|
|
+---------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| January 26th 2007 Volume 8, Number 4a |
+---------------------------------------------------------------------+
Editors: Dave Wreski Benjamin D. Thomas
dave@linuxsecurity.com ben@linuxsecurity.com
Linux Advisory Watch is a comprehensive newsletter that outlines the
security vulnerabilities that have been announced throughout the
week. It includes pointers to updated packages and descriptions of
each vulnerability.
This week, advisories were released for netrik, fetchmail,
mod_auth_kerb, libgtop, xine-ui, openldap, centericq, koffice,
pdftohtml, poppler, xpdf, tetex, libgtop, glibc, locale,
kdegraphics, proftpd, squid, gtk2, IBMJava, xine, libsoup,
GeoIP, and BlueZ. The distributors include Debian, Gentoo,
Mandriva, Red Hat, Slackware, SuSE, and Ubuntu.
---
Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic
Excellence in Information Security. Our program offers unparalleled
Infosec management education and the case study affords you unmatched
consulting experience. Using interactive e-Learning technology, you
can earn this esteemed degree, without disrupting your career or home
life.
http://www.msia.norwich.edu/linsec/
---
* EnGarde Secure Linux v3.0.11 Now Available
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.11 (Version 3.0, Release 11). This release includes
several bug fixes and feature enhancements to the SELinux policy
and several updated packages.
http://wiki.engardelinux.org/index.php/ReleaseNotes3.0.11
---
RFID with Bio-Smart Card in Linux
In this paper, we describe the integration of fingerprint template
and RF smart card for clustered network, which is designed on Linux
platform and Open source technology to obtain biometrics security.
Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a
Personal Identification Number (PIN) and the card holder is
authenticated using the biometrics template stored in the smart
card that is based on the fingerprint verification. The fingerprint
verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire
parameters of smart security controller like PIN options, Reader
delay, real-time clock, alarm option and cardholder access
conditions.
http://www.linuxsecurity.com/content/view/125052/171/
---
Packet Sniffing Overview
The best way to secure you against sniffing is to use encryption.
While this won't prevent a sniffer from functioning, it will ensure
that what a sniffer reads is pure junk.
http://www.linuxsecurity.com/content/view/123570/49/
--------
--> Take advantage of the LinuxSecurity.com Quick Reference Card!
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf
+---------------------------------+
| Distribution: Debian | ----------------------------//
+---------------------------------+
* Debian: New netrik packages fix arbitary shell command execution
21st, January, 2007
Updated package.
http://www.linuxsecurity.com/content/view/126665
+---------------------------------+
| Distribution: Gentoo | ----------------------------//
+---------------------------------+
* Gentoo: Fetchmail Denial of Service and password disclosure
22nd, January, 2007
Fetchmail has been found to have numerous vulnerabilities allowing
for Denial of Service and password disclosure.
http://www.linuxsecurity.com/content/view/126696
* Gentoo: Mod_auth_kerb Denial of Service
22nd, January, 2007
Mod_auth_kerb is vulnerable to a buffer overflow possibly allowing a
Denial of Service.
http://www.linuxsecurity.com/content/view/126697
* Gentoo: Sun JDK/JRE Multiple vulnerabilities
22nd, January, 2007
Multiple unspecified vulnerabilities have been identified in Sun Java
Development Kit (JDK) and Java Runtime Environment (JRE).
http://www.linuxsecurity.com/content/view/126698
* Gentoo: Adobe Acrobat Reader Multiple vulnerabilities
22nd, January, 2007
Adobe Acrobat Reader is vulnerable to remote code execution, Denial of
Service, and cross-site scripting attacks.
http://www.linuxsecurity.com/content/view/126699
* Gentoo: libgtop Privilege escalation
23rd, January, 2007
libgtop improperly handles filenames, possibly allowing for the
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/126705
* Gentoo: xine-ui Format string vulnerabilities
23rd, January, 2007
xine-ui improperly handles format strings, possibly allowing for the
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/126715
* Gentoo: OpenLDAP Insecure usage of /tmp during installation
23rd, January, 2007
A shell script commonly released with OpenLDAP makes insecure usage
of files in /tmp during the emerge process.
http://www.linuxsecurity.com/content/view/126716
* Gentoo: Centericq Remote buffer overflow in LiveJournal handling
23rd, January, 2007
Centericq does not properly handle communications with the
LiveJournal service, allowing for the remote execution of arbitrary
code.
http://www.linuxsecurity.com/content/view/126720
* Gentoo: MIT Kerberos 5 Arbitrary Remote Code Execution
24th, January, 2007
Multiple vulnerabilities in MIT Kerberos 5 could potentially result
in the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/126731
+---------------------------------+
| Distribution: Mandriva | ----------------------------//
+---------------------------------+
* Mandriva: Updated koffice packages fix crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch
2, kpdf in KDE before 3.5.5, and other products, allows remote
attackers to have an unknown impact, possibly including denial of service
(infinite loop), arbitrary code execution, or memory corruption, via
a PDF file with a (1) crafted catalog dictionary or (2) a crafted
Pages attribute that references an invalid page tree node. The
updated packages have been patched to correct this problem.
http://www.linuxsecurity.com/content/view/126649
* Mandriva: Updated pdftohtml packages fix crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,
kpdf in KDE before 3.5.5, and other products, allows remote attackers to
have an unknown impact, possibly including denial of service (infinite
loop), arbitrary code execution, or memory corruption, via a PDF file
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute
that references an invalid page tree node. The updated packages have
been patched to correct this problem.
http://www.linuxsecurity.com/content/view/126650
* Mandriva: Updated poppler packages fix crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch
2, kpdf in KDE before 3.5.5, and other products, allows remote
attackers to have an unknown impact, possibly including denial of
service (infinite loop), arbitrary code execution, or memory
corruption, via a PDF file with a (1) crafted catalog dictionary or
(2) a crafted Pages attribute that references an invalid page tree
node. The updated packages have been patched to correct this problem.
http://www.linuxsecurity.com/content/view/126652
* Mandriva: Updated xpdf packages fix crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch
2, kpdf in KDE before 3.5.5, and other products, allows remote
attackers to have an unknown impact, possibly including denial of
service (infinite loop), arbitrary code execution, or memory
corruption, via a PDF file with a (1) crafted catalog dictionary or
(2) a crafted Pages attribute that references an invalid page tree
node. The updated packages have been patched to correct this
problem.
http://www.linuxsecurity.com/content/view/126653
* Mandriva: Updated tetex packages fix crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch
2, kpdf in KDE before 3.5.5, and other products, allows remote
attackers to have an unknown impact, possibly including denial of
service (infinite loop), arbitrary code execution, or memory
corruption, via a PDF file with a (1) crafted catalog dictionary or
(2) a crafted Pages attribute that references an invalid page tree
node. The updated packages have been patched to correct this problem.
http://www.linuxsecurity.com/content/view/126654
* Mandriva: Updated libgtop2 packages fix buffer overflow vulnerability
18th, January, 2007
Stack-based buffer overflow in the glibtop_get_proc_map_s function in
libgtop before 2.14.6 (libgtop2) allows local users to cause a denial
of service (crash) and possibly execute arbitrary code via a process
with a long filename that is mapped in its address space, which
triggers the overflow in gnome-system-monitor. The updated packages
have been patched to correct this problem.
http://www.linuxsecurity.com/content/view/126655
* Mandriva: Updated glibc, locale packages address several issues
21st, January, 2007
The version of glibc shipped with Mandriva 2007 has a bug that
prevents the system from passing the lsb-runtime test suite
(T.ttyname_r). This update also includes sparc64 updates and Unicode
5.0 support.
http://www.linuxsecurity.com/content/view/126664
* Mandriva: Updated packages link to the correct version of Firefox
22nd, January, 2007
Due to an error in the compilation system, the firefox-dependant
packages provided in MDKSA-2007:010 for Mandriva 2007/x86_64 were
linked to the older version of Firefox. This update corrects the
problem.
http://www.linuxsecurity.com/content/view/126695
* Mandriva: Updated kdegraphics packages fix crafted pdf file vulnerability
22nd, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,
kpdf in KDE before 3.5.5, and other products, allows remote attackers to
have an unknown impact, possibly including denial of service (infinite
loop), arbitrary code execution, or memory corruption, via a PDF file
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute
that references an invalid page tree node.
http://www.linuxsecurity.com/content/view/126701
* Mandriva: Updated mandriva-doc-common packages fix help links
22nd, January, 2007
Due to changes in the structure of the documentation, the Help buttons
of the Software Management tools led to broken links. This update fixes
the links catalog system so the inline help works again.
http://www.linuxsecurity.com/content/view/126702
* Mandriva: Updated kernel packages fix multiple vulnerabilities and bugs
23rd, January, 2007
Some vulnerabilities were discovered and corrected in the Linux 2.6
kernel.
http://www.linuxsecurity.com/content/view/126710
* Mandriva: Updated proftpd packages fix vulnerabilities
23rd, January, 2007
A stack-based buffer overflow in the sreplace function in ProFTPD
1.3.0 and earlier, allows remote attackers to cause a denial of
service, as demonstrated by vd_proftpd.pm, a "ProFTPD remote
exploit."
http://www.linuxsecurity.com/content/view/126718
* Mandriva: Updated squid packages fix vulnerabilities
23rd, January, 2007
A vulnerability in squid was discovered that could be remotely
exploited by using a special ftp:// URL (CVE-2007-0247)
http://www.linuxsecurity.com/content/view/126719
+---------------------------------+
| Distribution: Red Hat | ----------------------------//
+---------------------------------+
* RedHat: Critical: Adobe Acrobat Reader security update
22nd, January, 2007
Updated acroread packages that fix several security issues are now
available for Red Hat Enterprise Linux 3. This update has been rated
as having critical security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/126694
* RedHat: Moderate: gtk2 security update
24th, January, 2007
Updated gtk2 packages that fix a security issue are now available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/126728
+---------------------------------+
| Distribution: Slackware | ----------------------------//
+---------------------------------+
* Slackware: fetchmail
24th, January, 2007
New fetchmail packages are available for Slackware 8.1, 9.0, 9.1,
10.0, 10.1, 10.2, and 11.0 to fix a security issue.
http://www.linuxsecurity.com/content/view/126735
+---------------------------------+
| Distribution: SuSE | ----------------------------//
+---------------------------------+
* SuSE: IBMJava (SUSE-SA:2007:010)
18th, January, 2007
Various security problems and bugs have been fixed in the IBMJava JRE
and SDK. The IBM Java packages were updated to: IBM Java 1.4.2 to
Service Refresh 7. IBM JAVA 1.3.10 to Service Refresh 10. It contains
several security fixes also fixed in SUN Java including:
CVE-2006-4339: fix for the RSA exponent padding attack.
http://www.linuxsecurity.com/content/view/126639
* SuSE: Acrobat Reader 7.0.9
22nd, January, 2007
The Adobe Acrobat Reader has been updated to version 7.0.9. This
update also includes following security fixes: CVE-2006-5857: A
memory corruption problem was fixed in Adobe Acrobat Reader can
potentially lead to code execution.
http://www.linuxsecurity.com/content/view/126671
* SuSE: squid (SUSE-SA:2007:012)
23rd, January, 2007
This update fixes a remotely exploitable denial-of-service bug in
squid that can be triggered by using special ftp:// URLs.
(CVE-2007-0247) Additionally the 10.2 package needed a fix for
another DoS bug (CVE-2007-0248) and for max_user_ip handling in
ntlm_auth.
http://www.linuxsecurity.com/content/view/126706
* SuSE: xine (SUSE-SA:2007:013)
23rd, January, 2007
This update fixes several format string bugs that can be exploited
remotely with user-assistance to execute arbitrary code. Since SUSE
Linux version 10.1 format string bugs are not exploitable anymore.
(CVE-2007-0017)
http://www.linuxsecurity.com/content/view/126707
+---------------------------------+
| Distribution: Ubuntu | ----------------------------//
+---------------------------------+
* Ubuntu: poppler vulnerability
18th, January, 2007
The poppler PDF loader library did not limit the recursion depth of
the page model tree. By tricking a user into opening a specially
crafter PDF file, this could be exploited to trigger an infinite loop
and eventually crash an application that uses this library. kpdf in
Ubuntu 5.10, and KOffice in all Ubuntu releases contains a copy of
this code and thus is affected as well.
http://www.linuxsecurity.com/content/view/126640
* Ubuntu: libsoup vulnerability
23rd, January, 2007
Roland Lezuo and Josselin Mouette discovered that the HTTP server
code in libsoup did not correctly verify request headers. Remote
attackers could crash applications using libsoup by sending a crafted
HTTP request, resulting in a denial of service.
http://www.linuxsecurity.com/content/view/126717
* Ubuntu: GeoIP vulnerability
23rd, January, 2007
Dean Gaudet discovered that the GeoIP update tool did not validate
the filename responses from the update server. A malicious server,
or man-in-the-middle system posing as a server, could write to
arbitrary files with user privileges.
http://www.linuxsecurity.com/content/view/126721
* Ubuntu: BlueZ vulnerability
23rd, January, 2007
A flaw was discovered in the HID daemon of bluez-utils. A remote
attacker could gain control of the mouse and keyboard if hidd was
enabled. This does not affect a default Ubuntu installation, since
hidd is normally disabled.
http://www.linuxsecurity.com/content/view/126723
* Ubuntu: Squid vulnerabilities
24th, January, 2007
David Duncan Ross Palmer and Henrik Nordstrom discovered that squid
incorrectly handled special characters in FTP URLs. Remote users
with access to squid could crash the server leading to a denial of
service.
http://www.linuxsecurity.com/content/view/126736
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn