AOH :: ISN-3229.HTM

Linux Advisory Watch - November 3rd 2006

Linux Advisory Watch - November 3rd 2006
Linux Advisory Watch - November 3rd 2006

|                               Weekly Newsletter  |
|  November 3rd 2006                            Volume 7, Number 45a  |

  Editors:      Dave Wreski                     Benjamin D. Thomas 

Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week.  It includes pointers to updated packages and descriptions of
each vulnerability.

This week, advisories were released for Qt, ethereal, screen, php,
asterisk, mono, xupplicant, mutt, ruby, ImageMagick, PostgreSQL, and
WvWare.  The distributors include Debian, Debian, Mandriva, Red Hat,
and Ubuntu.


Earn an NSA recognized IA Masters Online

The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home


EnGarde Secure Linux v3.0.9 Now Available

Guardian Digital is happy to announce the release of EnGarde
Secure Community 3.0.9 (Version 3.0, Release 9). This release
includes several bug fixes and feature enhancements to the
Guardian Digital WebTool and the SELinux policy, several
updated packages, and a couple of new packages available for


RFID with Bio-Smart Card in Linux

In this paper, we describe the integration of fingerprint template
and RF smart card for clustered network, which is designed on Linux
platform and Open source technology to obtain biometrics security.
Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a
Personal Identification Number (PIN) and the card holder is
authenticated using the biometrics template stored in the smart
card that is based on the fingerprint verification. The fingerprint
verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire
parameters of smart security controller like PIN options, Reader
delay, real-time clock, alarm option and cardholder access


Packet Sniffing Overview

The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk. 


-->  Take advantage of the Quick Reference Card!

|  Distribution: Debian           | ----------------------------//

* Debian: New Qt packages fix integer overflow
  30th, October, 2006

An integer overflow has been found in the pixmap handling routines in
the Qt GUI libraries.  This could allow an attacker to cause a denial
of service and possibly execute arbitrary code by providing a
specially crafted image file and inducing the victim to view it in an
 application based on Qt. 

* Debian: New ethereal packages fix denial of service
  31st, October, 2006

Updated package. 

* Debian: New screen packages fix arbitrary code execution
  31st, October, 2006

Updated package. 

* Gentoo: Cheese Tracker Buffer Overflow
  26th, October, 2006

Cheese Tracker contains a buffer overflow allowing the remote
execution of arbitrary code. 

|  Distribution: Gentoo           | ----------------------------//

* Gentoo: PHP Integer overflow
  30th, October, 2006

PHP is vulnerable to an integer overflow potentially allowing the
remote execution of arbitrary code. 

* Gentoo: Asterisk Multiple vulnerabilities
  30th, October, 2006

Asterisk is vulnerable to the remote execution of arbitrary code or a
Denial of Service. 

|  Distribution: Mandriva         | ----------------------------//

* Mandriva: Updated mono packages fix vulnerability
  27th, October, 2006

Sebastian Krahmer of the SUSE security team found that the
System.CodeDom.Compiler classes in mono used temporary files in an
insecure way that could allow a symbolic link attack to overwrite
arbitrary files with the privileges of the user running a program
that made use of those classes. 

* Mandriva: Updated xsupplicant fixes possible remote root stack
smash vulnerability
  27th, October, 2006

Yannick Van Osselaer discovered a stack overflow in Xsupplicant,
which could potentially be exploited by a remote, authenticated user
to gain root priviledges. Additional code cleanups to fix potential
memory leaks are also included. 

* Mandriva: Updated mutt packages fix multiple vulnerabilities
  27th, October, 2006

A race condition in the safe_open function in the Mutt mail client
1.5.12 and earlier, when creating temporary files in an NFS
filesystem, allows local users to overwrite arbitrary files due to
limitations of the use of the O_EXCL flag on NFS filesystems.

* Mandriva: Updated screen packages fix vulnerability
  27th, October, 2006

Multiple unspecified vulnerabilities in the "utf8 combining
characters handling" (utf8_handle_comb function in encoding.c) in
screen before 4.0.3 allows user-assisted attackers to cause a denial
of service (crash or hang) via certain UTF8 sequences. 

* Mandriva: Updated ruby packages fix DoS vulnerability
  27th, October, 2006

The CGI library in Ruby 1.8 allowed a remote attacker to cause a
Denial of Service via an HTTP request with a multipart MIME body that
contained an invalid boundary specifier, which would result in an
infinite loop and CPU consumption. 

* Mandriva: Updated ImageMagick packages fix vulnerabilities
  30th, October, 2006

Multiple buffer overflows in GraphicsMagick before 1.1.7 and
ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of
service and possibly execute execute arbitrary code via (1) a DCM
image that is not properly handled by the ReadDCMImage function in
coders/dcm.c, or (2) a PALM image that is not properly handled by the
ReadPALMImage function in coders/palm.c. 

* Mandriva: Updated PostgreSQL packages fix vulnerabilities
  30th, October, 2006

A vulnerability in PostgreSQL 8.1.x allowed remote authenticated
users to cause a Denial of Service (daemon crash) via certain
aggregate functions in an UPDATE statement which were not handled
correctly (CVE-2006-5540). 

|  Distribution: Red Hat          | ----------------------------//

* RedHat: Moderate: qt security update
  1st, November, 2006

Updated qt packages that correct an integer overflow flaw are now
available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team. 

|  Distribution: Ubuntu           | ----------------------------//

* Ubuntu:  postgresql-8.1 vulnerabilities
  1st, November, 2006

USN-369-1 fixed three minor PostgreSQL 8.1 vulnerabilities for Ubuntu
6.06 LTS. This update provides the corresponding update for Ubuntu

* Ubuntu:  imagemagick vulnerability
  1st, November, 2006

M. Joonas Pihlaja discovered that ImageMagick did not sufficiently
verify the validity of PALM and DCM images. When processing a
specially crafted image with an application that uses imagemagick,
this could be exploited to execute arbitrary code with the
application's privileges. 

* Ubuntu:  screen vulnerability
  1st, November, 2006

cstone and Rich Felker discovered a programming error in the UTF8
string handling code of "screen" leading to a denial of service.  If
a crafted string was displayed within a screen session, screen would
crash or possibly execute arbitrary code. 

* Ubuntu:  Ruby vulnerability
  1st, November, 2006

An error was found in Ruby's CGI library that did not correctly check
for the end of multipart MIME requests.  Using a crafted HTTP
request, a remote user could cause a denial of service, where Ruby
CGI applications would end up in a loop, monopolizing a CPU. 

* Ubuntu:  mutt vulnerabilities
  1st, November, 2006

Race conditions were discovered in mutt's handling of temporary
files.	Under certain conditions when using a shared temp directory
(the default), other local users could overwrite arbitrary files
owned by the user running mutt.  This vulnerability is more likely
when the temp directory is over NFS. 

* Ubuntu:  wvWare vulnerability
  1st, November, 2006

An integer overflow was discovered in the DOC file parser of the wv
library.  By tricking a user into opening a specially crafted MSWord
(.DOC) file, remote attackers could execute arbitrary code with the
user's privileges. 

Distributed by: Guardian Digital, Inc.      

To unsubscribe email 
         with "unsubscribe" in the subject of the message.

Visit the InfoSec News store! 

Site design & layout copyright © 1986-2015 CodeGods