+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | July 11th, 2008 Volume 9, Number 28 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for iceweasel, wordpress, bind, pidgin, ruby, gnome-screensaver, squid, sympa, phpMyAdmin, seamonkey, and mozilla-firefox. The distributors include Debian, Gentoo, Mandriva, Slackware, and SuSE. --- >> Linux+DVD Magazine << In each issue you can find information concerning the best use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. Catch up with what professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software are doing! http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- Security Features of Firefox 3.0 -------------------------------- Lets take a look at the security features of the newly released Firefox 3.0. Since it's release on Tuesday I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security. Read on for more security features of Firefox 3.0. http://www.linuxsecurity.com/content/view/138972 --- Review: The Book of Wireless ---------------------------- "The Book of Wireless" by John Ross is an answer to the problem of learning about wireless networking. With the wide spread use of Wireless networks today anyone with a computer should at least know the basics of wireless. Also, with the wireless networking, users need to know how to protect themselves from wireless networking attacks. http://www.linuxsecurity.com/content/view/136167 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.19 Now Available! (Apr 15) ------------------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.19 (Version 3.0, Release 19). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/136174 ------------------------------------------------------------------------ * Debian: New iceweasel packages fix several vulnerabilities (Jul 11) ------------------------------------------------------------------- Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. http://www.linuxsecurity.com/content/view/139768 * Debian: New wordpress packages fix several vulnerabilities (Jul 4) ------------------------------------------------------------------ WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information. http://www.linuxsecurity.com/content/view/139444 ------------------------------------------------------------------------ * Gentoo: BIND Cache poisoning (Jul 11) ------------------------------------- A weakness in the DNS protocol has been reported, which could lead to cache poisoning on recursive resolvers. http://www.linuxsecurity.com/content/view/139769 ------------------------------------------------------------------------ * Mandriva: Updated pidgin packages fix MSN protocol handler vulnerability (Jul 10) --------------------------------------------------------------------------------- An integer overflow flaw was found in Pidgin's MSN protocol handler that could allow for the execution of arbitrary code if a user received a malicious MSN message (CVE-2008-2927). In addition, this update provides the ability to use ICQ networks again on Mandriva Linux 2008.0, as in MDVA-2008:103 (updated pidgin for 2008.1). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/139761 * Mandriva: Updated ruby packages fix vulnerabilities (Jul 9) ----------------------------------------------------------- Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1) ..%5c (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. http://www.linuxsecurity.com/content/view/139755 * Mandriva: Updated ruby packages fix vulnerabilities (Jul 9) ----------------------------------------------------------- Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1) ..%5c (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. http://www.linuxsecurity.com/content/view/139754 * Mandriva: Updated ruby packages fix vulnerabilities (Jul 9) ----------------------------------------------------------- Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors. (CVE-2008-2663) http://www.linuxsecurity.com/content/view/139753 * Mandriva: Updated BIND packages fix critical DNS vulnerability (Jul 9) ---------------------------------------------------------------------- A weakness was found in the DNS protocol by Dan Kaminsky. A remote attacker could exploit this weakness to spoof DNS entries and poison DNS caches. This could be used to misdirect users and services; i.e. for web and email traffic (CVE-2008-1447). This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue. http://www.linuxsecurity.com/content/view/139752 * Mandriva: Updated gnome-screensaver packages fix (Jul 4) -------------------------------------------------------- A vulnerability was found in gnome-screensaver 2.20.0 that could possibly allow a local user to read the clipboard contents and X selection data for a locked session by using CTRL-V (CVE-2007-6389). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/139450 * Mandriva: Updated squid packages fix DoS vulnerability (Jul 4) -------------------------------------------------------------- An incorrect fix for CVE-2007-6239 resulted in Squid not performing proper bounds checking when processing cache update replies. Because of this, a remote authenticated user might have been able to trigger an assertion error and cause a denial of service (CVE-2008-1612). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/139449 * Mandriva: Updated sympa packages fix DoS vulnerability (Jul 4) -------------------------------------------------------------- A denial of service condition was discovered in Sympa versions prior to 5.4 that allowed remote attackers to crash the Sympa daemon via a malformed email message (CVE-2008-1648). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/139448 * Mandriva: Updated gnome-screensaver packages fix authentication vulnerability (Jul 4) ------------------------------------------------------------------------------------- A vulnerability was found in gnome-screensaver prior to 2.22.1 when a remote authentication server was enabled. During a network outage, gnome-screensaver would crash upon an unlock attempt, allowing physically local users to gain access to locked sessions (CVE-2008-0887). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/139447 * Mandriva: Updated phpMyAdmin packages fix multiple vulnerabilities (Jul 4) -------------------------------------------------------------------------- A few vulnerabilities and security-related issues have been fixed in phpMyAdmin since the 2.11.2.2 release. This update provides version 2.11.7 which is the latest stable release of phpMyAdmin and fixes CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, and CVE-2008-2960. No configuration changes should be required since the previous update (version 2.11.2.2). If upgrading from older versions, it may be necessary to reconfigure phpMyAdmin. The configuration file is located in /etc/phpMyAdmin/. In most cases, it should be sufficient so simply replace config.default.php with config.default.php.rpmnew and make whatever modifications are necessary. http://www.linuxsecurity.com/content/view/139446 * Mandriva: Updated PHP packages fix multiple vulnerabilities (Jul 3) ------------------------------------------------------------------- Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, http://www.linuxsecurity.com/content/view/139399 * Mandriva: Updated PHP packages fix multiple vulnerabilities (Jul 3) ------------------------------------------------------------------- An integer overflow in the zip_read_entry() function in PHP prior to 4.4.5 allowed remote attackers to execute arbitrary code via a ZIP archive containing a certain type of entry that triggered a heap overflow (CVE-2007-1777). http://www.linuxsecurity.com/content/view/139400 * Mandriva: Updated PHP packages fix multiple vulnerabilities (Jul 3) ------------------------------------------------------------------- A number of vulnerabilities have been found and corrected in PHP: php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors (CVE-2008-0599). http://www.linuxsecurity.com/content/view/139398 * Mandriva: Updated PHP packages fix multiple vulnerabilities (Jul 3) ------------------------------------------------------------------- A number of vulnerabilities have been found and corrected in PHP: The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors (CVE-2007-5898). http://www.linuxsecurity.com/content/view/139397 * Mandriva: Updated PHP packages fix multiple vulnerabilities (Jul 3) ------------------------------------------------------------------- A number of vulnerabilities have been found and corrected in PHP: PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being processed (CVE-2007-1649). http://www.linuxsecurity.com/content/view/139395 * Mandriva: Updated PHP packages fix multiple vulnerabilities (Jul 3) ------------------------------------------------------------------- A number of vulnerabilities have been found and corrected in PHP: A vulnerability in the chunk_split() function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation (CVE-2007-4660). http://www.linuxsecurity.com/content/view/139396 ------------------------------------------------------------------------ * Slackware: seamonkey (Jul 10) ------------------------------- New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. More details about the issues may be found here: http://www.mozilla.org/projects/security/known-vulnerabilities.html#s eamonkey http://www.linuxsecurity.com/content/view/139756 * Slackware: mozilla-firefox (Jul 10) ------------------------------------- New mozilla-firefox packages are available for Slackware 10.2, 11.0, 12.0, and 12.1 to fix security issues. More details about the issues may be found on the Mozilla site: http://www.mozilla.org/projects/security/known-vulnerabilities.html#f irefox http://www.linuxsecurity.com/content/view/139757 * Slackware: bind (Jul 10) -------------------------- New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to address a security problem. More details may be found at the following links: http://www.isc.org/sw/bind/bind-security.php http://www.kb.cert.org/vuls/id/800113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 http://www.linuxsecurity.com/content/view/139758 ------------------------------------------------------------------------ * SuSE: bind (SUSE-SA:2008:033) (Jul 11) -------------------------------------- The new version of bind uses a random transaction-ID (TRXID) and a random UDP source-port for DNS queries to address DNS cache poisoning attacks possible because of the "birthday paradox" and an attack discovered by Dan Kaminsky. Unfortunately we do not have details about Kaminsky's attack and have to trust the statement that a random UDP source-port is sufficient to stop it. http://www.linuxsecurity.com/content/view/139763 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
