was discovered in the Moxa serial driver. Local
attackers could execute arbitrary code and gain root privileges.
(CVE-2005-0504)
http://www.linuxsecurity.com/content/view/129214
* Ubuntu: Linux kernel vulnerabilities
31st, August, 2007
A flaw was discovered in the PPP over Ethernet implementation. Local
attackers could manipulate ioctls and cause kernel memory consumption
leading to a denial of service.
http://www.linuxsecurity.com/content/view/129218
* Ubuntu: Kerberos vulnerability
4th, September, 2007
It was discovered that the libraries handling RPCSEC_GSS did not
correctly validate the size of certain packet structures. An
unauthenticated remote user could send a specially crafted request
and execute arbitrary code with root privileges.
http://www.linuxsecurity.com/content/view/129337
* Ubuntu: Kerberos vulnerability
7th, September, 2007
It was discovered that the libraries handling RPCSEC_GSS did not
correctly validate the size of certain packet structures. An
unauthenticated remote user could send a specially crafted request
and execute arbitrary code with root privileges.
http://www.linuxsecurity.com/content/view/129389
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
