+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | August 8th, 2008 Volume 9, Number 32 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for opensc, httrack, cupsys, libxslt, dnsmasq, newsx, dhcp, wireshark, mozilla, xine-lib, python, vlc, kernel, realplayer, java, nfs-utils, pan, and net-snmp. The distributors include Debian, Gentoo, Mandriva, Red Hat, Slackware, SuSE, and Ubuntu. --- >> Linux+DVD Magazine << In each issue you can find information concerning the best use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. Catch up with what professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software are doing! http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- Security Features of Firefox 3.0 -------------------------------- Lets take a look at the security features of the newly released Firefox 3.0. Since it's release on Tuesday I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security. Read on for more security features of Firefox 3.0. http://www.linuxsecurity.com/content/view/138972 --- Review: The Book of Wireless ---------------------------- "The Book of Wireless" by John Ross is an answer to the problem of learning about wireless networking. With the wide spread use of Wireless networks today anyone with a computer should at least know the basics of wireless. Also, with the wireless networking, users need to know how to protect themselves from wireless networking attacks. http://www.linuxsecurity.com/content/view/136167 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.19 Now Available! (Apr 15) ------------------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.19 (Version 3.0, Release 19). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/136174 ------------------------------------------------------------------------ * Debian: New opensc packages fix smart card vulnerability (Aug 4) ---------------------------------------------------------------- Chaskiel M Grundman discovered that opensc, a library and utilities to handle smart cards, would initialise smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN. http://www.linuxsecurity.com/content/view/140868 * Debian: New httrack packages fix arbitrary code execution (Aug 1) ----------------------------------------------------------------- Joan Calvet discovered that httrack, a utility to create local copies of websites, is vulnerable to a buffer overflow potentially allowing to execute arbitrary code when passed excessively long URLs. http://www.linuxsecurity.com/content/view/140860 * Debian: New cupsys packages fix arbitrary code execution (Aug 1) ---------------------------------------------------------------- Buffer overflows in the HP-GL input filter allowed to possibly run arbitrary code through crafted HP-GL files. http://www.linuxsecurity.com/content/view/140859 * Debian: New libxslt packages fix arbitrary code execution (Jul 31) ------------------------------------------------------------------ Chris Evans discovered that a buffer overflow in the RC4 functions of libexslt may lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/140812 * Debian: New dnsmasq packages fix cache poisoning (Jul 31) --------------------------------------------------------- This update changes Debian's dnsmasq packages to implement the recommended countermeasure: UDP query source port randomization. This change increases the size of the space from which an attacker has to guess values in a backwards-compatible fashion and makes successful attacks significantly more difficult. http://www.linuxsecurity.com/content/view/140809 * Debian: New newsx packages fix arbitrary code execution (Jul 31) ---------------------------------------------------------------- It was discovered that newsx, an NNTP news exchange utility, was affected by a buffer overflow allowing remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period. http://www.linuxsecurity.com/content/view/140801 ------------------------------------------------------------------------ * Gentoo: libxslt Execution of arbitrary code (Aug 6) --------------------------------------------------- libxslt is affected by a heap-based buffer overflow, possibly leading to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/140884 * Gentoo: ISC DHCP Denial of Service (Aug 6) ------------------------------------------ A Denial of Service vulnerability was discovered in ISC DHCP. http://www.linuxsecurity.com/content/view/140883 * Gentoo: Wireshark Denial of Service (Aug 5) ------------------------------------------- Multiple Denial of Service vulnerabilities have been discovered in Wireshark. http://www.linuxsecurity.com/content/view/140880 * Gentoo: Mozilla products Multiple vulnerabilities (Aug 5) --------------------------------------------------------- Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code. http://www.linuxsecurity.com/content/view/140879 * Gentoo: Net-SNMP Multiple vulnerabilities (Aug 5) ------------------------------------------------- Multiple vulnerabilities in Net-SNMP allow for authentication bypass in snmpd and execution of arbitrary code in Perl applications using Net-SMNP. http://www.linuxsecurity.com/content/view/140878 * Gentoo: xine-lib User-assisted execution of arbitrary code (Aug 5) ------------------------------------------------------------------ xine-lib is vulnerable to multiple buffer overflows when processing media streams. http://www.linuxsecurity.com/content/view/140877 * Gentoo: Python Multiple vulnerabilities (Jul 31) ------------------------------------------------ Multiple vulnerabilities in Python may allow for the execution of arbitrary code. http://www.linuxsecurity.com/content/view/140814 * Gentoo: Pan User-assisted execution of arbitrary code (Jul 31) -------------------------------------------------------------- A buffer overflow vulnerability in Pan may allow remote attacker to execute arbitrary code. http://www.linuxsecurity.com/content/view/140811 * Gentoo: VLC Multiple vulnerabilities (Jul 31) --------------------------------------------- Multiple vulnerabilities in VLC may allow for the execution of arbitrary code. http://www.linuxsecurity.com/content/view/140810 ------------------------------------------------------------------------ * Mandriva: Subject: [Security Announce] [ MDVSA-2008:160 ] libxslt (Aug 1) ------------------------------------------------------------------------- Chris Evans of the Google Security Team found a vulnerability in the RC4 processing code in libxslt that did not properly handle corrupted key information. A remote attacker able to make an application linked against libxslt process malicious XML input could cause the application to crash or possibly execute arbitrary code with the privileges of the application in question (CVE-2008-2935). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/140867 ------------------------------------------------------------------------ * RedHat: Important: kernel security and bug fix update (Aug 4) ------------------------------------------------------------- Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. A possible kernel memory leak was found in the Linux kernel Simple Internet Transition (SIT) INET6 implementation. This could allow a local unprivileged user to cause a denial of service. (CVE-2008-2136, Important) http://www.linuxsecurity.com/content/view/140872 * RedHat: Critical: RealPlayer security update (Jul 31) ----------------------------------------------------- RealPlayer 10.0.9 is vulnerable to a critical security flaw and should no longer be used. A remote attacker could leverage this flaw to execute arbitrary code as the user running RealPlayer. (CVE-2007-5400) This issue is addressed in RealPlayer 11. Red Hat is unable to ship RealPlayer 11 due to additional proprietary codecs included in that version. Therefore, users who wish to continue to use RealPlayer should get an update directly from www.real.com. http://www.linuxsecurity.com/content/view/140808 * RedHat: Critical: java-1.5.0-ibm security update (Jul 31) --------------------------------------------------------- Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/140807 * RedHat: Moderate: libxslt security update (Jul 31) -------------------------------------------------- Updated libxslt packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/140806 * RedHat: Moderate: nfs-utils security update (Jul 31) ---------------------------------------------------- An updated nfs-utils package that fixes a security issue is now available for Red Hat Enterprise Linux 5. A flaw was found in the nfs-utils package build. The nfs-utils package was missing TCP wrappers support, which could result in an administrator believing they had access restrictions enabled when they did not. This update has been rated as having moderate security impact by the RedHat Security Response Team. http://www.linuxsecurity.com/content/view/140805 ------------------------------------------------------------------------ * Slackware: pan (Aug 4) ------------------------ New pan packages are available for Slackware 12.0, 12.1, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2363 http://www.linuxsecurity.com/content/view/140874 * Slackware: python (Aug 4) --------------------------- New python packages are available for Slackware 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: http://www.linuxsecurity.com/content/view/140875 ------------------------------------------------------------------------ * SuSE: net-snmp (SUSE-SA:2008:039) (Aug 1) ----------------------------------------- The net-snmp daemon implements the "simple network management protocol". The version 3 of SNMP as implemented in net-snmp uses the length of the HMAC in a packet to verify against a local HMAC for authentication. An attacker can therefore send a SNMPv3 packet with a one byte HMAC and guess the correct first byte of the local HMAC with 256 packets (max). http://www.linuxsecurity.com/content/view/140862 ------------------------------------------------------------------------ * Ubuntu: Devhelp, Epiphany, Midbrowser and Yelp update (Aug 4) -------------------------------------------------------------- A flaw was discovered in the browser engine. A variable could be made to overflow causing the browser to crash. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2785) http://www.linuxsecurity.com/content/view/140871 * Ubuntu: libxslt vulnerabilities (Aug 1) ---------------------------------------- It was discovered that long transformation matches in libxslt could overflow. If an attacker were able to make an application linked against libxslt process malicious XSL style sheet input, they could execute arbitrary code with user privileges or cause the application to crash, leading to a denial of serivce. (CVE-2008-1767) http://www.linuxsecurity.com/content/view/140864 * Ubuntu: OpenLDAP vulnerability (Aug 1) --------------------------------------- Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data. A remote attacker could send a specially crafted packet and crash slapd, leading to a denial of service. http://www.linuxsecurity.com/content/view/140865 * Ubuntu: Python vulnerabilities (Aug 1) --------------------------------------- It was discovered that there were new integer overflows in the imageop module. If an attacker were able to trick a Python application into processing a specially crafted image, they could execute arbitrary code with user privileges. (CVE-2008-1679) http://www.linuxsecurity.com/content/view/140863 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------