+------------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | December 21st, 2007 Volume 8, Number 51 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +------------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for clamav, mydns, centericq, link-grammar, mock, qt, cups, e2fprogs, firefox, wpa_supplicant, autofs, libexif, mysql, thunderbird, squid, and samba. The distributors include Debain, Fedora, Gentoo, Mandriva, Red Hat, and Ubuntu. --- >> Linux+DVD Magazine << Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc. In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- Master's Student: A Quick and Dirty Guide To Kernel Hardening with GrSecurity ----------------------------------------------------------------------------- Our resident Master's student Gian Spicuzza chimes in this month with a great feature HowTo on Kernel Hardening! There are a number of ways to lock down a system, and RBAC (role based access control) is one of them. Read on to learn more about what makes RBAC so useful, and to read one of the best overviews on Low/Medium/High Security... The combination of the Linux kernel and GNU packages has always been regarded as a secure operating system, but can it be more secure? Kernel hardening is the answer to tightening up the Linux backbone. GrSecurity, a kernel patch for Linux, is one of the more popular approaches... One of the most significant feature is the addition of a role-based access control system (RBAC) that monitors what each user can execute based on their role and denies execution if they overstep their pre-defined rules. http://www.linuxsecurity.com/content/view/132385 --- Creating Snort Rules with EnGarde --------------------------------- There are already tons of written Snort rules, but there just might be a time where you need to write one yourself. You can think of writing Snort rules as writing a program. They can include variables, keywords and functions. Why do we need to write rules? The reason is, without rules Snort will never detect someone trying to hack your machine. This HOWTO will give you confidence to write your own rules. http://www.linuxsecurity.com/content/view/132365 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- -------------------------------------------------------------------------- * EnGarde Secure Community v3.0.18 Now Available! (Dec 4) ------------------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features. In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more. http://www.linuxsecurity.com/content/view/131851 -------------------------------------------------------------------------- * Debian: New Linux 2.6.18 packages fix several vulnerabilities (Dec 20) ---------------------------------------------------------------------- LMH reported an issue in the minix filesystem that allows local users with mount privileges to create a DoS (printk flood) by mounting a specially crafted corrupt filesystem. http://www.linuxsecurity.com/content/view/132499 * Debian: New clamav packages fix several vulnerabilities (Dec 19) ---------------------------------------------------------------- Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit.It was discovered that an integer overflow in the decompression code for MEW archives may lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/132381 * Debian: New mydns packages fix denial of service (Dec 16) --------------------------------------------------------- It was discovered that in MyDNS, a domain name server with database backend, the daemon could be crashed through malicious remote update requests, which may lead to denial of service. http://www.linuxsecurity.com/content/view/132355 * Debian: New centericq packages fix execution of code (Dec 16) ------------------------------------------------------------- Several remote vulnerabilities have been discovered in centericq, a text-mode multi-protocol instant messenger client, which could allow remote attackers to execute arbitary code due to insufficient bounds-testing. http://www.linuxsecurity.com/content/view/132354 * Debian: New link-grammar packages fix execution of code (Dec 16) ---------------------------------------------------------------- Alin Rad Pop discovered that link-grammar, Carnegie Mellon University's link grammar parser for English, performed insufficient validation within its tokenizer, which could allow a malicious input file to execute arbitrary code. http://www.linuxsecurity.com/content/view/132353 -------------------------------------------------------------------------- * Fedora 7 Update: mock-0.8.18-1.fc7 (Dec 20) ------------------------------------------- -- add --update -- fix --shell http://www.linuxsecurity.com/content/view/132389 * Fedora 7 Update: qt4-theme-quarticurve (Dec 13) ----------------------------------------------- This update fixes Quarticurve to use system icons (rather than builtin Qt ones) in Qt 4 dialogs (e.g. QPrintDialog) also in KDE 4 apps. http://www.linuxsecurity.com/content/view/132203 -------------------------------------------------------------------------- * Gentoo: CUPS Multiple vulnerabilities (Dec 18) ---------------------------------------------- Multiple vulnerabilities have been discovered in CUPS, allowing for the remote execution of arbitrary code and a Denial of Service. http://www.linuxsecurity.com/content/view/132372 * Gentoo: E2fsprogs Multiple buffer overflows (Dec 18) ---------------------------------------------------- Multiple heap-based buffer overflows in E2fsprogs could result in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/132370 -------------------------------------------------------------------------- * Mandriva: Updated Firefox packages fix multiple (Dec 14) -------------------------------------------------------- A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.11. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.11 for older products. http://www.linuxsecurity.com/content/view/132236 * Mandriva: Updated wpa_supplicant package fixes remote (Dec 13) -------------------------------------------------------------- Stack-based buffer overflow in driver_wext.c in wpa_supplicant 0.6.0 allows remote attackers to cause a denial of service (crash) via crafted TSF data. Updated package fixes this issue. http://www.linuxsecurity.com/content/view/132201 -------------------------------------------------------------------------- * RedHat: Important: autofs security update (Dec 20) -------------------------------------------------- Updated autofs packages that fix a security issue are now available for Red Hat Enterprise Linux 5. A local user with control of a remote NFS server could create special device files on the remote file system, that if mounted using the default "-hosts" map, could allow the user to access important system devices This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132386 * RedHat: Important: autofs5 security update (Dec 20) --------------------------------------------------- Updated autofs5 technology preview packages that fix a security issue are now available for Red Hat Enterprise Linux 4.T A local user with control of a remote NFS server could create special device files on the remote file system, that if mounted using the default "-hosts" map, could allow the user to access important system devices This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132387 * RedHat: Important: kernel security and bug fix update (Dec 19) -------------------------------------------------------------- Updated kernel packages that fix various security issues and several bugs in the Red Hat Enterprise Linux 4 kernel are now available.A flaw was found in the handling of IEEE 802.11 frames, which affected several wireless LAN modules. In certain situations, a remote attacker could trigger this flaw by sending a malicious packet over a wireless network, causing a denial of service (kernel crash). This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132382 * RedHat: Moderate: libexif security update (Dec 19) -------------------------------------------------- Updated libexif packages that fix a security issue are now available for Red Hat Enterprise Linux 4. The libexif packages contain the Exif library. Exif is an image file format specification that enables metadata tags to be added to existing JPEG, TIFF and RIFF files. The Exif library makes it possible to parse an Exif file and read this metadata. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132378 * RedHat: Important: mysql security update (Dec 19) ------------------------------------------------- Updated mysql packages that fix several security issues are now available for Red Hat Application Stack v1 and v2. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132379 * RedHat: Moderate: thunderbird security update (Dec 19) ------------------------------------------------------ Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132380 * RedHat: Moderate: libexif security update (Dec 19) -------------------------------------------------- Updated libexif packages that fix several security issues are now available for Red Hat Enterprise Linux 5. An integer overflow flaw was found in the way libexif parses Exif image tags. If a victim opens a carefully crafted Exif image file, it could cause the application linked against libexif to execute arbitrary code, or crash. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132377 * RedHat: Critical: flash-plugin security update (Dec 18) ------------------------------------------------------- An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132374 * RedHat: Moderate: squid security update (Dec 18) ------------------------------------------------ A flaw was found in the way squid stored HTTP headers for cached objects in system memory. An attacker could cause squid to use additional memory, and trigger high CPU usage when processing requests for certain cached objects, possibly leading to a denial of service. http://www.linuxsecurity.com/content/view/132366 * RedHat: Important: mysql security update (Dec 18) ------------------------------------------------- Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/132367 -------------------------------------------------------------------------- * Ubuntu: Linux kernel vulnerabilities (Dec 18) ---------------------------------------------- The minix filesystem did not properly validate certain filesystem values. If a local attacker could trick the system into attempting to mount a corrupted minix filesystem, the kernel could be made to hang for long periods of time, resulting in a denial of service. (CVE-2006-6058) Certain calculations in the hugetlb code were not correct. A local attacker could exploit this to cause a kernel panic, leading to a denial of service. http://www.linuxsecurity.com/content/view/132375 * Ubuntu: Samba vulnerability (Dec 18) ------------------------------------- Alin Rad Pop discovered that Samba did not correctly check the size of reply packets to mailslot requests. If a server was configured with domain logon enabled, an unauthenticated remote attacker could send a specially crafted domain logon packet and execute arbitrary code or crash the Samba service. By default, domain logon is disabled in Ubuntu. http://www.linuxsecurity.com/content/view/132369 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------