AOH :: IS1177.HTM

Linux Advisory Watch: September 26th, 2008

Linux Advisory Watch: September 26th, 2008
Linux Advisory Watch: September 26th, 2008

|                                  Weekly Newsletter |
| September 26th, 2008                             Volume 9, Number 39 |
|                                                                      |
| Editorial Team: Dave Wreski  | 
| Benjamin D. Thomas  | 

Thank you for reading the weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for python, wordnet, horde3,
phpmyadmin, twiki, ed, bypass, mantis, postfix, blender, awstats,
phpmyadmin, pan, wireshark, ubuntu, xulrunner, and rdesktop.  The
distributors include Debian, Gentoo, Mandriva, Red Hat, and Ubuntu.


Norwich University's Master of Science in Information Assurance
(MSIA) program, designated by the National Security Agency as providing
academically excellent education in Information Assurance, provides you
with the skills to manage and lead an organization-wide information
security program and the tools to fluently communicate the intricacies
of information security at an executive level. 


Never Installed a Firewall on Ubuntu? Try Firestarter
When I typed on Google "Do I really need a firewall?" 695,000 results
came across.  And I'm pretty sure they must be saying  "Hell yeah!".
In my opinion, no one would ever recommend anyone to sit naked on the
internet keeping in mind the insecurity internet carries these days,
unless you really know what you are doing.

Read on for more information on Firestarter. 


Review: Hacking Exposed Linux, Third Edition
"Hacking Exposed Linux" by  ISECOM (Institute for Security and Open
Methodologies) is a guide to help you secure your Linux environment.
This book does not only help improve your security it looks at why you
should. It does this by showing examples of real attacks and rates the
importance of protecting yourself from being a victim of each type of

-->  Take advantage of the Quick Reference Card!  <--
--> <-- 


* EnGarde Secure Community 3.0.20 Now Available (Aug 19)
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.20 (Version 3.0, Release 20). This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.

  In distribution since 2001, EnGarde Secure Community was one of the
  very first security platforms developed entirely from open source,
  and has been engineered from the ground-up to provide users and
  organizations with complete, secure Web functionality, DNS, database,
  e-mail security and even e-commerce. 


* Debian: New python-dns package fixes regression (Sep 22)
  In DSA-1619-1, an update was announced for DNS response spoofing
  vulnerabilities in python-dns.  The fix introduced a regression in
  the library breaking the resolution of UTF-8 encoded record names.
  An updated release is available which corrects this problem.	For
  reference, the original advisory text follows. 

* Debian: New wordnet packages fix regression (Sep 20)
  A regression was discovered in the original patch addressing this
  issue for WordNet, which this update fixes. For reference the text of
  the original advisory follows. 

* Debian: New horde3 packages fix cross site scripting (Sep 20)
  Will Drewry discovered that the Horde, allows remote attackers to
  send an email with a crafted MIME attachment filename attribute to
  perform cross site scripting. 

* Debian: New phpmyadmin packages fix several issues (Sep 20)
  Several remote vulnerabilities have been discovered in phpMyAdmin, a
  tool to administrate MySQL databases over the web. The Common
  Vulnerabilities and Exposures project identifies the following

* Debian: New python-django packages fix cross site request forgery (Sep 20)
  Simon Willison discovered that in Django, a Python web framework, the
  feature to retain HTTP POST data during user reauthentication allowed
  a remote attacker to perform unauthorized modification of data
  through cross site request forgery. The is possible regardless of the
  Django plugin to prevent cross site request forgery being enabled.
  The Common Vulnerabilities and Exposures project identifies this
  issue as 

* Debian: New twiki packages execution of arbitrary code (Sep 19)
  It was discovered that twiki, a web based collaboration platform,
  didn't properly sanitize the image parameter in its configuration
  script. This could allow remote users to execute arbitrary commands
  upon the  system, or read any files which were readable by the
  webserver user. 


* Gentoo: GNU ed User-assisted execution of arbitrary code (Sep 23)
  A buffer overflow vulnerability in ed may allow for the remote
  execution of arbitrary code. 

* Gentoo: BitlBee Security bypass (Sep 23)
  Multiple vulnerabilities in Bitlbee may allow to bypass security
  restrictions and hijack accounts. 

* Gentoo: R Insecure temporary file creation (Sep 22)
  R is vulnerable to symlink attacks due to an insecure usage of
  temporary files. 

* Gentoo: Newsbeuter User-assisted execution of arbitrary (Sep 22)
  Insufficient input validation in newsbeuter may allow remote
  attackers to execute arbitrary shell commands. 

* Gentoo: HAVP Denial of Service (Sep 21)
  A Denial of Service vulnerability has been reported in HAVP. 

* Gentoo: Mantis Multiple vulnerabilities (Sep 21)
  Multiple vulnerabilities have been reported in Mantis. 

* Gentoo: Postfix Denial of Service (Sep 19)
  A memory leak in Postfix might allow local users to cause a Denial of


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:204 ] blender (Sep 24)
  Stefan Cornelius of Secunia Research reported a boundary error when
  Blender processed RGBE images which could be used to execute
  arbitrary code with the privileges of the user running Blender if a
  specially crafted .hdr or .blend file were opened(CVE-2008-1102). As
  well, multiple vulnerabilities involving insecure usage of temporary
  files had also been reported (CVE-2008-1103). The updated packages
  have been patched to prevent these issues. 

* Mandriva: Subject: [Security Announce] [ MDVSA-2008:203 ] awstats (Sep 23)
  A cross-site scripting (XSS) vulnerability was found in AWStats that
  allowed remote attackers to inject arbitrary web script or HTML via
  the query_string (CVE-2008-3714). 

* Mandriva: Subject: [Security Announce] [ MDVSA-2008:202 ] phpMyAdmin (Sep 23)
  A few vulnerabilities and security-related issues have been fixed in
  phpMyAdmin since the 2.11.7 release.	This update provides version which is the latest stable release of phpMyAdmin and fixes
  CVE-2008-3197, CVE-2008-3456, CVE-2008-3457, and CVE-2008-4096. 

* Mandriva: Subject: [Security Announce] [ MDVSA-2008:201 ] pan (Sep 22)
  Pavel Polischouk found a boundary error in the PartsBatch class in
  the Pan newsreader when processing .nzb files, which could allow
  remote attackers to cause a denial of serice (application crash) or
  possibly execute arbitrary code via a crafted .nzb file
  (CVE-2008-2363). The updated packages have been patched to prevent
  this issue. 

* Mandriva: Subject: [Security Announce] [ MDVSA-2008:200 ] ed (Sep 22)
  A heap-based buffer overflow was found in GNU ed that allowed
  context-dependent or user-assisted attackers to execute arbitrary
  code via a long filename (CVE-2008-3916). This update provides GNU ed
  1.0, which is not vulnerable to this issue. 

* Mandriva: Subject: [Security Announce] [ MDVSA-2008:199 ] wireshark (Sep 19)
  A number of vulnerabilities were discovered in Wireshark that could
  cause it to crash while processing malicious packets (CVE-2008-3146,
  CVE-2008-3932, CVE-2008-3933, CVE-2008-3934). This update provides
  Wireshark 1.0.3, which is not vulnerable to these issues. 

* Mandriva: Subject: [Security Announce] [ MDVA-2008:128 ] xdm (Sep 18)
  Trying to establish an XDMCP session to a machine running xdm would
  result in a blue screen and an X cursor that could be moved with the
  mouse but no login greeter. After 2 to 3 minutes, the launching tty
  would say XDM: too many retransmissions, declaring session dead. This
  update fixes the issue. 


* RedHat: Important: kernel security and bug fix update (Sep 24)
  Updated kernel packages that fix various security issues and several
  bugs are now available for Red Hat Enterprise Linux 5. This update
  has been rated as having important security impact by the Red Hat
  Security Response Team. 

* RedHat: Critical: firefox security update (Sep 23)
  An updated firefox package that fixes various security issues is now
  available for Red Hat Enterprise Linux 4 and 5. This update has been
  rated as having critical security impact by the Red Hat Security
  Response Team. 

* RedHat: Critical: seamonkey security update (Sep 23)
  Updated seamonkey packages that fix a security issues are now
  available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux
  3 and Red Hat Enterprise Linux 4. This update has been rated as
  having critical security impact by the Red Hat Security Response


* Ubuntu:  Firefox vulnerabilities (Sep 24)
  USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu
  7.04, 7.10 and 8.04 LTS. This provides the corresponding update for
  Ubuntu 6.06 LTS. 

* Ubuntu:  Firefox and xulrunner vulnerabilities (Sep 24)
  Justin Schuh, Tom Cross and Peter Williams discovered errors in the
  Firefox URL parsing routines. If a user were tricked into opening a
  crafted hyperlink, an attacker could overflow a stack buffer and
  execute arbitrary code. (CVE-2008-0016) 

* Ubuntu:  rdesktop vulnerabilities (Sep 18)
  It was discovered that rdesktop did not properly validate the length
  of packet headers when processing RDP requests. If a user were
  tricked into connecting to a malicious server, an attacker could
  cause a denial of service or possible execute arbitrary code with the
  privileges of the user. (CVE-2008-1801) 

Distributed by: Guardian Digital, Inc.      

To unsubscribe email 
         with "unsubscribe" in the subject of the message.

Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 

Site design & layout copyright © 1986-2014 CodeGods