AOH :: ISNQ5790.HTM

Linux Advisory Watch - June 20th 2008




Linux Advisory Watch - June 20th 2008
Linux Advisory Watch - June 20th 2008



+------------------------------------------------------------------------+
| LinuxSecurity.com                                    Weekly Newsletter |
| June 20th, 2008                                    Volume 9, Number 25 |
|                                                                        |
| Editorial Team: Dave Wreski  | 
| Benjamin D. Thomas  | 
+------------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for libtk-img, typo3, mt-daapd, x11,
util-linux-ng, kernel, perl, openoffice, openssl-blacklist, samba, and
OpenVPN.  The distributors include Debian, Gentoo, Mandriva, Red Hat, and
Ubuntu.

---

>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 

---

Review: The Book of Wireless
----------------------------
The Book of Wireless by John Ross is an answer to the problem of
learning about wireless networking. With the wide spread use of Wireless
networks today anyone with a computer should at least know the basics of
wireless. Also, with the wireless networking, users need to know how to
protect themselves from wireless networking attacks.

http://www.linuxsecurity.com/content/view/136167 

---

April 2008 Open Source Tool of the Month: sudo
----------------------------------------------
This month the editors at LinuxSecurity.com have chosen sudo as the Open
Source Tool of the Month!

http://www.linuxsecurity.com/content/view/135868 

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- 

--------------------------------------------------------------------------

* EnGarde Secure Community 3.0.19 Now Available! (Apr 15)
  -------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.19 (Version 3.0, Release 19).  This release includes many
  updated packages and bug fixes and some feature enhancements to the
  EnGarde Secure Linux Installer and the SELinux policy.

http://www.linuxsecurity.com/content/view/136174 

--------------------------------------------------------------------------

* Debian: New libtk-img packages fix arbitrary code execution (Jun 19)
  --------------------------------------------------------------------
  It was discovered that a buffer overflow in the GIF image parsing code
  of Tk, a cross-platform graphical toolkit, could lead to denial of
  service and potentially the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/138786 

* Debian: New typo3 packages fix several vulnerabilities (Jun 12)
  ---------------------------------------------------------------
  Because of a not sufficiently secure default value of the TYPO3
  configuration variable fileDenyPattern, authenticated backend users
  could upload files that allowed to execute arbitrary code as the
  webserver user.

http://www.linuxsecurity.com/content/view/138527 

* Debian: New mt-daapd packages fix several vulnerabilities (Jun 12)
  ------------------------------------------------------------------
  Insufficient validation and bounds checking of the Authorization:
  HTTP header enables a heap buffer overflow, potentially enabling
  the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/138526 

--------------------------------------------------------------------------

* Gentoo: X.Org X server Multiple vulnerabilities (Jun 19)
  --------------------------------------------------------
  Multiple vulnerabilities have been discovered in the X.Org X server,
  possibly allowing for the remote execution of arbitrary code with root
  privileges.

http://www.linuxsecurity.com/content/view/138785 

--------------------------------------------------------------------------

* Mandriva: Updated x11-server packages fix several (Jun 16)
  ----------------------------------------------------------
  An input validation flaw was found in X.org's Security and Record
  extensions.  A malicious authorized client could exploit the issue to
  cause a denial of service (crash) or possibly execute arbitrary code
  with root privileges on the X.org server (CVE-2008-1377). An input
  validation flaw was found in X.org's MIT-SHM extension. A client
  connected to the X.org server could read arbitrary server memory,
  resulting in the disclosure of sensitive data of other users of the
  X.org server (CVE-2008-1379).

http://www.linuxsecurity.com/content/view/138696 

* Mandriva: Updated x11-server packages fix several (Jun 16)
  ----------------------------------------------------------
  An input validation flaw was found in X.org's Security and Record
  extensions.  A malicious authorized client could exploit the issue to
  cause a denial of service (crash) or possibly execute arbitrary code
  with root privileges on the X.org server (CVE-2008-1377). An input
  validation flaw was found in X.org's MIT-SHM extension. A client
  connected to the X.org server could read arbitrary server memory,
  resulting in the disclosure of sensitive data of other users of the
  X.org server (CVE-2008-1379).

http://www.linuxsecurity.com/content/view/138695 

* Mandriva: Updated util-linux-ng packages fix log injection (Jun 13)
  -------------------------------------------------------------------
  Argument injection vulnerability in login (login-utils/login.c) in
  util-linux-ng 2.14 and earlier makes it easier for remote attackers to
  hide activities by modifying portions of log events. The updated
  packages have been patched to fix the issue.

http://www.linuxsecurity.com/content/view/138624 

* Mandriva: Updated kernel packages fix security issue (Jun 13)
  -------------------------------------------------------------
  A vulnerability was discovered and corrected in the Linux 2.6 kernel:
  The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and
  2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules;
  and (b) the gxsnmp package; does not properly validate length values
  during decoding of ASN.1 BER data, which allows remote attackers to
  cause a denial of service (crash) or execute arbitrary code via (1) a
  length greater than the working buffer, which can lead to an
  unspecified overflow; (2) an oid length of zero, which can lead to an
  off-by-one error; or (3) an indefinite length for a primitive encoding.

http://www.linuxsecurity.com/content/view/138623 

* Mandriva: Updated kernel packages fix security issues (Jun 12)
  --------------------------------------------------------------
  The Datagram Congestion Control Protocol (DCCP) subsystem in the Linux
  kernel 2.6.18, and probably other versions, does not properly check
  feature lengths, which might allow remote attackers to execute
  arbitrary code, related to an unspecified overflow. (CVE-2008-2358)

http://www.linuxsecurity.com/content/view/138528 

--------------------------------------------------------------------------

* RedHat: Important: perl security update (Jun 17)
  ------------------------------------------------
  Updated perl packages that fix a security issue are now available for
  Red Hat Application Stack v1. This update has been rated as having
  important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/138736 

* RedHat: Important: openoffice.org security update (Jun 12)
  ----------------------------------------------------------
  Updated openoffice.org packages to correct a security issue are now
  available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux
  5. This update has been rated as having important security impact by
  the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/138618 

* RedHat: Important: openoffice.org security update (Jun 12)
  ----------------------------------------------------------
  It was discovered that certain libraries in the Red Hat Enterprise
  Linux 3 and 4 openoffice.org packages had an insecure relative RPATH
  (runtime library search path) set in the ELF (Executable and Linking
  Format) header. A local user able to convince another user to run
  OpenOffice in an attacker-controlled directory, could run arbitrary
  code with the privileges of the victim.

http://www.linuxsecurity.com/content/view/138619 

--------------------------------------------------------------------------

* Ubuntu:  openssl-blacklist update (Jun 18)
  ------------------------------------------
  A weakness has been discovered in the random number generator used  by
  OpenSSL on Debian and Ubuntu systems. As a result of this  weakness,
  certain encryption keys are much more common than they  should be, such
  that an attacker could guess the key through a  brute-force attack
  given minimal knowledge of the system. This  particularly affects the
  use of encryption keys in OpenSSH, OpenVPN  and SSL certificates.

http://www.linuxsecurity.com/content/view/138783 

* Ubuntu:  Samba vulnerabilities (Jun 17)
  ---------------------------------------
  Samba developers discovered that nmbd could be made to overrun a buffer
  during the processing of GETDC logon server requests. When samba is
  configured as a Primary or Backup Domain Controller, a remote attacker
  could send malicious logon requests and possibly cause a denial of
  service. (CVE-2007-4572) Alin Rad Pop of Secunia Research discovered
  that Samba did not properly perform bounds checking when parsing SMB
  replies. A remote attacker could send crafted SMB packets and execute
  arbitrary code. (CVE-2008-1105)

http://www.linuxsecurity.com/content/view/138738 

* Ubuntu:  X.org vulnerabilities (Jun 13)
  ---------------------------------------
  It was discovered that the MIT-SHM extension of X.org did not correctly
  validate the location of memory during an image copy.  An authenticated
  attacker could exploit this to read arbitrary memory locations within
  X, exposing sensitive information. (CVE-2008-1379)

http://www.linuxsecurity.com/content/view/138620 

* Ubuntu:  openssl-blacklist update (Jun 12)
  ------------------------------------------
  USN-612-3 addressed a weakness in OpenSSL certificate and key
  generation in OpenVPN by introducing openssl-blacklist to aid in
  detecting vulnerable private keys. This update enhances the
  openssl-vulnkey tool to check Certificate Signing Requests, accept
  input from STDIN, and check moduli without a certificate. It was also
  discovered that additional moduli are vulnerable if generated with
  OpenSSL 0.9.8g or higher. While it is believed that there are few of
  these vulnerable moduli in use, this update includes updated RSA-1024
  and RSA-2048 blacklists. RSA-512 blacklists are also included in the
  new openssl-blacklist-extra package.

http://www.linuxsecurity.com/content/view/138529 

* Ubuntu:  OpenVPN regression (Jun 12)
  ------------------------------------
  USN-612-3 addressed a weakness in OpenSSL certificate and key
  generation in OpenVPN by adding checks for vulnerable certificates and
  keys to OpenVPN. A regression was introduced in OpenVPN when using TLS
  with password protected certificates which caused OpenVPN to not start
  when used with applications such as NetworkManager.

http://www.linuxsecurity.com/content/view/138530 


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

To unsubscribe email vuln-newsletter-request@linuxsecurity.com 
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com 

Site design & layout copyright © 1986-2014 CodeGods