+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | March 28th, 2010 Volume 11, Number 14 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Vulnerabilities in Web Applications ----------------------------------- This paper aims to raise awareness by discussing common vulnerabilities and mistakes in web application development. It also considers mitigating factors, strategies and corrective measures. http://www.linuxsecurity.com/content/view/118427 A Secure Nagios Server ---------------------- This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security. http://www.linuxsecurity.com/content/view/144088 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2023-1: curl: buffer overflow (Mar 27) ---------------------------------------------- Wesley Miaw discovered that libcurl, a multi-protocol file transfer library, is prone to a buffer overflow via the callback function when an application relies on libcurl to automatically uncompress data. Note that this only affects applications that trust libcurl's maximum limit [More...] http://www.linuxsecurity.com/content/view/152006 * Debian: 2022-1: mediawiki: Multiple vulnerabilities (Mar 23) ------------------------------------------------------------ Several vulnerabilities have been discovered in mediawiki, a web-based wiki engine. The following issues have been identified: Insufficient input sanitization in the CSS validation code allows editors [More...] http://www.linuxsecurity.com/content/view/151964 * Debian: 2021-1: spamass-milter: missing input sanitization (Mar 22) ------------------------------------------------------------------- It was discovered a missing input sanitization in spamass-milter, a milter used to filter mail through spamassassin. This allows a remote attacker to inject and execute arbitrary shell commands. [More...] http://www.linuxsecurity.com/content/view/151949 * Debian: 2020-1: ikiwiki: insufficient input sanitiza (Mar 20) ------------------------------------------------------------- Ivan Shmakov discovered that the htmlscrubber component of ikwiki, a wiki compiler, performs insufficient input sanitization on data:image/svg+xml URIs. As these can contain script code this can be used by an attacker to conduct cross-site scripting attacks. [More...] http://www.linuxsecurity.com/content/view/151947 * Debian: 2019-1: pango1.0: missing input sanitization (Mar 20) ------------------------------------------------------------- Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an [More...] http://www.linuxsecurity.com/content/view/151946 ------------------------------------------------------------------------ * Mandriva: 2010:068: php (Mar 27) -------------------------------- A vulnerability has been found and corrected in php: The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of [More...] http://www.linuxsecurity.com/content/view/152005 * Mandriva: 2010:067: kernel (Mar 25) ----------------------------------- This update provides a fix to the correction of CVE-2010-0307, which resulted in crashes when running i586 applications on x86_64. To update your kernel, please follow the directions located at: [More...] http://www.linuxsecurity.com/content/view/151996 * Mandriva: 2010:066: kernel (Mar 24) ----------------------------------- Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock function in the Linux [More...] http://www.linuxsecurity.com/content/view/151977 * Mandriva: 2010:065: cpio (Mar 23) --------------------------------- A vulnerability has been found and corrected in cpio and tar: Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service [More...] http://www.linuxsecurity.com/content/view/151959 * Mandriva: 2010:064: libpng (Mar 23) ----------------------------------- A vulnerability has been found and corrected in libpng: The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately [More...] http://www.linuxsecurity.com/content/view/151958 * Mandriva: 2010:063: libpng (Mar 22) ----------------------------------- Multiple vulnerabilities has been found and corrected in libpng: libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and [More...] http://www.linuxsecurity.com/content/view/151957 ------------------------------------------------------------------------ * Red Hat: 2010:0175-01: httpd: Low Advisory (Mar 25) --------------------------------------------------- Updated httpd packages that fix one security issue, a bug, and add an enhancement are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/151995 * Red Hat: 2010:0168-01: httpd: Moderate Advisory (Mar 25) -------------------------------------------------------- Updated httpd packages that fix two security issues and add an enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/151985 * Red Hat: 2010:0167-01: gnutls: Moderate Advisory (Mar 25) --------------------------------------------------------- Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/151984 * Red Hat: 2010:0164-01: openssl097a: Moderate Advisory (Mar 25) -------------------------------------------------------------- Updated openssl097a packages that fix a security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/151982 * Red Hat: 2010:0173-02: openssl096b: Important Advisory (Mar 25) --------------------------------------------------------------- Updated openssl096b packages that fix one security issue are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/151983 * Red Hat: 2010:0165-01: nss: Moderate Advisory (Mar 25) ------------------------------------------------------ Updated nss packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/151981 * Red Hat: 2010:0163-01: openssl: Moderate Advisory (Mar 25) ---------------------------------------------------------- Updated openssl packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/151979 * Red Hat: 2010:0162-01: openssl: Important Advisory (Mar 25) ----------------------------------------------------------- Updated openssl packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/151980 * Red Hat: 2010:0166-01: gnutls: Moderate Advisory (Mar 25) --------------------------------------------------------- Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/151978 * Red Hat: 2010:0161-01: kernel-rt: Important Advisory (Mar 23) ------------------------------------------------------------- Updated kernel-rt packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise MRG 1.2. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/151962 ------------------------------------------------------------------------ * SuSE: 2010-018: Linux kernel (Mar 22) ------------------------------------- This update of the openSUSE 11.2 kernel contains a lot of bug and security fixes. Following security issues were fixed: CVE-2010-0622: The wake_futex_pi function in kernel/futex.c in the Linux [More...] http://www.linuxsecurity.com/content/view/151956 ------------------------------------------------------------------------ * Ubuntu: 917-1: Puppet vulnerabilities (Mar 24) ---------------------------------------------- It was discovered that Puppet did not drop supplementary groups when beingrun as a different user. A local user may be able to use this flaw tobypass security restrictions and gain access to restricted files.(CVE-2009-3564) [More...] http://www.linuxsecurity.com/content/view/151973 * Ubuntu: 918-1: Samba vulnerability (Mar 24) ------------------------------------------- It was discovered the Samba handled symlinks in an unexpected way when both"wide links" and "UNIX extensions" were enabled, which is the default. Aremote attacker could create symlinks and access arbitrary files from theserver. [More...] http://www.linuxsecurity.com/content/view/151974 * Ubuntu: 916-1: Kerberos vulnerabilities (Mar 23) ------------------------------------------------ Emmanuel Bouillon discovered that Kerberos did not correctly handlecertain message types. An unauthenticated remote attacker could sendspecially crafted traffic to cause the KDC to crash, leading to a denialof service. (CVE-2010-0283) [More...] http://www.linuxsecurity.com/content/view/151965 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------