+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | August 27th, 2010 Volume 11, Number 35 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Review: Zabbix 1.8 Network Monitoring ------------------------------------- If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side. http://www.linuxsecurity.com/content/view/152990 Meet the Anti-Nmap: PSAD ------------------------ Having a great defense involves proper detection and recognition of an attack. In our security world we have great IDS tools to properly recognize when we are being attacked as well as firewalls to prevent such attacks from happening. However, certain attacks are not blindly thrown at you - a good attacker knows that a certain amount of reconnaissance and knowledge about your defenses greatly increases the chances of a successful attack. How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? <b>You bet there is...</b> http://www.linuxsecurity.com/content/view/134248 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2096-1: zope-ldapuserfolder: missing input validation (Aug 24) ---------------------------------------------------------------------- Jeremy James discovered that in zope-ldapuserfolder, a Zope extension used to authenticate against an LDAP server, the authentication code does not verify the password provided for the emergency user. Malicious users that manage to get the emergency user login can use this flaw to [More...] http://www.linuxsecurity.com/content/view/153111 * Debian: 2095-1: lvm2: insecure communication prot (Aug 23) ---------------------------------------------------------- Alasdair Kergon discovered that the cluster logical volume manager daemon (clvmd) in lvm2, The Linux Logical Volume Manager, does not verify client credentials upon a socket connection, which allows local users to cause a [More...] http://www.linuxsecurity.com/content/view/153093 * Debian: 2094-1: linux-2.6: privilege escalation/denial (Aug 19) --------------------------------------------------------------- CVE-2009-4895 Kyle Bader reported an issue in the tty subsystem that allows local users to create a denial of service (NULL pointer dereference). [More...] http://www.linuxsecurity.com/content/view/153078 * Debian: 2093-1: ghostscript: Multiple vulnerabilities (Aug 19) -------------------------------------------------------------- Two security issues have been discovered in Ghostscript, the GPL PostScript/PDF interpreter. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/153069 ------------------------------------------------------------------------ * Mandriva: 2010:162: kdegraphics4 (Aug 26) ----------------------------------------- A vulnerability has been found and corrected in okular (kdegraphics): A specially crafted PDF or PS file could cause okular to crash or execute arbitrary code (CVE-2010-2575). [More...] http://www.linuxsecurity.com/content/view/153131 * Mandriva: 2010:161: vte (Aug 24) -------------------------------- A vulnerability has been found and corrected in vte: The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which [More...] http://www.linuxsecurity.com/content/view/153112 * Mandriva: 2010:160: cacti (Aug 24) ---------------------------------- Multiple vulnerabilities has been found and corrected in cacti: Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, [More...] http://www.linuxsecurity.com/content/view/153108 * Mandriva: 2010:159: gv (Aug 23) ------------------------------- A vulnerability has been found and corrected in gv: GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file (CVE-2010-2056). [More...] http://www.linuxsecurity.com/content/view/153101 * Mandriva: 2010:158: squirrelmail (Aug 23) ----------------------------------------- A vulnerability has been found and corrected in squirrelmail: functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making [More...] http://www.linuxsecurity.com/content/view/153094 * Mandriva: 2010:157: freetype2 (Aug 22) -------------------------------------- Multiple vulnerabilities has been found and corrected in freetype2: The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application [More...] http://www.linuxsecurity.com/content/view/153089 * Mandriva: 2010:156: freetype2 (Aug 22) -------------------------------------- Multiple vulnerabilities has been found and corrected in freetype2: The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application [More...] http://www.linuxsecurity.com/content/view/153088 * Mandriva: 2010:155: mysql (Aug 20) ---------------------------------- Multiple vulnerabilities has been found and corrected in mysql: MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# [More...] http://www.linuxsecurity.com/content/view/153085 ------------------------------------------------------------------------ * Red Hat: 2010:0657-02: gdm: Low Advisory (Aug 26) ------------------------------------------------- An updated gdm package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/153130 * Red Hat: 2010:0653-01: ImageMagick: Moderate Advisory (Aug 25) -------------------------------------------------------------- Updated ImageMagick packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/153116 * Red Hat: 2010:0651-01: spice-xpi: Moderate Advisory (Aug 25) ------------------------------------------------------------ An updated spice-xpi package that fixes two security issues and three bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/153115 * Red Hat: 2010:0652-01: ImageMagick: Moderate Advisory (Aug 25) -------------------------------------------------------------- Updated ImageMagick packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/153114 * Red Hat: 2010:0632-03: qspice-client: Moderate Advisory (Aug 25) ---------------------------------------------------------------- An updated qspice-client package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/153113 * Red Hat: 2010:0643-01: openoffice.org: Important Advisory (Aug 23) ------------------------------------------------------------------ Updated openoffice.org packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/153100 * Red Hat: 2010:0636-02: acroread: Critical Advisory (Aug 20) ----------------------------------------------------------- Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. [More...] http://www.linuxsecurity.com/content/view/153079 * Red Hat: 2010:0627-01: kvm: Important Advisory (Aug 19) ------------------------------------------------------- Updated kvm packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/153076 * Red Hat: 2010:0633-01: qspice: Important Advisory (Aug 19) ---------------------------------------------------------- Updated qspice packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/153077 ------------------------------------------------------------------------ * SuSE: Weekly Summary 2010:016 (Aug 26) -------------------------------------- To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. List of vulnerabilities in this summary include: yast2-webclient-patch_updates, perl, openldap2, opera, freetype2/libfreetype6, java-1_6_0-openjdk. http://www.linuxsecurity.com/content/view/153124 ------------------------------------------------------------------------ * Ubuntu: 979-1: okular vulnerability (Aug 26) -------------------------------------------- Stefan Cornelius of Secunia Research discovered a boundary error duringRLE decompression in the "TranscribePalmImageToJPEG()" function ingenerators/plucker/inplug/image.cpp of okular when processing imagesembedded in PDB files, which can be exploited to cause a heap-basedbuffer overflow. (CVE-2010-2575) [More...] http://www.linuxsecurity.com/content/view/153132 * Ubuntu: 977-1: MoinMoin vulnerabilities (Aug 25) ------------------------------------------------ It was discovered that MoinMoin did not properly sanitize its input,resulting in cross-site scripting (XSS) vulnerabilities. With cross-sitescripting vulnerabilities, if a user were tricked into viewing serveroutput during a crafted server request, a remote attacker could exploitthis to modify the contents, or steal confidential data, within the same [More...] http://www.linuxsecurity.com/content/view/153122 * Ubuntu: 976-1: Tomcat vulnerability (Aug 25) -------------------------------------------- It was discovered that Tomcat incorrectly handled invalid Transfer-Encodingheaders. A remote attacker could send specially crafted requests containinginvalid headers to the server and cause a denial of service, or possiblyobtain sensitive information from other requests. [More...] http://www.linuxsecurity.com/content/view/153123 * Ubuntu: 974-1: Linux kernel vulnerabilities (Aug 19) ---------------------------------------------------- Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memorymanager did not properly handle when applications grow stacks into adjacentmemory regions. A local attacker could exploit this to gain control ofcertain applications, potentially leading to privilege escalation, asdemonstrated in attacks against the X server. (CVE-2010-2240) [More...] http://www.linuxsecurity.com/content/view/153075 ------------------------------------------------------------------------ * Pardus: 2010-117: MySQL: Denial of Service (Aug 24) --------------------------------------------------- A security issue has been fixed in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). http://www.linuxsecurity.com/content/view/153103 * Pardus: 2010-118: Apache: Denial of Service (Aug 24) ---------------------------------------------------- A vulnerability has been fixed in Apache, which can be exploited by malicious people to cause DoS. http://www.linuxsecurity.com/content/view/153104 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------