+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | August 6th, 2010 Volume 11, Number 32 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Meet the Anti-Nmap: PSAD ------------------------ How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is... http://www.linuxsecurity.com/content/view/134248 Understand: Fork Bombing Attack ------------------------------- As the variety of attacks and threats grow, you need to be prepared. In this HOWTO, get a feeling for the Fork Bombing Attack, what it is, how it works, where it comes from, how to deal with it and more. http://www.linuxsecurity.com/content/view/129220 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2089-1: php5: Multiple vulnerabilities (Aug 6) ------------------------------------------------------ Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152974 * Debian: 2088-1: wget: missing input sanitization (Aug 5) -------------------------------------------------------- It was discovered that wget, a command line tool for downloading files from the WWW, uses server-provided file names when creating local files. This may lead to code execution in some scenarios. [More...] http://www.linuxsecurity.com/content/view/152965 * Debian: 2087-1: cabextract: programming error (Aug 4) ----------------------------------------------------- It was discovered that a programming error in the archive test mode of cabextract, a program to extract Microsoft Cabinet files, could lead to the execution of arbitrary code. [More...] http://www.linuxsecurity.com/content/view/152956 * Debian: 2086-1: avahi: Multiple vulnerabilities (Aug 3) ------------------------------------------------------- Several vulnerabilities have been discovered in the Avahi mDNS/DNS-SD daemon. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152955 * Debian: 2085-1: lftp: missing input validation (Aug 3) ------------------------------------------------------ It was discovered that in lftp, a command-line HTTP/FTP client, there is no proper validation of the filename provided by the server through the Content-Disposition header; attackers can use this flaw by suggesting a filename they wish to overwrite on the client machine, and then possibly [More...] http://www.linuxsecurity.com/content/view/152951 * Debian: 2084-1: tiff: integer overflows (Aug 3) ----------------------------------------------- Kevin Finisterre discovered that several integer overflows in the TIFF library could lead to the execution of arbitrary code. For the stable distribution (lenny), this problem has been fixed in [More...] http://www.linuxsecurity.com/content/view/152950 * Debian: 2083-1: moin: missing input sanitization (Aug 2) -------------------------------------------------------- It was discovered that moin, a python clone of WikiWiki, does not sufficiently sanitize parameters when passing them to the add_msg function. This allows a remote attackers to conduct cross-site scripting (XSS) attacks for example via the template parameter. [More...] http://www.linuxsecurity.com/content/view/152945 * Debian: 2082-1: gmime2.2: buffer overflow (Aug 2) ------------------------------------------------- It was discovered that a buffer overflow in the MIME library GMime might lead to the execution of arbitrary code. For the stable distribution (lenny), this problem has been fixed in [More...] http://www.linuxsecurity.com/content/view/152932 * Debian: 2081-1: libmikmod: buffer overflow (Aug 1) -------------------------------------------------- Tomas Hoger discovered that the upstream fix for CVE-2009-3995 was insufficient. This update provides a corrected package. For the stable distribution (lenny), this problem has been fixed in [More...] http://www.linuxsecurity.com/content/view/152931 * Debian: 2080-1: ghostscript: Multiple vulnerabilities (Jul 31) -------------------------------------------------------------- Several security issues have been discovered in Ghostscript, the GPL PostScript/PDF interpreter, which might lead to the execution of arbitrary code if a user processes a malformed PDF or Postscript file. [More...] http://www.linuxsecurity.com/content/view/152930 * Debian: 2078-1: mapserver: Multiple vulnerabilities (Jul 31) ------------------------------------------------------------ Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152929 * Debian: 2078-1: kvirc: programming error (Jul 31) ------------------------------------------------- It was discovered that incorrect parsing of CTCP commands in kvirc, a KDE-based IRC client, could lead to the execution of arbitrary IRC commands against other users. [More...] http://www.linuxsecurity.com/content/view/152928 * Debian: 2077-1: openldap: Multiple vulnerabilities (Jul 29) ----------------------------------------------------------- Two remote vulnerabilities have been discovered in OpenLDAP. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152919 ------------------------------------------------------------------------ * Mandriva: 2010:145: libtiff (Aug 6) ----------------------------------- Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service [More...] http://www.linuxsecurity.com/content/view/152978 * Mandriva: 2010:144: wireshark (Aug 4) ------------------------------------- This advisory updates wireshark to the latest version(s), fixing several security issues: Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack [More...] http://www.linuxsecurity.com/content/view/152962 * Mandriva: 2010:143: gnupg2 (Jul 30) ----------------------------------- A vulnerability has been discovered and corrected in gnupg2: Importing a certificate with more than 98 Subject Alternate Names via GPGSM's import command or implicitly while verifying a signature causes GPGSM to reallocate an array with the names. The bug is that [More...] http://www.linuxsecurity.com/content/view/152927 ------------------------------------------------------------------------ * Red Hat: 2010:0606-01: kernel: Important Advisory (Aug 5) --------------------------------------------------------- Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152971 * Red Hat: 2010:0607-02: freetype: Important Advisory (Aug 5) ----------------------------------------------------------- Updated freetype packages that fix two security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152972 * Red Hat: 2010:0603-01: gnupg2: Moderate Advisory (Aug 4) -------------------------------------------------------- An updated gnupg2 package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152964 * Red Hat: 2010:0583-01: tomcat5: Important Advisory (Aug 2) ---------------------------------------------------------- Updated tomcat5 packages that fix one security issue are now available for Red Hat Developer Suite 3. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152948 * Red Hat: 2010:0585-01: lftp: Moderate Advisory (Aug 2) ------------------------------------------------------ An updated lftp package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152949 * Red Hat: 2010:0582-01: tomcat5: Important Advisory (Aug 2) ---------------------------------------------------------- Updated tomcat5 packages that fix three security issues are now available for Red Hat Application Server v2. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152947 * Red Hat: 2010:0580-01: tomcat5: Important Advisory (Aug 2) ---------------------------------------------------------- Updated tomcat5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152946 * Red Hat: 2010:0577-01: freetype: Important Advisory (Jul 30) ------------------------------------------------------------ Updated freetype packages that fix various security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152925 * Red Hat: 2010:0578-01: freetype: Important Advisory (Jul 30) ------------------------------------------------------------ Updated freetype packages that fix various security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152926 * Red Hat: 2010:0574-01: java-1.4.2-ibm: Critical Advisory (Jul 29) ----------------------------------------------------------------- Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. [More...] http://www.linuxsecurity.com/content/view/152918 ------------------------------------------------------------------------ * SuSE: Weekly Summary 2010:014 (Aug 2) ------------------------------------- To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. http://www.linuxsecurity.com/content/view/152944 * SuSE: 2010-033: Linux kernel (Aug 2) ------------------------------------ This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various security fixes and lots of other bugfixes. Notable larger bugfixes and changes: - The btrfs filesystem received backports of lots of fixes from 2.6.35. - A OCFS2 data corruption during high load was fixed. [More...] http://www.linuxsecurity.com/content/view/152938 * SuSE: 2010-032: Mozilla Firefox (Jul 30) ---------------------------------------- Various security issues have been found in the Mozilla suite, and the various browsers have been updated to fix these issues. Mozilla Firefox was brought to the 3.5.11 security release. Mozilla Firefox on openSUSE 11.3 was brought to the 3.6.8 security release. Mozilla Thunderbird was brought to the 3.0.11 release on openSUSE [More...] http://www.linuxsecurity.com/content/view/152920 ------------------------------------------------------------------------ * Ubuntu: 969-1: PCSC-Lite vulnerability (Aug 5) ---------------------------------------------- It was discovered that the PC/SC service did not correctly handlemalformed messages. A local attacker could exploit this to executearbitrary code with root privileges. [More...] http://www.linuxsecurity.com/content/view/152973 * Ubuntu: 966-1: Linux kernel vulnerabilities (Aug 4) --------------------------------------------------- Junjiro R. Okajima discovered that knfsd did not correctly handlestrict overcommit. A local attacker could exploit this to crash knfsd,leading to a denial of service. (Only Ubuntu 6.06 LTS and 8.04 LTS wereaffected.) (CVE-2008-7256, CVE-2010-1643) [More...] http://www.linuxsecurity.com/content/view/152963 ------------------------------------------------------------------------ * Pardus: 2010-98: Php: Remote Code Injection (Aug 2) --------------------------------------------------- A vulnerability has been fixed in SplObjectStorage unserializer in PHP which can allow malicious users to execute arbitrary code. http://www.linuxsecurity.com/content/view/152933 * Pardus: 2010-100: Freetype: Multiple Vulnerabilities (Aug 2) ------------------------------------------------------------ Multiple vulnerabilities have been fixed in freetype. http://www.linuxsecurity.com/content/view/152934 * Pardus: 2010-101: Ghostscript: Memory Corruption (Aug 2) -------------------------------------------------------- An error in the processing of PostScript files can be exploited to cause a memory corruption via recursive function calls and may allow execution of arbitrary code via a specially crafted PostScript file. http://www.linuxsecurity.com/content/view/152935 * Pardus: 2010-102: Thunderbird: Multiple (Aug 2) ----------------------------------------------- Multiple Vulnerabilities have been fixed in Thunderbird. http://www.linuxsecurity.com/content/view/152936 * Pardus: 2010-99: Bogofilter: Heap Corruption (Aug 2) ---------------------------------------------------- A vulnerability has been fixed in bogofilter, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. http://www.linuxsecurity.com/content/view/152937 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
