+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | August 13th, 2010 Volume 11, Number 33 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Review: Zabbix 1.8 Network Monitoring ------------------------------------- If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side. http://www.linuxsecurity.com/content/view/152990 Meet the Anti-Nmap: PSAD ------------------------ How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is... http://www.linuxsecurity.com/content/view/134248 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2091-1: squirrelmail: No user-specific token impl (Aug 12) ------------------------------------------------------------------ SquirrelMail, a webmail application, does not employ a user-specific token for webforms. This allows a remote attacker to perform a Cross Site Request Forgery (CSRF) attack. The attacker may hijack the authentication of unspecified victims and send messages or change user preferences among other [More...] http://www.linuxsecurity.com/content/view/153028 * Debian: 2090-1: socat: incorrect user-input valida (Aug 6) ---------------------------------------------------------- A stack overflow vulnerability was found in socat that allows an attacker to execute arbitrary code with the privileges of the socat process. [More...] http://www.linuxsecurity.com/content/view/152982 * Debian: 2089-1: php5: Multiple vulnerabilities (Aug 6) ------------------------------------------------------ Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152974 * Debian: 2088-1: wget: missing input sanitization (Aug 5) -------------------------------------------------------- It was discovered that wget, a command line tool for downloading files from the WWW, uses server-provided file names when creating local files. This may lead to code execution in some scenarios. [More...] http://www.linuxsecurity.com/content/view/152965 ------------------------------------------------------------------------ * Mandriva: 2010:149: freetype2 (Aug 12) -------------------------------------- A vulnerability has been discovered and corrected in freetype2: Multiple stack overflow flaws have been reported in the way FreeType font rendering engine processed certain CFF opcodes. An attacker could use these flaws to create a specially-crafted font file that, [More...] http://www.linuxsecurity.com/content/view/153015 * Mandriva: 2010:148: pidgin (Aug 12) ----------------------------------- A security vulnerability has been identified and fixed in pidgin: The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and [More...] http://www.linuxsecurity.com/content/view/153008 * Mandriva: 2010:147: firefox (Aug 10) ------------------------------------ Security issues were identified and fixed in firefox: layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory [More...] http://www.linuxsecurity.com/content/view/152994 * Mandriva: 2010:146: libtiff (Aug 6) ----------------------------------- Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service [More...] http://www.linuxsecurity.com/content/view/152981 * Mandriva: 2010:145: libtiff (Aug 6) ----------------------------------- Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service [More...] http://www.linuxsecurity.com/content/view/152978 ------------------------------------------------------------------------ * Red Hat: 2010:0625-01: wireshark: Moderate Advisory (Aug 11) ------------------------------------------------------------ Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/153006 * Red Hat: 2010:0623-01: flash-plugin: Critical Advisory (Aug 11) --------------------------------------------------------------- An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/153004 * Red Hat: 2010:0624-01: flash-plugin: Critical Advisory (Aug 11) --------------------------------------------------------------- An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 and 4 Extras. The Red Hat Security Response Team has rated this update as having critical [More...] http://www.linuxsecurity.com/content/view/153005 * Red Hat: 2010:0616-01: dbus-glib: Moderate Advisory (Aug 10) ------------------------------------------------------------ Updated dbus-glib packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152998 * Red Hat: 2010:0615-01: libvirt: Low Advisory (Aug 10) ----------------------------------------------------- Updated libvirt packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/152997 * Red Hat: 2010:0610-01: kernel: Important Advisory (Aug 10) ---------------------------------------------------------- Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152996 * Red Hat: 2010:0606-01: kernel: Important Advisory (Aug 5) --------------------------------------------------------- Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152971 * Red Hat: 2010:0607-02: freetype: Important Advisory (Aug 5) ----------------------------------------------------------- Updated freetype packages that fix two security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152972 ------------------------------------------------------------------------ * SuSE: 2010-034: flash-player (Aug 13) ------------------------------------- Flash Player was updated to version 10.1.82.76 fixing several critical security issues: - CVE-2010-0209: CVSS v2 Base Score: 9.3: Code Injection (CWE-94) Details unknown. - CVE-2010-2188: CVSS v2 Base Score: 6.8: Buffer Errors (CWE-119) [More...] http://www.linuxsecurity.com/content/view/153030 ------------------------------------------------------------------------ * Ubuntu: 970-1: GnuPG2 vulnerability (Aug 11) -------------------------------------------- It was discovered that GPGSM in GnuPG2 did not correctly handlecertificates with a large number of Subject Alternate Names. If a user orautomated system were tricked into processing a specially craftedcertificate, an attacker could cause a denial of service or executearbitrary code with privileges of the user invoking the program. [More...] http://www.linuxsecurity.com/content/view/153003 * Ubuntu: 967-1: w3m vulnerability (Aug 9) ---------------------------------------- Ludwig Nussel discovered w3m does not properly handle SSL/TLScertificates with NULL characters in the certificate name. Anattacker could exploit this to perform a man in the middleattack to view sensitive information or alter encryptedcommunications. (CVE-2010-2074) [More...] http://www.linuxsecurity.com/content/view/152992 * Ubuntu: 969-1: PCSC-Lite vulnerability (Aug 5) ---------------------------------------------- It was discovered that the PC/SC service did not correctly handlemalformed messages. A local attacker could exploit this to executearbitrary code with root privileges. [More...] http://www.linuxsecurity.com/content/view/152973 ------------------------------------------------------------------------ * Pardus: 2010-105: Gnupg: Arbitrary Code Execution (Aug 12) ---------------------------------------------------------- A vulnerability has been fixed in GnuPG, which can be exploited by malicious people to potentially compromise a user's system. http://www.linuxsecurity.com/content/view/153016 * Pardus: 2010-109: Cabextract: Multiple (Aug 12) ----------------------------------------------- Multiple vulnerabilities have been fixed in cabextract. http://www.linuxsecurity.com/content/view/153017 * Pardus: 2010-107: Firefox: Multiple Vulnerabilities (Aug 12) ------------------------------------------------------------ Multiple vulnerabilities have been fixed in Firefox. http://www.linuxsecurity.com/content/view/153018 * Pardus: 2010-110: Iputils: Denial of Service (Aug 12) ----------------------------------------------------- A denial of service vulnerability has been fixed in Iputils. http://www.linuxsecurity.com/content/view/153019 * Pardus: 2010-111: Vte: Arbitrary Code Execution (Aug 12) -------------------------------------------------------- A vulnerability has been fixed in Vte, which an allow malicious users to execute arbitrary code http://www.linuxsecurity.com/content/view/153020 * Pardus: 2010-112: Kernel: Multiple Vulnerabilities (Aug 12) ----------------------------------------------------------- Multiple vulnerabilities have been fixed in kernel http://www.linuxsecurity.com/content/view/153021 * Pardus: 2010-113: Wireshark: Multiple (Aug 12) ---------------------------------------------- Multiple vulnerabilities have been fixed in Wireshark. http://www.linuxsecurity.com/content/view/153022 * Pardus: 2010-114: FreeType: Multiple Vulnerabilities (Aug 12) ------------------------------------------------------------- Multiple vulnerabilities have been fixed in FreeType. http://www.linuxsecurity.com/content/view/153023 * Pardus: 2010-115: Kvirc: Remote Code Execution (Aug 12) ------------------------------------------------------- A vulnerability was fixed in kvirc, which can be used by malicious people to execute arbitrary IRC commands via CTCP request. http://www.linuxsecurity.com/content/view/153024 * Pardus: 2010-108: Rekonq: XSS Vulnerability (Aug 12) ---------------------------------------------------- Universal XSS vulnerability has been fixed in Rekonq. http://www.linuxsecurity.com/content/view/153025 * Pardus: 2010-116: Pidgin: Denial of Service (Aug 12) ---------------------------------------------------- A flaw has been fixed in Pidgin, which can allow remote attackers to cause denial of service via X-Status message. http://www.linuxsecurity.com/content/view/153026 * Pardus: 2010-106: Qt: Multiple Vulnerabilities (Aug 12) ------------------------------------------------------- Multiple vulnerabilities have been fixed in Qt. http://www.linuxsecurity.com/content/view/153027 * Pardus: 2010-103: Git: Arbitrary Code Execution (Aug 9) ------------------------------------------------------- A vulnerability has been fixed in Git which can be exploited by malicious people to execute arbitrary code http://www.linuxsecurity.com/content/view/152983 * Pardus: 2010-104: Php: Multiple Vulnerabilities (Aug 9) ------------------------------------------------------- Multiple vulnerabilities have been fixed in PHP http://www.linuxsecurity.com/content/view/152984 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------