+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | January 28th, 2011 Volume 12, Number 5 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Review: The Official Ubuntu Book -------------------------------- If you haven't used Linux before, are new to Ubuntu, or would like a quick update on the latest in open source advancements for the desktop, then The Official Ubuntu Book is a great place to start. http://www.linuxsecurity.com/content/view/153159 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2152-1: hplip: buffer overflow (Jan 27) ----------------------------------------------- Sebastian Krahmer discovered a buffer overflow in the SNMP discovery code of the HP Linux Printing and Imaging System, which could result in the execution of arbitrary code. [More...] http://www.linuxsecurity.com/content/view/154249 * Debian: : openoffice.org: Multiple vulnerabilities (Jan 26) ----------------------------------------------------------- Several security related problems have been discovered in the OpenOffice.org package that allows malformed documents to trick the system into crashes or even the execution of arbitrary code. [More...] http://www.linuxsecurity.com/content/view/154239 * Debian: 2150-1: request-tracker3.6: unsalted password hashing (Jan 22) ---------------------------------------------------------------------- It was discovered that Request Tracker, an issue tracking system, stored passwords in its database by using an insufficiently strong hashing method. If an attacker would have access to the password database, he could decode the passwords stored in it. [More...] http://www.linuxsecurity.com/content/view/154209 * Debian: 2149-1: dbus: denial of service (Jan 20) ------------------------------------------------ Rémi Denis-Courmont discovered that dbus, a message bus application, is not properly limiting the nesting level when examining messages with extensive nested variants. This allows an attacker to crash the dbus system daemon due to a call stack overflow via crafted messages. [More...] http://www.linuxsecurity.com/content/view/154194 ------------------------------------------------------------------------ * Gentoo: 201101-08: Adobe Reader: Multiple vulnerabilities (Jan 21) ------------------------------------------------------------------ Multiple vulnerabilities in Adobe Reader might result in the executionof arbitrary code. http://www.linuxsecurity.com/content/view/154207 * Gentoo: 201101-09: Adobe Flash Player: Multiple vulnerabilities (Jan 21) ------------------------------------------------------------------------ Multiple vulnerabilities in Adobe Flash Player might allow remoteattackers to execute arbitrary code or cause a Denial of Service. http://www.linuxsecurity.com/content/view/154206 ------------------------------------------------------------------------ * Mandriva: 2011:019: libuser (Jan 26) ------------------------------------ A vulnerability has been found and corrected in libuser: libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values (CVE-2011-0002). [More...] http://www.linuxsecurity.com/content/view/154240 * Mandriva: 2011:018: sudo (Jan 21) --------------------------------- Multiple vulnerabilities has been found and corrected in sudo: A a patch for parse.c in sudo does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to [More...] http://www.linuxsecurity.com/content/view/154208 * Mandriva: 2011:017: tetex (Jan 21) ---------------------------------- It was discovered that tetex suffered from the same vulnerability as previousely addressed in Evince with MDVSA-2011:005 (CVE-2010-2642). As a precaution tetex has been patched to address this flaw. Packages for 2009.0 are provided as of the Extended Maintenance [More...] http://www.linuxsecurity.com/content/view/154204 * Mandriva: 2011:016: t1lib (Jan 21) ---------------------------------- It was discovered that t1lib suffered from the same vulnerability as previousely addressed in Evince with MDVSA-2011:005 (CVE-2010-2642). As a precaution t1lib has been patched to address this flaw. Packages for 2009.0 are provided as of the Extended Maintenance [More...] http://www.linuxsecurity.com/content/view/154202 * Mandriva: 2011:015: pcsc-lite (Jan 20) -------------------------------------- A vulnerability has been found and corrected in pcsc-lite: Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically [More...] http://www.linuxsecurity.com/content/view/154199 * Mandriva: 2011:014: ccid (Jan 20) --------------------------------- A vulnerability has been found and corrected in ccid: Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to [More...] http://www.linuxsecurity.com/content/view/154198 ------------------------------------------------------------------------ * Red Hat: 2011:0180-01: pango: Moderate Advisory (Jan 27) -------------------------------------------------------- Updated pango and evolution28-pango packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154246 * Red Hat: 2011:0177-01: webkitgtk: Moderate Advisory (Jan 25) ------------------------------------------------------------ Updated webkitgtk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154229 * Red Hat: 2011:0176-01: java-1.6.0-openjdk: Moderate Advisory (Jan 25) --------------------------------------------------------------------- Updated java-1.6.0-openjdk packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154228 * Red Hat: 2011:0170-01: libuser: Moderate Advisory (Jan 20) ---------------------------------------------------------- Updated libuser packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154196 * Red Hat: 2011:0169-01: java-1.5.0-ibm: Critical Advisory (Jan 20) ----------------------------------------------------------------- Updated java-1.5.0-ibm packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. [More...] http://www.linuxsecurity.com/content/view/154197 ------------------------------------------------------------------------ * SuSE: 2011-006: IBM Java 6 (Jan 25) ----------------------------------- IBM Java 6 SR9 was released, fixing lots of security issues. Following CVE entries are cross referenced by this update: CVE-2010-3553 CVE-2009-3555 CVE-2010-3562 CVE-2010-3557 CVE-2010-3558 CVE-2010-3563 CVE-2010-0771 CVE-2010-3550 CVE-2010-3549 CVE-2010-3551 CVE-2010-3555 CVE-2010-3556 [More...] http://www.linuxsecurity.com/content/view/154227 * SuSE: 2011-005: Linux kernel (Jan 25) ------------------------------------- This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs. Following security issues were fixed: CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused by other flaws to write a 0 byte to a attacker controlled address [More...] http://www.linuxsecurity.com/content/view/154225 * SuSE: Weekly Summary 2011:002 (Jan 25) -------------------------------------- To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. List of vulnerabilities in this summary include: ed, evince, hplip, libopensc2/opensc, libsmi, libwebkit, perl, python, sssd, sudo, wireshark. http://www.linuxsecurity.com/content/view/154221 ------------------------------------------------------------------------ * Ubuntu: 1052-1: OpenJDK vulnerability (Jan 26) ---------------------------------------------- It was discovered that the JNLP SecurityManager in IcedTea for JavaOpenJDK in some instances failed to properly apply the intendedscurity policy in its checkPermission method. This could allow anattacker execute code with privileges that should have been prevented.(CVE-2010-4351) [More...] http://www.linuxsecurity.com/content/view/154241 * Ubuntu: 1047-1: AWStats vulnerability (Jan 24) ---------------------------------------------- It was discovered that AWStats did not correctly filter the LoadPluginconfiguration option. A local attacker on a shared system could use thisto inject arbitrary code into AWStats. [More...] http://www.linuxsecurity.com/content/view/154218 * Ubuntu: 1048-1: Tomcat vulnerability (Jan 24) --------------------------------------------- It was discovered that Tomcat did not properly escape certain parameters inthe Manager application which could result in browsers becoming vulnerableto cross-site scripting attacks when processing the output. With cross-sitescripting vulnerabilities, if a user were tricked into viewing serveroutput during a crafted server request, a remote attacker could exploit [More...] http://www.linuxsecurity.com/content/view/154219 * Ubuntu: 1046-1: Sudo vulnerability (Jan 20) ------------------------------------------- Alexander Kurtz discovered that sudo would not prompt for a password whena group was specified in the Runas_Spec. A local attacker could exploitthis to execute arbitrary code as the specified group if sudo wasconfigured to allow the attacker to use a program as this group. The groupRunas_Spec is not used in the default installation of Ubuntu. [More...] http://www.linuxsecurity.com/content/view/154195 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
