+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | July 30th, 2010 Volume 11, Number 31 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Meet the Anti-Nmap: PSAD ------------------------ How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is... http://www.linuxsecurity.com/content/view/134248 Understand: Fork Bombing Attack ------------------------------- As the variety of attacks and threats grow, you need to be prepared. In this HOWTO, get a feeling for the Fork Bombing Attack, what it is, how it works, where it comes from, how to deal with it and more. http://www.linuxsecurity.com/content/view/129220 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2077-1: openldap: Multiple vulnerabilities (Jul 29) ----------------------------------------------------------- Two remote vulnerabilities have been discovered in OpenLDAP. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152919 * Debian: 2076-1: gnupg2: use-after-free (Jul 27) ----------------------------------------------- It was discovered that GnuPG 2 uses a freed pointer when verify a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution. [More...] http://www.linuxsecurity.com/content/view/152904 * Debian: 2075-1: xulrunner: Multiple vulnerabilities (Jul 27) ------------------------------------------------------------ Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152903 ------------------------------------------------------------------------ * Mandriva: 2010:142: openldap (Jul 28) ------------------------------------- Multiple vulnerabilities has been discovered and corrected in openldap: The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation [More...] http://www.linuxsecurity.com/content/view/152911 * Mandriva: 2010:141: samba (Jul 27) ---------------------------------- Multiple vulnerabilities has been discovered and corrected in samba: The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash) via a Negotiate Protocol [More...] http://www.linuxsecurity.com/content/view/152902 * Mandriva: 2010:140: php (Jul 27) -------------------------------- This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.3: [More...] http://www.linuxsecurity.com/content/view/152901 * Mandriva: 2010:139: php (Jul 27) -------------------------------- This is a maintenance and security update that upgrades php to 5.2.14 for CS4/MES5/2008.0/2009.0/2009.1. Security Enhancements and Fixes in PHP 5.2.14: [More...] http://www.linuxsecurity.com/content/view/152892 * Mandriva: 2010:138: iputils (Jul 23) ------------------------------------ Ovidiu Mara reported a vulnerability in ping.c (iputils) that could cause ping to hang when responding to a malicious echo reply (CVE-2010-2529). The updated packages have been patched to correct these issues. [More...] http://www.linuxsecurity.com/content/view/152871 ------------------------------------------------------------------------ * Red Hat: 2010:0574-01: java-1.4.2-ibm: Critical Advisory (Jul 29) ----------------------------------------------------------------- Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. [More...] http://www.linuxsecurity.com/content/view/152918 * Red Hat: 2010:0567-01: lvm2-cluster: Moderate Advisory (Jul 28) --------------------------------------------------------------- An updated lvm2-cluster package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152910 * Red Hat: 2010:0565-01: w3m: Moderate Advisory (Jul 27) ------------------------------------------------------ Updated w3m packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152893 * Red Hat: 2010:0558-01: firefox: Critical Advisory (Jul 23) ---------------------------------------------------------- Updated firefox packages that fix a security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/152880 * Red Hat: 2010:0557-01: seamonkey: Critical Advisory (Jul 23) ------------------------------------------------------------ Updated seamonkey packages that fix a security issue are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/152879 * Red Hat: 2010:0556-01: firefox: Critical Advisory (Jul 23) ---------------------------------------------------------- Updated firefox and xulrunner packages that fix a security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/152878 ------------------------------------------------------------------------ * Slackware: 2010-204-01: mozilla-firefox: Security Update (Jul 24) ----------------------------------------------------------------- New mozilla-firefox packages are available for Slackware 13.0, 13.1, and -current to fix a regression. [More Info...] http://www.linuxsecurity.com/content/view/152881 * Slackware: 2010-202-01: mozilla-firefox: Security Update (Jul 22) ----------------------------------------------------------------- New mozilla-firefox packages are available for Slackware 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152858 * Slackware: 2010-202-02: mozilla-thunderbird: Security Update (Jul 22) --------------------------------------------------------------------- New mozilla-thunderbird packages are available for Slackware 13.1 and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152859 * Slackware: 2010-202-03: seamonkey: Security Update (Jul 22) ----------------------------------------------------------- New seamonkey packages are available for Slackware 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152860 ------------------------------------------------------------------------ * SuSE: 2010-032: Mozilla Firefox (Jul 30) ---------------------------------------- Various security issues have been found in the Mozilla suite, and the various browsers have been updated to fix these issues. Mozilla Firefox was brought to the 3.5.11 security release. Mozilla Firefox on openSUSE 11.3 was brought to the 3.6.8 security release. Mozilla Thunderbird was brought to the 3.0.11 release on openSUSE [More...] http://www.linuxsecurity.com/content/view/152920 ------------------------------------------------------------------------ * Ubuntu: 964-1: Likewise Open vulnerability (Jul 26) --------------------------------------------------- Matt Weatherford discovered that Likewise Open did not correctly checkpassword expiration for the local-provider account. A local attacker couldexploit this to log into a system they would otherwise not have access to. [More...] http://www.linuxsecurity.com/content/view/152890 * Ubuntu: 957-2: Firefox and Xulrunner vulnerability (Jul 26) ----------------------------------------------------------- USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbertdiscovered that the fix for CVE-2010-1214 introduced a regression which didnot properly initialize a plugin pointer. If a user were tricked intoviewing a malicious site, a remote attacker could use this to crash thebrowser or run arbitrary code as the user invoking the program. [More...] http://www.linuxsecurity.com/content/view/152889 * Ubuntu: 958-1: Thunderbird vulnerabilities (Jul 26) --------------------------------------------------- Several flaws were discovered in the browser engine of Thunderbird. If auser were tricked into viewing malicious content, a remote attacker coulduse this to crash Thunderbird or possibly run arbitrary code as the userinvoking the program. (CVE-2010-1211, CVE-2010-1212) [More...] http://www.linuxsecurity.com/content/view/152888 * Ubuntu: 930-4: Firefox and Xulrunner vulnerabilities (Jul 23) ------------------------------------------------------------- USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This updateprovides the corresponding updates for Ubuntu 9.04 and 9.10, along withadditional updates affecting Firefox 3.6.6. [More...] http://www.linuxsecurity.com/content/view/152869 * Ubuntu: 927-8: Thunderbird update (Jul 23) ------------------------------------------ USN-927-1 fixed vulnerabilities in NSS. This update provides theThunderbird update to use the new NSS. [More...] http://www.linuxsecurity.com/content/view/152868 * Ubuntu: 927-7: nspr update (Jul 23) ----------------------------------- USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPRneeded to use the new NSS. [More...] http://www.linuxsecurity.com/content/view/152866 * Ubuntu: 957-1: Firefox and Xulrunner vulnerabilities (Jul 23) ------------------------------------------------------------- Several flaws were discovered in the browser engine of Firefox. If a userwere tricked into viewing a malicious site, a remote attacker could usethis to crash the browser or possibly run arbitrary code as the userinvoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,CVE-2010-1212) [More...] http://www.linuxsecurity.com/content/view/152867 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
