Linux Advisory Watch: June 13th, 2008

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+------------------------------------------------------------------------+
| LinuxSecurity.com                                    Weekly Newsletter |
| June 13th, 2008                                    Volume 9, Number 24 |
|                                                                        |
| Editorial Team:                Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> |
|                         Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> |
+------------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week advisories were released for type3, mt-daapd, xorg-server,
imlib2, tomcat, kernel, gnome-panel, nautilus, evolution, perl, xfree,
ucd-snmp, openssl-blacklist, and OpenVPN.  The distributors include
Debian, Gentoo, Mandriva, Red Hat, and Ubuntu.

---

>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

http://www.linuxsecurity.com/ads/adclick.php?bannerid=3D26

---

Review: The Book of Wireless
----------------------------
=93The Book of Wireless=94 by John Ross is an answer to the problem of
learning about wireless networking. With the wide spread use of Wireless
networks today anyone with a computer should at least know the basics of
wireless. Also, with the wireless networking, users need to know how to
protect themselves from wireless networking attacks.

http://www.linuxsecurity.com/content/view/136167

---

April 2008 Open Source Tool of the Month: sudo
----------------------------------------------
This month the editors at LinuxSecurity.com have chosen sudo as the Open
Source Tool of the Month!

http://www.linuxsecurity.com/content/view/135868

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

--------------------------------------------------------------------------

* EnGarde Secure Community 3.0.19 Now Available! (Apr 15)
  -------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.19 (Version 3.0, Release 19).  This release includes many
  updated packages and bug fixes and some feature enhancements to the
  EnGarde Secure Linux Installer and the SELinux policy.

  http://www.linuxsecurity.com/content/view/136174

--------------------------------------------------------------------------

* Debian: New typo3 packages fix several vulnerabilities (Jun 12)
  ---------------------------------------------------------------
  Because of a not sufficiently secure default value of the TYPO3
  configuration variable fileDenyPattern, authenticated backend users
  could upload files that allowed to execute arbitrary code as the
  webserver user.

  http://www.linuxsecurity.com/content/view/138527

* Debian: New mt-daapd packages fix several vulnerabilities (Jun 12)
  ------------------------------------------------------------------
  Insufficient validation and bounds checking of the Authorization:
  HTTP header enables a heap buffer overflow, potentially enabling
  the execution of arbitrary code.

  http://www.linuxsecurity.com/content/view/138526

* Debian: New xorg-server packages fix several vulnerabilities (Jun 11)
  ---------------------------------------------------------------------
  Lack of validation of the parameters of the
  SProcSecurityGenerateAuthorization SProcRecordCreateContext
  functions makes it possible for a specially crafted request to trigger
     the swapping of bytes outside the parameter of these requests,
  causing     memory corruption.

  http://www.linuxsecurity.com/content/view/138473

* Debian: New imlib2 packages fix arbitrary code execution (Jun 11)
  -----------------------------------------------------------------
  Stefan Cornelius discovered two buffer overflows in Imlib's - a
  powerful image loading and rendering library - image loaders for PNM
  and XPM images, which may result in the execution of arbitrary code.

  http://www.linuxsecurity.com/content/view/138466

* Debian: New tomcat5.5 packages cross-site scripting (Jun 9)
  -----------------------------------------------------------
  Tt was discovered that the Host Manager web application performed
  insufficient input sanitising, which could lead to cross-site
  scripting.

  http://www.linuxsecurity.com/content/view/138230

* Debian: New Linux 2.6.18 packages fix overflow conditions (Jun 9)
  -----------------------------------------------------------------
  Wei Wang from McAfee reported a potential heap overflow in the
  ASN.1 decode code that is used by the SNMP NAT and CIFS  subsystem.
  Exploitation of this issue may lead to arbitrary code execution.
  This issue is not believed to be exploitable with the pre-built
  kernel images provided by Debian, but it might be an issue for
  custom images built from the Debian-provided source package.

  http://www.linuxsecurity.com/content/view/138229

* Debian: New Linux 2.6.18 packages fix overflow conditions (Jun 9)
  -----------------------------------------------------------------
  Wei Wang from McAfee reported a potential heap overflow in the
  ASN.1 decode code that is used by the SNMP NAT and CIFS subsystem.
  Exploitation of this issue may lead to arbitrary code execution.
  This issue is not believed to be exploitable with the pre-built
  kernel images provided by Debian, but it might be an issue for
  custom images built from the Debian-provided source package.

  http://www.linuxsecurity.com/content/view/138223

--------------------------------------------------------------------------

* Gentoo: Imlib 2 User-assisted execution of arbitrary code (Jun 9)
  -----------------------------------------------------------------
  Two vulnerabilities in Imlib 2 may allow for the execution of arbitrary
  code.

  http://www.linuxsecurity.com/content/view/138226

* Gentoo: Imlib 2 User-assisted execution of arbitrary (Jun 8)
  ------------------------------------------------------------
  Two vulnerabilities in Imlib 2 may allow for the execution of arbitrary
  code.

  http://www.linuxsecurity.com/content/view/138222

--------------------------------------------------------------------------

* Mandriva: Updated kernel packages fix security issues (Jun 12)
  --------------------------------------------------------------
  The Datagram Congestion Control Protocol (DCCP) subsystem in the Linux
  kernel 2.6.18, and probably other versions, does not properly check
  feature lengths, which might allow remote attackers to execute
  arbitrary code, related to an unspecified overflow. (CVE-2008-2358)

  http://www.linuxsecurity.com/content/view/138528

* Mandriva: Updated gnome-panel packages fix various bugs (Jun 11)
  ----------------------------------------------------------------
  The clock applet in GNOME could crash when using some specific
  locations or when using updated timezone data.  The Recent Documents
  menu was not always able to start the right application for a specific
  document.

  http://www.linuxsecurity.com/content/view/138472

* Mandriva: Updated nautilus and gvfs packages fix regression (Jun 11)
  --------------------------------------------------------------------
  A regression was introduced in the Mandriva Linux GNOME package while
  fixing CD-ROM drives ejecting when using the hardware button when the
  CD-ROM drive was present in the system fstab.  This regression caused
  an error popup to appear when using the eject hardware button on CD-ROM
  drives not present in the system fstab.

  http://www.linuxsecurity.com/content/view/138465

* Mandriva: Updated Evolution packages fix vulnerabilities (Jun 10)
  -----------------------------------------------------------------
  Alan Rad Pop of Secunia Research discovered the following two
  vulnerabilities in Evolution: Evolution did not properly validate
  timezone data when processing iCalendar attachments.=09If a user
  disabled the Itip Formatter plugin and viewed a crafted iCalendar
  attachment, an attacker could cause a denial of service or potentially
  execute arbitrary code with the user's privileges (CVE-2008-1108).

  http://www.linuxsecurity.com/content/view/138358

* Mandriva: Updated Firefox packages fix vulnerabilities (Jun 6)
  --------------------------------------------------------------
  Security vulnerabilities have been discovered and corrected in the
  latest Mozilla Firefox program, version 2.0.0.14. This update provides
  the latest Firefox to correct these issues.

  http://www.linuxsecurity.com/content/view/138110

--------------------------------------------------------------------------

* RedHat: Important: openoffice.org security update (Jun 12)
  ----------------------------------------------------------
  Updated openoffice.org packages to correct a security issue are now
  available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux
  5. This update has been rated as having important security impact by
  the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/138618

* RedHat: Important: openoffice.org security update (Jun 12)
  ----------------------------------------------------------
  It was discovered that certain libraries in the Red Hat Enterprise
  Linux 3 and 4 openoffice.org packages had an insecure relative RPATH
  (runtime library search path) set in the ELF (Executable and Linking
  Format) header. A local user able to convince another user to run
  OpenOffice in an attacker-controlled directory, could run arbitrary
  code with the privileges of the victim.

  http://www.linuxsecurity.com/content/view/138619

* RedHat: Important: perl security update (Jun 11)
  ------------------------------------------------
  Updated perl packages that fix a security issue are now available for
  Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as
  having important security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/138471

* RedHat: Important: XFree86 security update (Jun 11)
  ---------------------------------------------------
  Updated XFree86 packages that fix several security issues are now
  available for Red Hat Enterprise Linux 3. This update has been rated as
  having important security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/138467

* RedHat: Important: xorg-x11 security update (Jun 11)
  ----------------------------------------------------
  Updated xorg-x11 packages that fix several security issues are now
  available for Red Hat Enterprise Linux 4. This update has been rated as
  having important security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/138468

* RedHat: Important: xorg-x11-server security update (Jun 11)
  -----------------------------------------------------------
  Updated xorg-x11-server packages that fix several security issues are
  now available for Red Hat Enterprise Linux 5. This update has been
  rated as having important security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/138469

* RedHat: Important: XFree86 security update (Jun 11)
  ---------------------------------------------------
  Updated XFree86 packages that fix several security issues are now
  available for Red Hat Enterprise Linux 2.1. This update has been rated
  as having important security impact by the Red Hat Security Response
  Team.

  http://www.linuxsecurity.com/content/view/138470

* RedHat: Moderate: ucd-snmp security update (Jun 10)
  ---------------------------------------------------
  Updated ucd-snmp packages that fix a security issue are now available
  for Red Hat Enterprise Linux 2.1. A flaw was found in the way ucd-snmp
  checked an SNMPv3 packet's Keyed-Hash Message Authentication Code
  (HMAC). An attacker could use this flaw to spoof an authenticated
  SNMPv3 packet. (CVE-2008-0960) This update has been rated as having
  moderate security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/138356

* RedHat: Moderate: net-snmp security update (Jun 10)
  ---------------------------------------------------
  Updated net-snmp packages that fix a security issue are now available
  for Red Hat Enterprise Linux 3, 4, and 5. A buffer overflow was found
  in the Perl bindings for Net-SNMP. This could be exploited if an
  attacker could convince an application using the Net-SNMP Perl module
  to connect to a malicious SNMP agent. (CVE-2008-2292)

  http://www.linuxsecurity.com/content/view/138357

--------------------------------------------------------------------------

* Ubuntu:  X.org vulnerabilities (Jun 13)
  ---------------------------------------
  It was discovered that the MIT-SHM extension of X.org did not correctly
  validate the location of memory during an image copy.  An authenticated
  attacker could exploit this to read arbitrary memory locations within
  X, exposing sensitive information. (CVE-2008-1379)

  http://www.linuxsecurity.com/content/view/138620

* Ubuntu:  openssl-blacklist update (Jun 12)
  ------------------------------------------
  USN-612-3 addressed a weakness in OpenSSL certificate and key
  generation in OpenVPN by introducing openssl-blacklist to aid in
  detecting vulnerable private keys. This update enhances the
  openssl-vulnkey tool to check Certificate Signing Requests, accept
  input from STDIN, and check moduli without a certificate. It was also
  discovered that additional moduli are vulnerable if generated with
  OpenSSL 0.9.8g or higher. While it is believed that there are few of
  these vulnerable moduli in use, this update includes updated RSA-1024
  and RSA-2048 blacklists. RSA-512 blacklists are also included in the
  new openssl-blacklist-extra package.

  http://www.linuxsecurity.com/content/view/138529

* Ubuntu:  OpenVPN regression (Jun 12)
  ------------------------------------
  USN-612-3 addressed a weakness in OpenSSL certificate and key
  generation in OpenVPN by adding checks for vulnerable certificates and
  keys to OpenVPN. A regression was introduced in OpenVPN when using TLS
  with password protected certificates which caused OpenVPN to not start
  when used with applications such as NetworkManager.

  http://www.linuxsecurity.com/content/view/138530

* Ubuntu:  Evolution vulnerabilities (Jun 6)
  ------------------------------------------
  Alin Rad Pop of Secunia Research discovered that Evolution did not
  properly validate timezone data when processing iCalendar attachments.
  If a user disabled the ITip Formatter plugin and viewed a crafted
  iCalendar attachment, an attacker could cause a denial of service or
  possibly execute code with user privileges. Note that the ITip
  Formatter plugin is enabled by default in Ubuntu. (CVE-2008-1108)

  http://www.linuxsecurity.com/content/view/138212

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux