AOH :: ISNQ6006.HTM

Linux Advisory Watch: March 6th, 2010




Linux Advisory Watch: March 6th, 2010
Linux Advisory Watch: March 6th, 2010



+----------------------------------------------------------------------+
| LinuxSecurity.com                               Linux Advisory Watch |
| March 6th, 2010                                 Volume 11, Number 10 |
|                                                                      |
| Editorial Team: Dave Wreski  | 
| Benjamin D. Thomas  | 
+----------------------------------------------------------------------+

Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.

Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.

Introduction: Buffer Overflow Vulnerabilities
---------------------------------------------
Buffer overflows are a leading type of security vulnerability. This
paper explains what a buffer overflow is, how it can be exploited, and
what countermeasures can be taken to prevent the use of buffer overflow
vulnerabilities.

http://www.linuxsecurity.com/content/view/118881 


FTP Attack Case Study Part II: the Lessons
------------------------------------------
This article presents part II of a case study related to a company
network server compromise. Lessons on designing and implementing
security are drawn from the case.

http://www.linuxsecurity.com/content/view/117696 

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- 

------------------------------------------------------------------------

* EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
  ------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.22 (Version 3.0, Release 22).  This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.

http://www.linuxsecurity.com/content/view/145668 

------------------------------------------------------------------------

* Debian: 2006-1: sudo: Multiple vulnerabilities (Mar 2)
  ------------------------------------------------------
  Several vulnerabilities have been discovered in sudo, a program
  designed to allow a sysadmin to give limited root privileges to users
  database server. The Common Vulnerabilities and Exposures project
  identifies the [More...]

http://www.linuxsecurity.com/content/view/151823 

* Debian: 2004-1: linux-2.6.24: privilege escalation/denial of service (Feb 28)
  -----------------------------------------------------------------------------
  NOTE: This kernel update marks the final planned kernel security
  update for the 2.6.24 kernel in the Debian release 'etch'. Although
  security support for 'etch' officially ended on Feburary 15th, 2010,
  this update was already in preparation before that date. [More...]

http://www.linuxsecurity.com/content/view/151794 

* Debian: 2004-1: samba: Multiple vulnerabilities (Feb 28)
  --------------------------------------------------------
  Two local vulnerabilities have been discovered in samba, a SMB/CIFS
  file, print, and login server for Unix. The Common Vulnerabilities
  and Exposures project identifies the following problems: [More...]

http://www.linuxsecurity.com/content/view/151793 

------------------------------------------------------------------------

* Gentoo: 201003-01: sudo: Privilege escalation (Mar 3)
  -----------------------------------------------------
  Two vulnerabilities in sudo might allow local users to
  escalateprivileges and execute arbitrary code with root privileges.

http://www.linuxsecurity.com/content/view/151830 

------------------------------------------------------------------------

* Mandriva: 2010:055: poppler (Mar 5)
  -----------------------------------
  An out-of-bounds reading flaw in the JBIG2 decoder allows remote
  attackers to cause a denial of service (crash) via a crafted PDF file
  (CVE-2009-0799). Multiple input validation flaws in the JBIG2 decoder
  allows [More...]

http://www.linuxsecurity.com/content/view/151843 

* Mandriva: 2010:054: pam_krb5 (Mar 4)
  ------------------------------------
  Pam_krb5 2.2.14 through 2.3.4 generates different password prompts
  depending on whether the user account exists, which allows remote
  attackers to enumerate valid usernames (CVE-2009-1384). This update
  provides the version 2.3.5 of pam_krb5, which is not [More...]

http://www.linuxsecurity.com/content/view/151835 

* Mandriva: 2010:053: apache (Mar 2)
  ----------------------------------
  A vulnerabilitiy has been found and corrected in apache:
  mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not
  sent after request headers indicate a request body is incoming; this
  is not a case of HTTP_INTERNAL_SERVER_ERROR (CVE-2010-0408).
  [More...]

http://www.linuxsecurity.com/content/view/151822 

* Mandriva: 2010:052: sudo (Mar 1)
  --------------------------------
  A vulnerabilitiy has been found and corrected in sudo: sudo 1.6.x
  before 1.6.9p21, when the runas_default option is used, does not
  properly set group memberships, which allows local users to gain
  privileges via a sudo command (CVE-2010-0427). [More...]

http://www.linuxsecurity.com/content/view/151811 

* Mandriva: 2010:051: mozilla-thunderbird (Mar 1)
  -----------------------------------------------
  A vulnerabilitiy has been found and corrected in mozilla-thunderbird:
  Security researcher Alin Rad Pop of Secunia Research reported that
  the HTML parser incorrectly freed used memory when insufficient space
  was available to process remaining input. Under such circumstances,
  [More...]

http://www.linuxsecurity.com/content/view/151799 

* Mandriva: 2010:050: apache-mod_security (Feb 26)
  ------------------------------------------------
  This release fixes several important issues to help prevent a
  detection bypass and denial of service attacks against ModSecurity.
  Quite a few small but notable bugs were fixed. The latest Core
  Ruleset (2.0.5) is included. [More...]

http://www.linuxsecurity.com/content/view/151785 

------------------------------------------------------------------------

* Red Hat: 2010:0130-01: java-1.5.0-ibm: Moderate Advisory (Mar 3)
  ----------------------------------------------------------------
  Updated java-1.5.0-ibm packages that fix a security issue are now
  available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
  This update has been rated as having moderate security impact by the
  Red [More...]

http://www.linuxsecurity.com/content/view/151832 

* Red Hat: 2010:0129-01: cups: Moderate Advisory (Mar 3)
  ------------------------------------------------------
  Updated cups packages that fix one security issue are now available
  for Red Hat Enterprise Linux 5. This update has been rated as having
  moderate security impact by the Red [More...]

http://www.linuxsecurity.com/content/view/151831 

* Red Hat: 2010:0124-01: systemtap: Important Advisory (Mar 1)
  ------------------------------------------------------------
  Updated systemtap packages that fix two security issues are now
  available for Red Hat Enterprise Linux 5. This update has been rated
  as having important security impact by the Red [More...]

http://www.linuxsecurity.com/content/view/151809 

* Red Hat: 2010:0125-01: systemtap: Moderate Advisory (Mar 1)
  -----------------------------------------------------------
  Updated systemtap packages that fix a security issue are now
  available for Red Hat Enterprise Linux 4. This update has been rated
  as having moderate security impact by the Red [More...]

http://www.linuxsecurity.com/content/view/151810 

* Red Hat: 2010:0126-01: kvm: Important Advisory (Mar 1)
  ------------------------------------------------------
  Updated kvm packages that fix two security issues and two bugs are
  now available for Red Hat Enterprise Linux 5. This update has been
  rated as having important security impact by the Red [More...]

http://www.linuxsecurity.com/content/view/151808 

* Red Hat: sudo (Feb 26)
  ----------------------
  An updated sudo package that fixes two security issues is now
  available for Red Hat Enterprise Linux 5. This update has been rated
  as having important security impact by the Red Hat Security Response
  Team.

http://www.linuxsecurity.com/content/view/151784 

------------------------------------------------------------------------

* Slackware: 2010-060-01: seamonkey: Security Update (Mar 2)
  ----------------------------------------------------------
  New seamonkey packages are available for Slackware 12.2, 13.0, and
  -current to fix security issues. For more information, see:  [More
  Info...]

http://www.linuxsecurity.com/content/view/151816 

* Slackware:   openssl (Mar 1)
  ----------------------------
  New openssl packages are available for Slackware 11.0, 12.0, 12.1,
  12.2, 13.0, and -current to fix security issues. More details about
  this issue may be found in the Common Vulnerabilities and Exposures
  (CVE) database:

http://www.linuxsecurity.com/content/view/151813 

* Slackware:   gzip (Mar 1)
  -------------------------
  New gzip packages are available for Slackware 13.0 (64-bit) and
  -current to fix a security issue. More details about this issue may
  be found in the Common Vulnerabilities and Exposures (CVE) database:

http://www.linuxsecurity.com/content/view/151814 

------------------------------------------------------------------------

* SuSE: 2010-015: Mozilla Firefox (Mar 4)
  ---------------------------------------
  Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs
  and security issues. On openSUSE 11.0 and 11.1 Mozilla Firefox was
  updated to version 3.0.18. On openSUSE 11.2 Mozilla Seamonkey was
  updated to version 2.0.2. Following security issues have been fixed:
  MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed
  several stability bugs in the browser  [More...]

http://www.linuxsecurity.com/content/view/151834 

* SuSE: 2010-014: Linux kernel (Mar 3)
  ------------------------------------
  The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel were updated to
  2.6.27.45 fixing various bugs and security issues. CVE-2010-0622: The
  wake_futex_pi function in kernel/futex.c in the Linux kernel before
  2.6.33-rc7 does not properly handle certain unlock operations for a
  Priority Inheritance (PI) futex, which allows local  [More...]

http://www.linuxsecurity.com/content/view/151824 

------------------------------------------------------------------------

* Ubuntu: 906-1: CUPS vulnerabilities (Mar 3)
  -------------------------------------------
  It was discovered that the CUPS scheduler did not properly handle
  certainnetwork operations. A remote attacker could exploit this flaw
  and cause theCUPS server to crash, resulting in a denial of service.
  This issue onlyaffected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10.
  (CVE-2009-3553,CVE-2010-0302) [More...]

http://www.linuxsecurity.com/content/view/151833 

* Ubuntu: 905-1: sudo vulnerabilities (Feb 26)
  --------------------------------------------
  It was discovered that sudo did not properly validate the path for
  the'sudoedit' pseudo-command. A local attacker could exploit this to
  executearbitrary code as root if sudo was configured to allow the
  attacker to usesudoedit. The sudoedit pseudo-command is not used in
  the defaultinstallation of Ubuntu. (CVE-2010-0426) [More...]

http://www.linuxsecurity.com/content/view/151789 

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

To unsubscribe email vuln-newsletter-request@linuxsecurity.com 
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
http://conference.hitb.org/hitbsecconf2010dxb/ 



Site design & layout copyright © 1986-2014 CodeGods