Linux Advisory Watch: April 1st, 2011

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



+----------------------------------------------------------------------+
| LinuxSecurity.com                               Linux Advisory Watch |
| April 1st, 2011                                 Volume 12, Number 14 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> |
|                       Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> |
+----------------------------------------------------------------------+

Thank you for reading the Linux Advisory Watch Security Newsletter. The 
purpose of this document is to provide our readers with a quick summary of 
each week's vendor security bulletins and pointers on methods to improve 
the security posture of your open source system.

Vulnerabilities affect nearly every vendor virtually every week, so be 
sure to read through to find the updates your distributor have made 
available.

What You Need to Know About Linux Rootkits
------------------------------------------
Rootkits are a way attackers hide their tracks and keep access to the
machines they control.	The good rootkits are very hard to detect and
remove. They can be running on ones computer and no one can even know
they have been running. Read more to learn how to detect them on your
system.

http://www.linuxsecurity.com/content/view/154709

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

------------------------------------------------------------------------

* Debian: 2208-2: bind9: denial of service (Mar 31)
   -------------------------------------------------
   The BIND, a DNS server, contains a defect related to the processing
   of new DNSSEC DS records by the caching resolver, which may lead to
   name resolution failures in the delegated zone. If DNSSEC validation
   is enabled, this issue can make domains ending in .COM unavailable
   when [More...]

   http://www.linuxsecurity.com/content/view/154752

* Debian: 2208-1: bind9: denial of service (Mar 30)
   -------------------------------------------------
   It was discovered that BIND, a DNS server, contains a race condition
   when processing zones updates in an authoritative server, either
   through dynamic DNS updates or incremental zone transfer (IXFR). Such
   an update while processing a query could result in deadlock and
   denial [More...]

   http://www.linuxsecurity.com/content/view/154750

* Debian: 2207-1: tomcat5.5: Multiple vulnerabilities (Mar 29)
   ------------------------------------------------------------
   Various vulnerabilities have been discovered in the Tomcat Servlet
   and JSP engine, resulting in denial of service, cross-site scripting,
   information disclosure and WAR file traversal. Further details on the
   individual security issues can be found at [More...]

   http://www.linuxsecurity.com/content/view/154742

* Debian: : mahara: Multiple vulnerabilities (Mar 29)
   ---------------------------------------------------
   Two security vulnerabilities have been discovered in Mahara, a fully
   featured electronic portfolio, weblog, resume builder and social
   networking system: [More...]

   http://www.linuxsecurity.com/content/view/154741

* Debian: 2205-1: gdm3: privilege escalation (Mar 28)
   ---------------------------------------------------
   Sebastian Krahmer discovered that the gdm3, the GNOME Desktop
   Manager, does not properly drop privileges when manipulating files
   related to the logged-in user. As a result, local users can gain root
   privileges. [More...]

   http://www.linuxsecurity.com/content/view/154725

* Debian: 2204-1: imp4: Insufficient input sanitisi (Mar 27)
   ----------------------------------------------------------
   Moritz Naumann discovered that imp4, a webmail component for the
   horde framework, is prone to cross-site scripting attacks by a lack
   of input sanitising of certain fetchmail information. [More...]

   http://www.linuxsecurity.com/content/view/154713

* Debian: 2203-1: nss: none in nss (Mar 26)
   -----------------------------------------
   This update for the Network Security Service libraries marks several
   fraudulent HTTPS certificates as unstrusted. For the oldstable
   distribution (lenny), this problem has been fixed in [More...]

   http://www.linuxsecurity.com/content/view/154712

------------------------------------------------------------------------

* Mandriva: 2011:058: quagga (Apr 1)
   ----------------------------------
   Multiple vulnerabilities has been identified and fixed in quagga: The
   extended-community parser in bgpd in Quagga before 0.99.18 allows
   remote attackers to cause a denial of service (NULL pointer
   dereference and application crash) via a malformed Extended
   Communities attribute [More...]

   http://www.linuxsecurity.com/content/view/154761

* Mandriva: 2011:057: apache (Mar 31)
   -----------------------------------
   The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk
   Multi-Processing Module (apache-mpm-itk) for the Apache HTTP Server
   does not properly handle certain configuration sections that specify
   NiceValue but not AssignUserID, which might allow remote attackers to
   gain privileges by leveraging the root uid and root gid of an mpm-itk
   [More...]

   http://www.linuxsecurity.com/content/view/154758

* Mandriva: 2011:056: openldap (Mar 30)
   -------------------------------------
   Multiple vulnerabilities has been identified and fixed in openldap:
   chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a
   master-slave configuration with a chain overlay and
   ppolicy_forward_updates (aka authentication-failure forwarding) is
   [More...]

   http://www.linuxsecurity.com/content/view/154749

* Mandriva: 2011:055: openldap (Mar 30)
   -------------------------------------
   Multiple vulnerabilities has been identified and fixed in openldap:
   chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a
   master-slave configuration with a chain overlay and
   ppolicy_forward_updates (aka authentication-failure forwarding) is
   [More...]

   http://www.linuxsecurity.com/content/view/154748

* Mandriva: 2011:054: java-1.6.0-openjdk (Mar 27)
   -----------------------------------------------
   Multiple vulnerabilities has been identified and fixed in
   java-1.6.0-openjdk: The JNLP SecurityManager in IcedTea (IcedTea.so)
   1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java
   OpenJDK returns from [More...]

   http://www.linuxsecurity.com/content/view/154714

------------------------------------------------------------------------

* Red Hat: 2011:0407-01: logrotate: Moderate Advisory (Mar 31)
   ------------------------------------------------------------
   An updated logrotate package that fixes multiple security issues is
   now available for Red Hat Enterprise Linux 6. The Red Hat Security
   Response Team has rated this update as having moderate [More...]

   http://www.linuxsecurity.com/content/view/154757

* Red Hat: 2011:0406-01: quagga: Moderate Advisory (Mar 31)
   ---------------------------------------------------------
   Updated quagga packages that fix two security issues are now
   available for Red Hat Enterprise Linux 6. The Red Hat Security
   Response Team has rated this update as having moderate [More...]

   http://www.linuxsecurity.com/content/view/154756

* Red Hat: 2011:0395-01: gdm: Moderate Advisory (Mar 28)
   ------------------------------------------------------
   Updated gdm packages that fix one security issue are now available
   for Red Hat Enterprise Linux 6. The Red Hat Security Response Team
   has rated this update as having moderate [More...]

   http://www.linuxsecurity.com/content/view/154731

* Red Hat: 2011:0394-01: conga: Important Advisory (Mar 28)
   ---------------------------------------------------------
   Updated conga packages that fix one security issue are now available
   for Red Hat Enterprise Linux 5. The Red Hat Security Response Team
   has rated this update as having [More...]

   http://www.linuxsecurity.com/content/view/154729

* Red Hat: 2011:0391-01: libvirt: Important Advisory (Mar 28)
   -----------------------------------------------------------
   Updated libvirt packages that fix one security issue are now
   available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security
   Response Team has rated this update as having [More...]

   http://www.linuxsecurity.com/content/view/154730

* Red Hat: 2011:0393-01: conga: Important Advisory (Mar 28)
   ---------------------------------------------------------
   Updated conga packages that fix one security issue are now available
   for Red Hat Cluster Suite 4. The Red Hat Security Response Team has
   rated this update as having [More...]

   http://www.linuxsecurity.com/content/view/154726

* Red Hat: 2011:0392-01: libtiff: Important Advisory (Mar 28)
   -----------------------------------------------------------
   Updated libtiff packages that fix one security issue and one bug are
   now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat
   Security Response Team has rated this update as having [More...]

   http://www.linuxsecurity.com/content/view/154727

* Red Hat: 2011:0390-01: rsync: Moderate Advisory (Mar 28)
   --------------------------------------------------------
   An updated rsync package that fixes one security issue is now
   available for Red Hat Enterprise Linux 6. The Red Hat Security
   Response Team has rated this update as having moderate [More...]

   http://www.linuxsecurity.com/content/view/154728

------------------------------------------------------------------------

* Slackware: 2011-086-02: mozilla-firefox: Security Update (Mar 27)
   -----------------------------------------------------------------
   New mozilla-firefox packages are available for Slackware 13.0 and
   13.1 to fix a security issue.  [More Info...]

   http://www.linuxsecurity.com/content/view/154715

* Slackware: 2011-086-01: seamonkey: Security Update (Mar 27)
   -----------------------------------------------------------
   New seamonkey packages are available for Slackware 12.2, 13.0, 13.1,
   and -current to fix a security issue.  [More Info...]

   http://www.linuxsecurity.com/content/view/154716

* Slackware: 2011-086-03: shadow: Security Update (Mar 27)
   --------------------------------------------------------
   New shadow packages are available for Slackware 13.1 and -current to
   fix a security issue.  [More Info...]

   http://www.linuxsecurity.com/content/view/154717

------------------------------------------------------------------------

* SuSE: Weekly Summary 2011:005 (Apr 1)
   -------------------------------------
   To avoid flooding mailing lists with SUSE Security Announcements for
   minor issues, SUSE Security releases weekly summary reports for the
   low profile vulnerability fixes. The SUSE Security Summary Reports do
   not list or download URLs like the SUSE Security Announcements that
   are released for more severe vulnerabilities.

   http://www.linuxsecurity.com/content/view/154762

* SuSE: 2011-015: Linux kernel (Mar 24)
   -------------------------------------
   This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes
   several security issues and bugs. Following security issues were
   fixed: CVE-2010-4655: A memory leak in the ethtool ioctl was fixed
   that could disclose kernel memory to local attackers with
   CAP_NET_ADMIN privileges.  [More...]

   http://www.linuxsecurity.com/content/view/154700

------------------------------------------------------------------------

* Ubuntu: 1100-1: OpenLDAP vulnerabilities (Mar 31)
   -------------------------------------------------
   It was discovered that OpenLDAP did not properly check
   forwardedauthentication failures when using a slave server and chain
   overlay. IfOpenLDAP were configured in this manner, an attacker could
   bypassauthentication checks by sending an invalid password to a slave
   server.(CVE-2011-1024) [More...]

   http://www.linuxsecurity.com/content/view/154754

* Ubuntu: 1099-1: GDM vulnerability (Mar 30)
   ------------------------------------------
   Sebastian Krahmer discovered that GDM (GNOME Display Manager) did
   notproperly drop privileges when handling the cache directories
   usedto store users' dmrc and face icon files. This could allow a
   localattacker to change the ownership of arbitrary files, thereby
   gainingroot privileges. [More...]

   http://www.linuxsecurity.com/content/view/154751

* Ubuntu: 1095-1: Quagga vulnerabilities (Mar 29)
   -----------------------------------------------
   It was discovered that Quagga incorrectly parsed certain malformed
   extendedcommunities. A remote attacker could use this flaw to cause
   Quagga tocrash, resulting in a denial of service. (CVE-2010-1674)
   [More...]

   http://www.linuxsecurity.com/content/view/154738

* Ubuntu: 1094-1: Libvirt vulnerability (Mar 29)
   ----------------------------------------------
   Petr Matousek discovered that libvirt did not always honor
   read-onlyconnections. An attacker who is authorized to connect to the
   libvirt daemoncould exploit this to cause a denial of service via
   application crash. [More...]

   http://www.linuxsecurity.com/content/view/154737

* Ubuntu: 1092-1: Linux Kernel vulnerabilities (Mar 25)
   -----------------------------------------------------
   Dan Rosenberg discovered that multiple terminal ioctls did not
   correctlyinitialize structure memory. A local attacker could exploit
   this to readportions of kernel stack memory, leading to a loss of
   privacy.(CVE-2010-4076, CVE-2010-4077) [More...]

   http://www.linuxsecurity.com/content/view/154707

* Ubuntu: 1091-1: Firefox and Xulrunner vulnerabilities (Mar 25)
   --------------------------------------------------------------
   It was discovered that several invalid HTTPS certificates were issued
   andrevoked. An attacker could use these to perform a
   man-in-the-middle attack.These were placed on the certificate
   blacklist to prevent their misuse. [More...]

   http://www.linuxsecurity.com/content/view/154702

------------------------------------------------------------------------

* Pardus: 2011-60: Openssl: Fraudulent SSL (Mar 30)
   -------------------------------------------------
   It was discovered that several invalid certificates were issued and
   revoked. An attacker could use these to perform a man-in-the-middle
   attack.

   http://www.linuxsecurity.com/content/view/154744

* Pardus: 2011-61: Mozilla: Fraudulent SSL (Mar 30)
   -------------------------------------------------
   It was discovered that several invalid HTTPS certificates were issued
   and revoked. An attacker could use these to perform a
   man-in-the-middle attack.

   http://www.linuxsecurity.com/content/view/154743

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------



[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux