AOH :: IS1148.HTM
Linux Advisory Watch: September 19th, 2008
|
Linux Advisory Watch: September 19th, 2008
Linux Advisory Watch: September 19th, 2008
+----------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| September 19th, 2008 Volume 9, Number 38 |
| |
| Editorial Team: Dave Wreski |
| Benjamin D. Thomas |
+----------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week, advisories were released for openssh, git-core, clamav,
koffice, wordnet, mplayer, apache, kolab-server, vpnc, libxml2, rsh,
bzip2, and freetype. The distributors include Debian, Mandriva, Red
Hat, and Ubuntu.
---
>> Linux+DVD Magazine <<
In each issue you can find information concerning the best use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.
Catch up with what professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software are doing!
http://www.linuxsecurity.com/ads/adclick.php?bannerid=26
---
Review: Hacking Exposed Linux, Third Edition
--------------------------------------------
"Hacking Exposed Linux" by ISECOM (Institute for Security and Open
Methodologies) is a guide to help you secure your Linux environment.
This book does not only help improve your security it looks at why you
should. It does this by showing examples of real attacks and rates the
importance of protecting yourself from being a victim of each type of
attack.
http://www.linuxsecurity.com/content/view/141165
---
Security Features of Firefox 3.0
--------------------------------
Lets take a look at the security features of the newly released Firefox
3.0. Since it's release on Tuesday I have been testing it out to see
how the new security enhancements work and help in increase user
browsing security. One of the exciting improvements for me was how
Firefox handles SSL secured web sites while browsing the Internet.
There are also many other security features that this article will look
at. For example, improved plugin and addon security.
Read on for more security features of Firefox 3.0.
http://www.linuxsecurity.com/content/view/138972
--> Take advantage of the LinuxSecurity.com Quick Reference Card! <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <--
------------------------------------------------------------------------
* EnGarde Secure Community 3.0.20 Now Available (Aug 19)
------------------------------------------------------
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.20 (Version 3.0, Release 20). This release includes
many updated packages and bug fixes and some feature enhancements to
the EnGarde Secure Linux Installer and the SELinux policy.
In distribution since 2001, EnGarde Secure Community was one of the
very first security platforms developed entirely from open source,
and has been engineered from the ground-up to provide users and
organizations with complete, secure Web functionality, DNS, database,
e-mail security and even e-commerce.
http://www.linuxsecurity.com/content/view/141173
------------------------------------------------------------------------
* Debian: New openssh packages fix denial of service (Sep 16)
-----------------------------------------------------------
It has been discovered that the signal handler implementing the login
timeout in Debian's version of the OpenSSH server uses functions
which are not async-signal-safe, leading to a denial of service
vulnerability (CVE-2008-4109).
http://www.linuxsecurity.com/content/view/142094
* Debian: New git-core packages fix buffer overflow (Sep 15)
----------------------------------------------------------
Multiple vulnerabilities have been identified in git-core, the core
of the git distributed revision control system. Improper path length
limitations in git's diff and grep functions, in combination with
maliciously crafted repositories or changes, could enable a stack
buffer overflow and potentially the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/142083
------------------------------------------------------------------------
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:189-1 ] clamav (Sep 17)
---------------------------------------------------------------------------
Multiple vulnerabilities were discovered in ClamAV and corrected with
the 0.94 release, including: A vulnerability in ClamAV's chm-parser
allowed remote attackers to cause a denial of service (application
crash) via a malformed CHM file (CVE-2008-1389).
http://www.linuxsecurity.com/content/view/142225
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:197-1 ] koffice (Sep 17)
----------------------------------------------------------------------------
Kees Cook of Ubuntu security found a flaw in how poppler prior to
version 0.6 displayed malformed fonts embedded in PDF files. An
attacker could create a malicious PDF file that would cause
applications using poppler to crash, or possibly execute arbitrary
code when opened (CVE-2008-1693).
http://www.linuxsecurity.com/content/view/142220
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:198 ] R-base (Sep 16)
-------------------------------------------------------------------------
A symlink vulnerability was found in the javareconf script in R that
allows local users to overwrite arbitrary files (CVE-2008-3931). The
updated packages have been patched to prevent this issue.
http://www.linuxsecurity.com/content/view/142095
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:197 ] koffice (Sep 15)
--------------------------------------------------------------------------
Kees Cook of Ubuntu security found a flaw in how poppler prior to
version 0.6 displayed malformed fonts embedded in PDF files. An
attacker could create a malicious PDF file that would cause
applications using poppler to crash, or possibly execute arbitrary
code when opened (CVE-2008-1693).
http://www.linuxsecurity.com/content/view/142090
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:182-1 ] wordnet (Sep 15)
----------------------------------------------------------------------------
Rob Holland found several programming errors in WordNet which could
lead to the execution or arbitrary code when used with untrusted
input (CVE-2008-2149, CVE-2008-3908).
http://www.linuxsecurity.com/content/view/142089
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:196 ] mplayer (Sep 15)
--------------------------------------------------------------------------
Uncontrolled array index in the sdpplin_parse function in
stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers
to overwrite memory and execute arbitrary code via a large streamid
SDP parameter.
http://www.linuxsecurity.com/content/view/142088
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:195 ] apache (Sep 13)
-------------------------------------------------------------------------
A vulnerability was discovered in the mod_proxy module in Apache
where it did not limit the number of forwarded interim responses,
allowing remote HTTP servers to cause a denial of service (memory
consumption) via a large number of interim responses (CVE-2008-2364).
http://www.linuxsecurity.com/content/view/142036
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:194 ] apache2 (Sep 13)
--------------------------------------------------------------------------
A cross-site scripting vulnerability was found in the mod_proxy_ftp
module in Apache that allowed remote attackers to inject arbitrary
web script or HTML via wildcards in a pathname in an FTP URI
(CVE-2008-2939).
http://www.linuxsecurity.com/content/view/142035
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:193 ] kolab-server (Sep 13)
-------------------------------------------------------------------------------
Gavin McCullagh of Griffith College Dublin reported an issue in Kolab
v1 where user passwords were being recorded in the Apache log files
due to Kolab using HTTP GET requests rather than HTTP POST requests.
This would allow any users with access to the Apache log files to
harvest user passwords and possibly other sensitive data. The patch
to fix this problem also corrects and issue where non-alphanumeric
characters in passwords, set via the Kolab web interface, did not
work.
http://www.linuxsecurity.com/content/view/142034
* Mandriva: Subject: [Security Announce] [ MDVA-2008:122 ] vpnc (Sep 11)
----------------------------------------------------------------------
The vpnc package that shipped with Mandriva Linux 2008.1 was missing
the cisco-decrypt binary, which is used for converting Cisco VPN
client profile files encrypted passwords. As a result, any call to
pcf2vpnc failed due to the missing binary. This update provides the
missing binary.
http://www.linuxsecurity.com/content/view/142010
* Mandriva: Subject: [Security Announce] [ MDVA-2008:120 ] draksnapshot (Sep 11)
------------------------------------------------------------------------------
This update fixes several minor issues with draksnapshot, such as
backups not being completed due to bad permissions. A number of fixes
were done to the applet as well, including notifications showing as
information instead of warnings. Draksnapshot now no longer
auto-disables after configuring, and it only pops up if a USB disk is
mounted. Finally, it now prevents showing the panel icon before the
bubble, so the latter is correctly placed.
http://www.linuxsecurity.com/content/view/142008
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:192 ] libxml2 (Sep 11)
--------------------------------------------------------------------------
A heap-based buffer overflow was found in how libxml2 handled long
XML entity names. If an application linked against libxml2 processed
untrusted malformed XML content, it could cause the application to
crash or possibly execute arbitrary code (CVE-2008-3529).
http://www.linuxsecurity.com/content/view/142007
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:191 ] rsh (Sep 11)
----------------------------------------------------------------------
A vulnerability in the rcp protocol was discovered that allows a
server to instruct a client to write arbitrary files outside of the
current directory, which could potentially be a security concern if a
user used rcp to copy files from a malicious server (CVE-2004-0175).
http://www.linuxsecurity.com/content/view/142006
------------------------------------------------------------------------
* RedHat: Critical: RealPlayer security update (Sep 17)
-----------------------------------------------------
RealPlayer 10.0.9 as shipped in Red Hat Enterprise Linux 3 Extras, 4
Extras, and 5 Supplementary, contains a security flaw and should not
be used. This update has been rated as having critical security
impact by the Red Hat Security Response Team. [Updated 17 September
2008]
http://www.linuxsecurity.com/content/view/142221
* RedHat: Moderate: bzip2 security update (Sep 16)
------------------------------------------------
Updated bzip2 packages that fix a security issue are now available
for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been
rated as having moderate security impact by the Red Hat Security
Response Team.
http://www.linuxsecurity.com/content/view/142093
* RedHat: Important: libxml2 security update (Sep 11)
---------------------------------------------------
A denial of service flaw was found in the way libxml2 processed
certain content. If an application linked against libxml2 processed
malformed XML content, it could cause the application to use an
excessive amount of CPU time and memory, and stop responding.
(CVE-2003-1564)
http://www.linuxsecurity.com/content/view/141784
* RedHat: Important: libxml2 security update (Sep 11)
---------------------------------------------------
Updated libxml2 packages that fix a security issue are now available
for Red Hat Enterprise Linux 3, 4, and 5. A heap-based buffer
overflow flaw was found in the way libxml2 handled long XML entity
names. If an application linked against libxml2 processed untrusted
malformed XML content, it could cause the application to crash or,
possibly, execute arbitrary code. (CVE-2008-3529) This update has
been rated as having important security impact by the Red Hat
Security Response Team.
http://www.linuxsecurity.com/content/view/141783
------------------------------------------------------------------------
* Ubuntu: libxml2 vulnerabilities (Sep 11)
-----------------------------------------
It was discovered that libxml2 did not correctly handle long entity
names. If a user were tricked into processing a specially crafted XML
document, a remote attacker could execute arbitrary code with user
privileges or cause the application linked against libxml2 to crash,
leading to a denial of service. (CVE-2008-3529)
http://www.linuxsecurity.com/content/view/142004
* Ubuntu: FreeType vulnerabilities (Sep 11)
------------------------------------------
Multiple flaws were discovered in the PFB and TTF font handling code
in freetype. If a user were tricked into using a specially crafted
font file, a remote attacker could execute arbitrary code with user
privileges or cause the application linked against freetype to crash,
leading to a denial of service.
http://www.linuxsecurity.com/content/view/142005
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
__________________________________________________
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!
http://conference.hackinthebox.org/hitbsecconf2008kl/
Site design & layout copyright © 1986- CodeGods