AOH :: ISNQ6006.HTM
Linux Advisory Watch: March 6th, 2010
|
Linux Advisory Watch: March 6th, 2010
Linux Advisory Watch: March 6th, 2010
+----------------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| March 6th, 2010 Volume 11, Number 10 |
| |
| Editorial Team: Dave Wreski |
| Benjamin D. Thomas |
+----------------------------------------------------------------------+
Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
Introduction: Buffer Overflow Vulnerabilities
---------------------------------------------
Buffer overflows are a leading type of security vulnerability. This
paper explains what a buffer overflow is, how it can be exploited, and
what countermeasures can be taken to prevent the use of buffer overflow
vulnerabilities.
http://www.linuxsecurity.com/content/view/118881
FTP Attack Case Study Part II: the Lessons
------------------------------------------
This article presents part II of a case study related to a company
network server compromise. Lessons on designing and implementing
security are drawn from the case.
http://www.linuxsecurity.com/content/view/117696
--> Take advantage of the LinuxSecurity.com Quick Reference Card! <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <--
------------------------------------------------------------------------
* EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
------------------------------------------------------
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.22 (Version 3.0, Release 22). This release includes
many updated packages and bug fixes and some feature enhancements to
the EnGarde Secure Linux Installer and the SELinux policy.
http://www.linuxsecurity.com/content/view/145668
------------------------------------------------------------------------
* Debian: 2006-1: sudo: Multiple vulnerabilities (Mar 2)
------------------------------------------------------
Several vulnerabilities have been discovered in sudo, a program
designed to allow a sysadmin to give limited root privileges to users
database server. The Common Vulnerabilities and Exposures project
identifies the [More...]
http://www.linuxsecurity.com/content/view/151823
* Debian: 2004-1: linux-2.6.24: privilege escalation/denial of service (Feb 28)
-----------------------------------------------------------------------------
NOTE: This kernel update marks the final planned kernel security
update for the 2.6.24 kernel in the Debian release 'etch'. Although
security support for 'etch' officially ended on Feburary 15th, 2010,
this update was already in preparation before that date. [More...]
http://www.linuxsecurity.com/content/view/151794
* Debian: 2004-1: samba: Multiple vulnerabilities (Feb 28)
--------------------------------------------------------
Two local vulnerabilities have been discovered in samba, a SMB/CIFS
file, print, and login server for Unix. The Common Vulnerabilities
and Exposures project identifies the following problems: [More...]
http://www.linuxsecurity.com/content/view/151793
------------------------------------------------------------------------
* Gentoo: 201003-01: sudo: Privilege escalation (Mar 3)
-----------------------------------------------------
Two vulnerabilities in sudo might allow local users to
escalateprivileges and execute arbitrary code with root privileges.
http://www.linuxsecurity.com/content/view/151830
------------------------------------------------------------------------
* Mandriva: 2010:055: poppler (Mar 5)
-----------------------------------
An out-of-bounds reading flaw in the JBIG2 decoder allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
(CVE-2009-0799). Multiple input validation flaws in the JBIG2 decoder
allows [More...]
http://www.linuxsecurity.com/content/view/151843
* Mandriva: 2010:054: pam_krb5 (Mar 4)
------------------------------------
Pam_krb5 2.2.14 through 2.3.4 generates different password prompts
depending on whether the user account exists, which allows remote
attackers to enumerate valid usernames (CVE-2009-1384). This update
provides the version 2.3.5 of pam_krb5, which is not [More...]
http://www.linuxsecurity.com/content/view/151835
* Mandriva: 2010:053: apache (Mar 2)
----------------------------------
A vulnerabilitiy has been found and corrected in apache:
mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not
sent after request headers indicate a request body is incoming; this
is not a case of HTTP_INTERNAL_SERVER_ERROR (CVE-2010-0408).
[More...]
http://www.linuxsecurity.com/content/view/151822
* Mandriva: 2010:052: sudo (Mar 1)
--------------------------------
A vulnerabilitiy has been found and corrected in sudo: sudo 1.6.x
before 1.6.9p21, when the runas_default option is used, does not
properly set group memberships, which allows local users to gain
privileges via a sudo command (CVE-2010-0427). [More...]
http://www.linuxsecurity.com/content/view/151811
* Mandriva: 2010:051: mozilla-thunderbird (Mar 1)
-----------------------------------------------
A vulnerabilitiy has been found and corrected in mozilla-thunderbird:
Security researcher Alin Rad Pop of Secunia Research reported that
the HTML parser incorrectly freed used memory when insufficient space
was available to process remaining input. Under such circumstances,
[More...]
http://www.linuxsecurity.com/content/view/151799
* Mandriva: 2010:050: apache-mod_security (Feb 26)
------------------------------------------------
This release fixes several important issues to help prevent a
detection bypass and denial of service attacks against ModSecurity.
Quite a few small but notable bugs were fixed. The latest Core
Ruleset (2.0.5) is included. [More...]
http://www.linuxsecurity.com/content/view/151785
------------------------------------------------------------------------
* Red Hat: 2010:0130-01: java-1.5.0-ibm: Moderate Advisory (Mar 3)
----------------------------------------------------------------
Updated java-1.5.0-ibm packages that fix a security issue are now
available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having moderate security impact by the
Red [More...]
http://www.linuxsecurity.com/content/view/151832
* Red Hat: 2010:0129-01: cups: Moderate Advisory (Mar 3)
------------------------------------------------------
Updated cups packages that fix one security issue are now available
for Red Hat Enterprise Linux 5. This update has been rated as having
moderate security impact by the Red [More...]
http://www.linuxsecurity.com/content/view/151831
* Red Hat: 2010:0124-01: systemtap: Important Advisory (Mar 1)
------------------------------------------------------------
Updated systemtap packages that fix two security issues are now
available for Red Hat Enterprise Linux 5. This update has been rated
as having important security impact by the Red [More...]
http://www.linuxsecurity.com/content/view/151809
* Red Hat: 2010:0125-01: systemtap: Moderate Advisory (Mar 1)
-----------------------------------------------------------
Updated systemtap packages that fix a security issue are now
available for Red Hat Enterprise Linux 4. This update has been rated
as having moderate security impact by the Red [More...]
http://www.linuxsecurity.com/content/view/151810
* Red Hat: 2010:0126-01: kvm: Important Advisory (Mar 1)
------------------------------------------------------
Updated kvm packages that fix two security issues and two bugs are
now available for Red Hat Enterprise Linux 5. This update has been
rated as having important security impact by the Red [More...]
http://www.linuxsecurity.com/content/view/151808
* Red Hat: sudo (Feb 26)
----------------------
An updated sudo package that fixes two security issues is now
available for Red Hat Enterprise Linux 5. This update has been rated
as having important security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/151784
------------------------------------------------------------------------
* Slackware: 2010-060-01: seamonkey: Security Update (Mar 2)
----------------------------------------------------------
New seamonkey packages are available for Slackware 12.2, 13.0, and
-current to fix security issues. For more information, see: [More
Info...]
http://www.linuxsecurity.com/content/view/151816
* Slackware: openssl (Mar 1)
----------------------------
New openssl packages are available for Slackware 11.0, 12.0, 12.1,
12.2, 13.0, and -current to fix security issues. More details about
this issue may be found in the Common Vulnerabilities and Exposures
(CVE) database:
http://www.linuxsecurity.com/content/view/151813
* Slackware: gzip (Mar 1)
-------------------------
New gzip packages are available for Slackware 13.0 (64-bit) and
-current to fix a security issue. More details about this issue may
be found in the Common Vulnerabilities and Exposures (CVE) database:
http://www.linuxsecurity.com/content/view/151814
------------------------------------------------------------------------
* SuSE: 2010-015: Mozilla Firefox (Mar 4)
---------------------------------------
Mozilla Firefox was upgraded to version 3.5.8, fixing various bugs
and security issues. On openSUSE 11.0 and 11.1 Mozilla Firefox was
updated to version 3.0.18. On openSUSE 11.2 Mozilla Seamonkey was
updated to version 2.0.2. Following security issues have been fixed:
MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed
several stability bugs in the browser [More...]
http://www.linuxsecurity.com/content/view/151834
* SuSE: 2010-014: Linux kernel (Mar 3)
------------------------------------
The SUSE Linux Enterprise 11 and openSUSE 11.1 Kernel were updated to
2.6.27.45 fixing various bugs and security issues. CVE-2010-0622: The
wake_futex_pi function in kernel/futex.c in the Linux kernel before
2.6.33-rc7 does not properly handle certain unlock operations for a
Priority Inheritance (PI) futex, which allows local [More...]
http://www.linuxsecurity.com/content/view/151824
------------------------------------------------------------------------
* Ubuntu: 906-1: CUPS vulnerabilities (Mar 3)
-------------------------------------------
It was discovered that the CUPS scheduler did not properly handle
certainnetwork operations. A remote attacker could exploit this flaw
and cause theCUPS server to crash, resulting in a denial of service.
This issue onlyaffected Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10.
(CVE-2009-3553,CVE-2010-0302) [More...]
http://www.linuxsecurity.com/content/view/151833
* Ubuntu: 905-1: sudo vulnerabilities (Feb 26)
--------------------------------------------
It was discovered that sudo did not properly validate the path for
the'sudoedit' pseudo-command. A local attacker could exploit this to
executearbitrary code as root if sudo was configured to allow the
attacker to usesudoedit. The sudoedit pseudo-command is not used in
the defaultinstallation of Ubuntu. (CVE-2010-0426) [More...]
http://www.linuxsecurity.com/content/view/151789
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!
http://conference.hitb.org/hitbsecconf2010dxb/
Site design & layout copyright © 1986- CodeGods