+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | July 23rd, 2010 Volume 11, Number 30 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Meet the Anti-Nmap: PSAD ------------------------ Having a great defense involves proper detection and recognition of an attack. In our security world we have great IDS tools to properly recognize when we are being attacked as well as firewalls to prevent such attacks from happening. http://www.linuxsecurity.com/content/view/134248 Understand: Fork Bombing Attack ------------------------------- As the variety of attacks and threats grow, you need to be prepared. In this HOWTO, get a feeling for the Fork Bombing Attack, what it is, how it works, where it comes from, how to deal with it and more. http://www.linuxsecurity.com/content/view/129220 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2074-1: ncompress: integer underflow (Jul 21) ----------------------------------------------------- Aki Helin discovered an integer underflow in ncompress, the original Lempel-Ziv compress/uncompress programs. This could lead to the execution of arbitrary code when trying to decompress a crafted LZW compressed gzip archive. [More...] http://www.linuxsecurity.com/content/view/152850 * Debian: 2073-1: mlmmj: insufficient input sanitisi (Jul 20) ----------------------------------------------------------- Florian Streibelt reported a a directory traversal flaw in the way the Mailing List Managing Made Joyful mailing list manager processed users' requests originating from the administrator web interface without enough input validation. A remote, authenticated attacker could [More...] http://www.linuxsecurity.com/content/view/152845 * Debian: 2072-1: libpng: Multiple vulnerabilities (Jul 19) --------------------------------------------------------- Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152830 ------------------------------------------------------------------------ * Mandriva: 2010:138: iputils (Jul 23) ------------------------------------ Ovidiu Mara reported a vulnerability in ping.c (iputils) that could cause ping to hang when responding to a malicious echo reply (CVE-2010-2529). The updated packages have been patched to correct these issues. [More...] http://www.linuxsecurity.com/content/view/152871 * Mandriva: 2010:136: ghostscript (Jul 15) ---------------------------------------- A vulnerability has been found and corrected in ghostscript: Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, [More...] http://www.linuxsecurity.com/content/view/152823 * Mandriva: 2010:135: ghostscript (Jul 15) ---------------------------------------- A vulnerability has been found and corrected in ghostscript: Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a [More...] http://www.linuxsecurity.com/content/view/152822 * Mandriva: 2010:134: ghostscript (Jul 15) ---------------------------------------- Multiple vulnerabilities has been found and corrected in ghostscript: Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a [More...] http://www.linuxsecurity.com/content/view/152821 * Mandriva: 2010:133: libpng (Jul 15) ----------------------------------- Multiple vulnerabilities has been found and corrected in libpng: Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file [More...] http://www.linuxsecurity.com/content/view/152820 ------------------------------------------------------------------------ * Red Hat: 2010:0549-01: java-1.6.0-ibm: Critical Advisory (Jul 21) ----------------------------------------------------------------- Updated java-1.6.0-ibm packages that fix one security issue are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/152857 * Red Hat: 2010:0547-01: firefox: Critical Advisory (Jul 20) ---------------------------------------------------------- Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/152849 * Red Hat: 2010:0546-01: seamonkey: Critical Advisory (Jul 20) ------------------------------------------------------------ Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/152848 * Red Hat: 2010:0545-01: thunderbird: Critical Advisory (Jul 20) -------------------------------------------------------------- An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/152846 * Red Hat: 2010:0544-01: thunderbird: Moderate Advisory (Jul 20) -------------------------------------------------------------- An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152847 * Red Hat: 2010:0542-01: openldap: Moderate Advisory (Jul 20) ----------------------------------------------------------- Updated openldap packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152844 * Red Hat: 2010:0543-01: openldap: Moderate Advisory (Jul 20) ----------------------------------------------------------- Updated openldap packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152843 ------------------------------------------------------------------------ * Slackware: 2010-202-01: mozilla-firefox: Security Update (Jul 22) ----------------------------------------------------------------- New mozilla-firefox packages are available for Slackware 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152858 * Slackware: 2010-202-02: mozilla-thunderbird: Security Update (Jul 22) --------------------------------------------------------------------- New mozilla-thunderbird packages are available for Slackware 13.1 and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152859 * Slackware: 2010-202-03: seamonkey: Security Update (Jul 22) ----------------------------------------------------------- New seamonkey packages are available for Slackware 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152860 ------------------------------------------------------------------------ * SuSE: 2010-031: Linux kernel (Jul 20) ------------------------------------- The SUSE Linux Enterprise 11 GA Kernel was updated to 2.6.27.48 fixing various bugs and security issues. CVE-2010-1641: The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS [More...] http://www.linuxsecurity.com/content/view/152839 ------------------------------------------------------------------------ * Ubuntu: 930-4: Firefox and Xulrunner vulnerabilities (Jul 23) ------------------------------------------------------------- USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This updateprovides the corresponding updates for Ubuntu 9.04 and 9.10, along withadditional updates affecting Firefox 3.6.6. [More...] http://www.linuxsecurity.com/content/view/152869 * Ubuntu: 927-8: Thunderbird update (Jul 23) ------------------------------------------ USN-927-1 fixed vulnerabilities in NSS. This update provides theThunderbird update to use the new NSS. [More...] http://www.linuxsecurity.com/content/view/152868 * Ubuntu: 927-7: nspr update (Jul 23) ----------------------------------- USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPRneeded to use the new NSS. [More...] http://www.linuxsecurity.com/content/view/152866 * Ubuntu: 957-1: Firefox and Xulrunner vulnerabilities (Jul 23) ------------------------------------------------------------- Several flaws were discovered in the browser engine of Firefox. If a userwere tricked into viewing a malicious site, a remote attacker could usethis to crash the browser or possibly run arbitrary code as the userinvoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,CVE-2010-1212) [More...] http://www.linuxsecurity.com/content/view/152867 * Ubuntu: 940-2: Kerberos vulnerability (Jul 21) ---------------------------------------------- USN-940-1 fixed vulnerabilities in Kerberos. This update provides thecorresponding updates for Ubuntu 10.04. [More...] http://www.linuxsecurity.com/content/view/152851 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------