+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | July 6th, 2009 Volume 10, Number 28 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for xorg-x11-xfs, modsecurity, libwmf, wireshark, apache, phpMyAdmin, Ruby, kde4, timezone, imap, php, ruby, openswan, pidgin, seamonkey, ghostscript, mozilla-thunderbird, perl, nagios, samba, and tiff. The distributors include Gentoo, Mandriva, Red Hat, Slackware, SuSE, Ubuntu, and Pardus. --- >> Linux+DVD Magazine << In each issue you can find information concerning the best use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. Catch up with what professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software are doing! http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- Review: Googling Security: How Much Does Google Know About You -------------------------------------------------------------- If I ask "How much do you know about Google?" You may not take even a second to respond. But if I may ask "How much does Google know about you"? You may instantly reply "Wait... what!? Do they!?" The book "Googling Security: How Much Does Google Know About You" by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business and what you can do to protect yourself. http://www.linuxsecurity.com/content/view/145939 --- A Secure Nagios Server ---------------------- Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security. http://www.linuxsecurity.com/content/view/144088 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! (Dec 9) ------------------------------------------------------ Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Fedora 9 Update: xorg-x11-xfs-1.0.5-2.1.fc9 (Jul 2) --------------------------------------------------- http://www.linuxsecurity.com/content/view/149289 * Fedora 10 Update: xorg-x11-xfs-1.0.5-3.1.fc10 (Jul 2) ----------------------------------------------------- http://www.linuxsecurity.com/content/view/149290 ------------------------------------------------------------------------ * Gentoo: ModSecurity Denial of Service (Jul 2) --------------------------------------------- =3D=3D=3D=3D=3D=3D=3D=3D Two vulnerabilities in ModSecurity might lead to a Denial of Service. http://www.linuxsecurity.com/content/view/149300 * Gentoo: libwmf User-assisted execution of arbitrary (Jul 2) ----------------------------------------------------------- =3D=3D=3D=3D=3D=3D=3D=3D libwmf bundles an old GD version which contains a "use-after-free" vulnerability. http://www.linuxsecurity.com/content/view/149299 * Gentoo: Wireshark Multiple vulnerabilities (Jun 30) --------------------------------------------------- =3D=3D=3D=3D=3D=3D=3D=3D Multiple vulnerabilities have been discovered in Wireshark which allow for Denial of Service (application crash) or remote code execution. http://www.linuxsecurity.com/content/view/149283 * Gentoo: Apache Tomcat JK Connector Information (Jun 29) ------------------------------------------------------- =3D=3D=3D=3D=3D=3D=3D=3D An error in the Apache Tomcat JK Connector might allow for an information disclosure flaw. http://www.linuxsecurity.com/content/view/149278 * Gentoo: phpMyAdmin Multiple vulnerabilities (Jun 29) ---------------------------------------------------- =3D=3D=3D=3D=3D=3D=3D=3D Multiple errors in phpMyAdmin might allow the remote execution of arbitrary code or a Cross-Site Scripting attack. http://www.linuxsecurity.com/content/view/149277 * Gentoo: Ruby Denial of Service (Jun 28) --------------------------------------- =3D=3D=3D=3D=3D=3D=3D=3D A flaw in the Ruby standard library might allow remote attackers to cause a Denial of Service attack. http://www.linuxsecurity.com/content/view/149271 ------------------------------------------------------------------------ * Mandriva: Subject: [Security Announce] [ MDVA-2009:123 ] kde4 (Jul 1) --------------------------------------------------------------------- Mandriva Linux 2009 Spring was released with KDE4 version 4.2.2. This update upgrades KDE4 in Mandriva Linux 2009 Spring to version 4.2.4, which brings many bugfixes and overall improvements. http://www.linuxsecurity.com/content/view/149288 * Mandriva: Subject: [Security Announce] [ MDVA-2009:122 ] timezone (Jun 29) -------------------------------------------------------------------------- Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. http://www.linuxsecurity.com/content/view/149274 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:146 ] imap (Jun 29) ----------------------------------------------------------------------- Security vulnerabilities has been identified and fixed in University of Washington IMAP Toolkit: Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program (CVE-2008-5005). smtp.c in the c-client library in University of Washington IMAP Toolkit 2007b allows remote SMTP servers to cause a denial of service (NULL pointer dereference and application crash) by responding to the QUIT command with a close of the TCP connection instead of the expected 221 response code (CVE-2008-5006). Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow (CVE-2008-5514). The updated packages have been patched to prevent this. Note that the software was renamed to c-client starting from Mandriva Linux 2009.0 and only provides the shared c-client library for the imap functions in PHP. http://www.linuxsecurity.com/content/view/149273 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:145 ] php (Jun 28) ---------------------------------------------------------------------- A vulnerability has been found and corrected in PHP: - Fixed upstream bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files). The updated packages have been patched to correct these issues. http://www.linuxsecurity.com/content/view/149270 ------------------------------------------------------------------------ * RedHat: Moderate: ruby security update (Jul 2) ---------------------------------------------- Updated ruby packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149296 * RedHat: Important: openswan security update (Jul 2) --------------------------------------------------- Updated openswan packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149294 * RedHat: Moderate: pidgin security and bug fix update (Jul 2) ------------------------------------------------------------ Updated pidgin packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149295 * RedHat: Important: seamonkey security update (Jun 30) ----------------------------------------------------- Updated seamonkey packages that fix a security issue are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149284 * RedHat: Important: kernel security and bug fix update (Jun 30) -------------------------------------------------------------- Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/149280 ------------------------------------------------------------------------ * Slackware: ghostscript (Jun 30) --------------------------------- New ghostscript packages are available for Slackware 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0792 http://www.linuxsecurity.com/content/view/149279 * Slackware: mozilla-thunderbird (Jun 28) ----------------------------------------- New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about the issues may be found here: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.h tml http://www.linuxsecurity.com/content/view/149269 ------------------------------------------------------------------------ * SuSE: IBM Java 6 (SUSE-SA:2009:036) (Jul 2) ------------------------------------------- http://www.linuxsecurity.com/content/view/149301 * SuSE: Acrobat Reader (SUSE-SA:2009:035) (Jul 1) ----------------------------------------------- http://www.linuxsecurity.com/content/view/149287 ------------------------------------------------------------------------ * Ubuntu: Perl vulnerability (Jul 2) ----------------------------------- It was discovered that the Compress::Raw::Zlib Perl module incorrectly handled certain zlib compressed streams. If a user or automated system were tricked into processing a specially crafted compressed stream or file, a remote attacker could crash the application, leading to a denial of service. http://www.linuxsecurity.com/content/view/149298 * Ubuntu: Nagios vulnerability (Jul 2) ------------------------------------- It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server. http://www.linuxsecurity.com/content/view/149297 ------------------------------------------------------------------------ * Pardus: Samba: Security Bypass (Jun 30) --------------------------------------- by malicious users to bypass certain security restrictions and by malicious people to potentially compromise a user's system. http://www.linuxsecurity.com/content/view/149282 * Pardus: Tiff: Buffer Underflow (Jun 30) --------------------------------------- malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library. http://www.linuxsecurity.com/content/view/149281 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
