+------------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 25th, 2007 Volume 8, Number 48 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +------------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for samba, kdegraphics, cupsys, cacti, tetex, phpmyadmin, poppler, kernel, net-snmp, pdftohtml, koffice, conga, libpng, and thunderbird. The distributors include, Debian, Mandriva, Red Hat, and Slackware. --- >> Linux+DVD Magazine << Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc. In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- Master's Student: Social Engineering is not just a definition! -------------------------------------------------------------- We are happy to announce a new addition to the Linux Security Contributing Team: Gian G. Spicuzza. Currently a Graduate Student pursuing a Masters Degree in Computer Security (MSIA), Gian is a certified Linux/Unix administrator, the lead developer for the OSCAR-Backup System (at Sourceforge.com) and has experience in a variety of CSO, Management and consulting positions. His first topic is a quick foray into the world and psychology of Social Engineering: All the security in the world isn't going to stop one of your employees or coworkers from giving up information. Just how easy is it? Craig never worked for Linda's company, nor did he call from IT. Craig was an unethical hacker who just gained unauthorized access to her account. <b>Why? Because a phone call is simple.</b> Read on to see just how easy businesses can be exploited. http://www.linuxsecurity.com/content/view/131036 --- Review: Linux Firewalls ----------------------- Security is at the forefront of everyone's mind and a firewall can be an integral part of your Linux defense. But is Michael's Rash's "Linux Firewalls," the newest release from NoStarchPress, up for the challenge? Eckie S. here at Linuxsecurity.com gives you the low-down on this newest addition to the Linux security resource library and how it's one of the best ways to crack down on attacks to your Linux network. http://www.linuxsecurity.com/content/view/130392 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- -------------------------------------------------------------------------- * EnGarde Secure Community v3.0.17 Now Available (Oct 9) ------------------------------------------------------ Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.17 (Version 3.0, Release 17). This release includes many updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, and a few new features. In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce. http://www.linuxsecurity.com/content/view/129961 -------------------------------------------------------------------------- * Debian: New samba packages fix several vulnerabilities (Nov 22) --------------------------------------------------------------- Several local/remote vulnerabilities have been discovered in samba, a LanManager-like file and printer server for Unix. Alin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges. http://www.linuxsecurity.com/content/view/131405 * Debian: New kdegraphics packages fix arbitrary code execution (Nov 21) ---------------------------------------------------------------------- Alin Rad Pop discovered a buffer overflow in kpdf, which could allow the execution of arbitrary code if a malformed PDF file is displayed. http://www.linuxsecurity.com/content/view/131327 * Debian: New cupsys packages fix arbitrary code execution (Nov 18) ----------------------------------------------------------------- Alin Rad Pop discovered that the Common UNIX Printing System is vulnerable to an off-by-one buffer overflow in the code to process IPP packets, which may lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/131136 -------------------------------------------------------------------------- * Mandriva: Updated cacti packages fix SQL injection (Nov 22) ----------------------------------------------------------- An SQL injection vulnerability in cacti may allow remote attackers to execute arbitrary SQL commands. The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/131404 * Mandriva: Updated samba packages fix vulnerabilities (Nov 21) ------------------------------------------------------------- The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572). As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges (CVE-2007-5398). http://www.linuxsecurity.com/content/view/131329 * Mandriva: Updated tetex packages fix vulnerabilities (Nov 20) ------------------------------------------------------------- A flaw in the t1lib library where an attacker could create a malicious file that would cause tetex to crash or possibly execute arbitrary code when opened (CVE-2007-4033). http://www.linuxsecurity.com/content/view/131321 * Mandriva: Updated phpMyAdmin packages fix multiple (Nov 20) ----------------------------------------------------------- A few vulnerabilities and security-related issues have been fixed in phpMyAdmin since the 2.11.1.2 release. This update provides version 2.11.2.2 which is the latest stable release of phpMyAdmin. No configuration changes should be required since the previous update (version 2.11.1.2). If upgrading from older versions, it may be necessary to reconfigure phpMyAdmin. The configuration file is located in /etc/phpMyAdmin/. In most cases, it should be sufficient so simply replace config.default.php with config.default.php.rpmnew and make whatever modifications are necessary. http://www.linuxsecurity.com/content/view/131320 * Mandriva: Updated cups packages fix vulnerabilities (Nov 19) ------------------------------------------------------------ Alin Rad Pop found several flaws in how PDF files are handled in cups. An attacker could create a malicious PDF file that would cause cups to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/131144 * Mandriva: Updated poppler packages fix vulnerabilities (Nov 19) --------------------------------------------------------------- Alin Rad Pop found several flaws in how PDF files are handled in poppler. An attacker could create a malicious PDF file that would cause poppler to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/131143 * Mandriva: Updated kernel packages fix multiple (Nov 19) ------------------------------------------------------- Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The minix filesystem code allows local users to cause a denial of service (hang) via a malformed minix file stream (CVE-2006-6058). An integer underflow in the Linux kernel prior to 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set (CVE-2007-4997). To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate http://www.linuxsecurity.com/content/view/131142 * Mandriva: Updated net-snmp packages fix remote denial of (Nov 19) ----------------------------------------------------------------- The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. Updated packages fix this issue. http://www.linuxsecurity.com/content/view/131140 * Mandriva: Updated samba packages fix vulnerabilities (Nov 17) ------------------------------------------------------------- The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572). http://www.linuxsecurity.com/content/view/131133 * Mandriva: Updated pdftohtml packages fix vulnerabilities (Nov 17) ----------------------------------------------------------------- Alin Rad Pop found several flaws in how PDF files are handled in pdftohtml. An attacker could create a malicious PDF file that would cause pdftohtml to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/131134 * Mandriva: Updated koffice packages fix vulnerabilities (Nov 17) --------------------------------------------------------------- Alin Rad Pop found several flaws in how PDF files are handled in koffice. An attacker could create a malicious PDF file that would cause koffice to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/131135 -------------------------------------------------------------------------- * RedHat: Moderate: conga security, bug fix, (Nov 22) --------------------------------------------------- Updated conga packages that fix a security flaw, several bugs, and add enhancements are now available for Red Hat Cluster Suite. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/131401 -------------------------------------------------------------------------- * Slackware: libpng (Nov 21) ---------------------------- New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues. More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://www.linuxsecurity.com/content/view/131323 * Slackware: mozilla-thunderbird (Nov 20) ----------------------------------------- New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues. Slackware is not vulnerable to either of these in its default configuration, but watch out if you've enabled JavaScript. http://www.linuxsecurity.com/content/view/131322 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
