+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | April 16th, 2010 Volume 11, Number 16 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. SSH: Best Practices ------------------- If you're reading LinuxSecurity.com then it's a safe bet that you are already using SSH, but are you using it in the best way possible? Have you configured it to be as limited and secure as possible?<BR/>Read on for my best practices for using Secure Shell. http://www.linuxsecurity.com/content/view/133312 Review: Linux Firewalls ----------------------- Security is at the forefront of everyone's mind and a firewall can be an integral part of your Linux defense. But is Michael's Rash's "Linux Firewalls," the newest release from NoStarchPress, up for the challenge? Eckie S. here at Linuxsecurity.com gives you the low-down on this newest addition to the Linux security resource library and how it's one of the best ways to crack down on attacks to your Linux network. http://www.linuxsecurity.com/content/view/130392 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2033-1: ejabberd: heap overflow (Apr 15) ------------------------------------------------ It was discovered that in ejabberd, a distributed XMPP/Jabber server written in Erlang, a problem in ejabberd_c2s.erl allows remote authenticated users to cause a denial of service by sending a large number of c2s (client2server) messages; that triggers an overload of the [More...] http://www.linuxsecurity.com/content/view/152149 * Debian: 2032-1: libpng: Multiple vulnerabilities (Apr 11) --------------------------------------------------------- Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152113 * Debian: 2031-1: krb5: use-after-free (Apr 11) --------------------------------------------- Sol Jerome discovered that kadmind service in krb5, a system for authenticating users and services on a network, allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends [More...] http://www.linuxsecurity.com/content/view/152112 ------------------------------------------------------------------------ * Mandriva: 2010:075: openoffice.org (Apr 15) ------------------------------------------- This updates provides a security update to the OpenOffice.org described as follow: OpenOffice's xmlsec uses a bundled Libtool which might load .la file in the current working directory allowing local users to gain [More...] http://www.linuxsecurity.com/content/view/152152 * Mandriva: 2010:074: kdebase (Apr 15) ------------------------------------ A vulnerability has been found and corrected in kdm (kdebase/kdebase4-workspace): KDM contains a race condition that allows local attackers to make arbitrary files on the system world-writeable. This can happen [More...] http://www.linuxsecurity.com/content/view/152150 * Mandriva: 2010:073-1: cups (Apr 14) ----------------------------------- Multiple vulnerabilities has been found and corrected in cups: CUPS in does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors [More...] http://www.linuxsecurity.com/content/view/152140 * Mandriva: 2010:073: cups (Apr 14) --------------------------------- Multiple vulnerabilities has been found and corrected in cups: CUPS in does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors [More...] http://www.linuxsecurity.com/content/view/152139 * Mandriva: 2010:072: cups (Apr 14) --------------------------------- Multiple vulnerabilities has been found and corrected in cups: CUPS in does not properly handle (1) HTTP headers and (2) HTML templates, which allows remote attackers to conduct cross-site scripting (XSS) attacks and HTTP response splitting attacks via vectors [More...] http://www.linuxsecurity.com/content/view/152138 * Mandriva: 2010:071: krb5 (Apr 13) --------------------------------- A vulnerability has been found and corrected in krb5: Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a [More...] http://www.linuxsecurity.com/content/view/152132 * Mandriva: 2010:070: firefox (Apr 13) ------------------------------------ Security issues were identified and fixed in firefox: Security researcher regenrecht reported (via TippingPoint's Zero Day Initiative) a potential reuse of a deleted image frame in Firefox 3.6's handling of multipart/x-mixed-replace images. Although no exploit was [More...] http://www.linuxsecurity.com/content/view/152123 ------------------------------------------------------------------------ * Red Hat: 2010:0348-01: kdebase: Important Advisory (Apr 14) ----------------------------------------------------------- Updated kdebase packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152135 * Red Hat: 2010:0349-01: acroread: Critical Advisory (Apr 14) ----------------------------------------------------------- Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. [More...] http://www.linuxsecurity.com/content/view/152136 * Red Hat: 2010:0347-01: nss_db: Moderate Advisory (Apr 13) --------------------------------------------------------- Updated nss_db packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152133 ------------------------------------------------------------------------ * SuSE: Weekly Summary 2010:009 (Apr 14) -------------------------------------- To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. List of vulnerabilities in this summary include: viewvc, krb5, pango, gimp, kdebase3, kde4-kdm. http://www.linuxsecurity.com/content/view/152137 ------------------------------------------------------------------------ * Ubuntu: 929-1: irssi vulnerabilities (Apr 15) --------------------------------------------- It was discovered that irssi did not perform certificate host validationwhen using SSL connections. An attacker could exploit this to perform a manin the middle attack to view sensitive information or alter encryptedcommunications. (CVE-2010-1155) [More...] http://www.linuxsecurity.com/content/view/152153 * Ubuntu: 890-6: CMake vulnerabilities (Apr 15) --------------------------------------------- USN-890-1 fixed vulnerabilities in Expat. This update provides thecorresponding updates for CMake. [More...] http://www.linuxsecurity.com/content/view/152151 * Ubuntu: 928-1: Sudo vulnerability (Apr 15) ------------------------------------------ Valerio Costamagna discovered that sudo did not properly validate the pathfor the 'sudoedit' pseudo-command when the PATH contained only a dot ('.').If secure_path and ignore_dot were disabled, a local attacker could exploitthis to execute arbitrary code as root if sudo was configured to allow theattacker to use sudoedit. By default, secure_path is used and the sudoedit [More...] http://www.linuxsecurity.com/content/view/152148 * Ubuntu: 927-3: Thunderbird regression (Apr 11) ---------------------------------------------- USN-927-1 fixed vulnerabilities in NSS. Due to upstream changes in NSS3.12.6, Thunderbird would be unable to initialize the security componentand connect with SSL/TLS if the old libnss3-0d transition package wasinstalled. This update fixes the problem. [More...] http://www.linuxsecurity.com/content/view/152114 * Ubuntu: 920-1: Firefox 3.0 and Xulrunner vulnerabilities (Apr 9) ---------------------------------------------------------------- Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discoveredflaws in the browser engine of Firefox. If a user were tricked into viewinga malicious website, a remote attacker could cause a denial of service orpossibly execute arbitrary code with the privileges of the user invokingthe program. (CVE-2010-0174) [More...] http://www.linuxsecurity.com/content/view/152110 * Ubuntu: 927-1: NSS vulnerability (Apr 9) ---------------------------------------- Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3protocols. If an attacker could perform a man in the middle attack at thestart of a TLS connection, the attacker could inject arbitrary content atthe beginning of the user's session. This update adds support for the newnew renegotiation extension and will use it when the server supports it. [More...] http://www.linuxsecurity.com/content/view/152109 * Ubuntu: 926-1: ClamAV vulnerabilities (Apr 8) --------------------------------------------- It was discovered that ClamAV did not properly verify its input whenprocessing CAB files. A remote attacker could send a specially craftedCAB file to evade malware detection. (CVE-2010-0098) [More...] http://www.linuxsecurity.com/content/view/152105 * Ubuntu: 925-1: MoinMoin vulnerabilities (Apr 8) ----------------------------------------------- It was discovered that MoinMoin did not properly sanitize its input whenprocessing Despam actions, resulting in cross-site scripting (XSS)vulnerabilities. If a privileged wiki user were tricked into performingthe Despam action on a page with a crafted title, a remote attacker couldexploit this to execute JavaScript code. (CVE-2010-0828) [More...] http://www.linuxsecurity.com/content/view/152104 ------------------------------------------------------------------------ * Pardus: 2010-46: [UPDATE] OpenSSL: Denial of Service (Apr 9) ------------------------------------------------------------ A vulnerability has been fixed in OpenSSL, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service) UPDATE: The same problem has been addressed in Pardus 2008 http://www.linuxsecurity.com/content/view/152106 * Pardus: 2010-48: Kernel: Denial of Service (Apr 9) -------------------------------------------------- A vulnerability and a security issue have been fixed, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges. http://www.linuxsecurity.com/content/view/152107 * Pardus: 2010-49: Cups: Privilege Escalation (Apr 9) --------------------------------------------------- A vulnerability has been fixed in Cups, which can be exploited by malicious people to gain certain privileges. http://www.linuxsecurity.com/content/view/152108 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------