+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | April 1st, 2011 Volume 12, Number 14 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. What You Need to Know About Linux Rootkits ------------------------------------------ Rootkits are a way attackers hide their tracks and keep access to the machines they control. The good rootkits are very hard to detect and remove. They can be running on ones computer and no one can even know they have been running. Read more to learn how to detect them on your system. http://www.linuxsecurity.com/content/view/154709 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * Debian: 2208-2: bind9: denial of service (Mar 31) ------------------------------------------------- The BIND, a DNS server, contains a defect related to the processing of new DNSSEC DS records by the caching resolver, which may lead to name resolution failures in the delegated zone. If DNSSEC validation is enabled, this issue can make domains ending in .COM unavailable when [More...] http://www.linuxsecurity.com/content/view/154752 * Debian: 2208-1: bind9: denial of service (Mar 30) ------------------------------------------------- It was discovered that BIND, a DNS server, contains a race condition when processing zones updates in an authoritative server, either through dynamic DNS updates or incremental zone transfer (IXFR). Such an update while processing a query could result in deadlock and denial [More...] http://www.linuxsecurity.com/content/view/154750 * Debian: 2207-1: tomcat5.5: Multiple vulnerabilities (Mar 29) ------------------------------------------------------------ Various vulnerabilities have been discovered in the Tomcat Servlet and JSP engine, resulting in denial of service, cross-site scripting, information disclosure and WAR file traversal. Further details on the individual security issues can be found at [More...] http://www.linuxsecurity.com/content/view/154742 * Debian: : mahara: Multiple vulnerabilities (Mar 29) --------------------------------------------------- Two security vulnerabilities have been discovered in Mahara, a fully featured electronic portfolio, weblog, resume builder and social networking system: [More...] http://www.linuxsecurity.com/content/view/154741 * Debian: 2205-1: gdm3: privilege escalation (Mar 28) --------------------------------------------------- Sebastian Krahmer discovered that the gdm3, the GNOME Desktop Manager, does not properly drop privileges when manipulating files related to the logged-in user. As a result, local users can gain root privileges. [More...] http://www.linuxsecurity.com/content/view/154725 * Debian: 2204-1: imp4: Insufficient input sanitisi (Mar 27) ---------------------------------------------------------- Moritz Naumann discovered that imp4, a webmail component for the horde framework, is prone to cross-site scripting attacks by a lack of input sanitising of certain fetchmail information. [More...] http://www.linuxsecurity.com/content/view/154713 * Debian: 2203-1: nss: none in nss (Mar 26) ----------------------------------------- This update for the Network Security Service libraries marks several fraudulent HTTPS certificates as unstrusted. For the oldstable distribution (lenny), this problem has been fixed in [More...] http://www.linuxsecurity.com/content/view/154712 ------------------------------------------------------------------------ * Mandriva: 2011:058: quagga (Apr 1) ---------------------------------- Multiple vulnerabilities has been identified and fixed in quagga: The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute [More...] http://www.linuxsecurity.com/content/view/154761 * Mandriva: 2011:057: apache (Mar 31) ----------------------------------- The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module (apache-mpm-itk) for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk [More...] http://www.linuxsecurity.com/content/view/154758 * Mandriva: 2011:056: openldap (Mar 30) ------------------------------------- Multiple vulnerabilities has been identified and fixed in openldap: chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is [More...] http://www.linuxsecurity.com/content/view/154749 * Mandriva: 2011:055: openldap (Mar 30) ------------------------------------- Multiple vulnerabilities has been identified and fixed in openldap: chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is [More...] http://www.linuxsecurity.com/content/view/154748 * Mandriva: 2011:054: java-1.6.0-openjdk (Mar 27) ----------------------------------------------- Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk: The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from [More...] http://www.linuxsecurity.com/content/view/154714 ------------------------------------------------------------------------ * Red Hat: 2011:0407-01: logrotate: Moderate Advisory (Mar 31) ------------------------------------------------------------ An updated logrotate package that fixes multiple security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154757 * Red Hat: 2011:0406-01: quagga: Moderate Advisory (Mar 31) --------------------------------------------------------- Updated quagga packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154756 * Red Hat: 2011:0395-01: gdm: Moderate Advisory (Mar 28) ------------------------------------------------------ Updated gdm packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154731 * Red Hat: 2011:0394-01: conga: Important Advisory (Mar 28) --------------------------------------------------------- Updated conga packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/154729 * Red Hat: 2011:0391-01: libvirt: Important Advisory (Mar 28) ----------------------------------------------------------- Updated libvirt packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/154730 * Red Hat: 2011:0393-01: conga: Important Advisory (Mar 28) --------------------------------------------------------- Updated conga packages that fix one security issue are now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/154726 * Red Hat: 2011:0392-01: libtiff: Important Advisory (Mar 28) ----------------------------------------------------------- Updated libtiff packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/154727 * Red Hat: 2011:0390-01: rsync: Moderate Advisory (Mar 28) -------------------------------------------------------- An updated rsync package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154728 ------------------------------------------------------------------------ * Slackware: 2011-086-02: mozilla-firefox: Security Update (Mar 27) ----------------------------------------------------------------- New mozilla-firefox packages are available for Slackware 13.0 and 13.1 to fix a security issue. [More Info...] http://www.linuxsecurity.com/content/view/154715 * Slackware: 2011-086-01: seamonkey: Security Update (Mar 27) ----------------------------------------------------------- New seamonkey packages are available for Slackware 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...] http://www.linuxsecurity.com/content/view/154716 * Slackware: 2011-086-03: shadow: Security Update (Mar 27) -------------------------------------------------------- New shadow packages are available for Slackware 13.1 and -current to fix a security issue. [More Info...] http://www.linuxsecurity.com/content/view/154717 ------------------------------------------------------------------------ * SuSE: Weekly Summary 2011:005 (Apr 1) ------------------------------------- To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. http://www.linuxsecurity.com/content/view/154762 * SuSE: 2011-015: Linux kernel (Mar 24) ------------------------------------- This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs. Following security issues were fixed: CVE-2010-4655: A memory leak in the ethtool ioctl was fixed that could disclose kernel memory to local attackers with CAP_NET_ADMIN privileges. [More...] http://www.linuxsecurity.com/content/view/154700 ------------------------------------------------------------------------ * Ubuntu: 1100-1: OpenLDAP vulnerabilities (Mar 31) ------------------------------------------------- It was discovered that OpenLDAP did not properly check forwardedauthentication failures when using a slave server and chain overlay. IfOpenLDAP were configured in this manner, an attacker could bypassauthentication checks by sending an invalid password to a slave server.(CVE-2011-1024) [More...] http://www.linuxsecurity.com/content/view/154754 * Ubuntu: 1099-1: GDM vulnerability (Mar 30) ------------------------------------------ Sebastian Krahmer discovered that GDM (GNOME Display Manager) did notproperly drop privileges when handling the cache directories usedto store users' dmrc and face icon files. This could allow a localattacker to change the ownership of arbitrary files, thereby gainingroot privileges. [More...] http://www.linuxsecurity.com/content/view/154751 * Ubuntu: 1095-1: Quagga vulnerabilities (Mar 29) ----------------------------------------------- It was discovered that Quagga incorrectly parsed certain malformed extendedcommunities. A remote attacker could use this flaw to cause Quagga tocrash, resulting in a denial of service. (CVE-2010-1674) [More...] http://www.linuxsecurity.com/content/view/154738 * Ubuntu: 1094-1: Libvirt vulnerability (Mar 29) ---------------------------------------------- Petr Matousek discovered that libvirt did not always honor read-onlyconnections. An attacker who is authorized to connect to the libvirt daemoncould exploit this to cause a denial of service via application crash. [More...] http://www.linuxsecurity.com/content/view/154737 * Ubuntu: 1092-1: Linux Kernel vulnerabilities (Mar 25) ----------------------------------------------------- Dan Rosenberg discovered that multiple terminal ioctls did not correctlyinitialize structure memory. A local attacker could exploit this to readportions of kernel stack memory, leading to a loss of privacy.(CVE-2010-4076, CVE-2010-4077) [More...] http://www.linuxsecurity.com/content/view/154707 * Ubuntu: 1091-1: Firefox and Xulrunner vulnerabilities (Mar 25) -------------------------------------------------------------- It was discovered that several invalid HTTPS certificates were issued andrevoked. An attacker could use these to perform a man-in-the-middle attack.These were placed on the certificate blacklist to prevent their misuse. [More...] http://www.linuxsecurity.com/content/view/154702 ------------------------------------------------------------------------ * Pardus: 2011-60: Openssl: Fraudulent SSL (Mar 30) ------------------------------------------------- It was discovered that several invalid certificates were issued and revoked. An attacker could use these to perform a man-in-the-middle attack. http://www.linuxsecurity.com/content/view/154744 * Pardus: 2011-61: Mozilla: Fraudulent SSL (Mar 30) ------------------------------------------------- It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could use these to perform a man-in-the-middle attack. http://www.linuxsecurity.com/content/view/154743 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------