AOH :: ISNQ6900.HTM

Linux Advisory Watch: August 27th, 2010




Linux Advisory Watch: August 27th, 2010
Linux Advisory Watch: August 27th, 2010



+----------------------------------------------------------------------+
| LinuxSecurity.com                               Linux Advisory Watch |
| August 27th, 2010                               Volume 11, Number 35 |
|                                                                      |
| Editorial Team: Dave Wreski  | 
| Benjamin D. Thomas  | 
+----------------------------------------------------------------------+

Thank you for reading the Linux Advisory Watch Security Newsletter. The 
purpose of this document is to provide our readers with a quick summary of 
each week's vendor security bulletins and pointers on methods to improve 
the security posture of your open source system.

Vulnerabilities affect nearly every vendor virtually every week, so be 
sure to read through to find the updates your distributor have made 
available.

Review: Zabbix 1.8 Network Monitoring
-------------------------------------
If you have anything more than a small home network, you need to be
monitoring the status of your systems to ensure they are providing the
services they were designed to provide. Rihards Olups has created a
comprehensive reference and usability guide for the latest version of
Zabbix that anyone being tasked with implementing should have by their
side.

http://www.linuxsecurity.com/content/view/152990 


Meet the Anti-Nmap: PSAD
------------------------
Having a great defense involves proper detection and recognition of an
attack. In our security world we have great IDS tools to properly
recognize when we are being attacked as well as firewalls to prevent
such attacks from happening. However, certain attacks are not blindly
thrown at you - a good attacker knows that a certain amount of
reconnaissance and knowledge about your defenses greatly increases the
chances of a successful attack.  How would you know if someone is
scanning your defenses?  Is there any way to properly respond to such
scans? You bet there is...

http://www.linuxsecurity.com/content/view/134248 

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- 

------------------------------------------------------------------------

* EnGarde Secure Community 3.0.22 Now Available!
   ----------------------------------------------
   Guardian Digital is happy to announce the release of EnGarde Secure
   Community 3.0.22 (Version 3.0, Release 22).  This release includes
   many updated packages and bug fixes and some feature enhancements to
   the EnGarde Secure Linux Installer and the SELinux policy.

http://www.linuxsecurity.com/content/view/145668 

------------------------------------------------------------------------

* Debian: 2096-1: zope-ldapuserfolder: missing input validation (Aug 24)
   ----------------------------------------------------------------------
   Jeremy James discovered that in zope-ldapuserfolder, a Zope extension
   used to authenticate against an LDAP server, the authentication code
   does not verify the password provided for the emergency user.
   Malicious users that manage to get the emergency user login can use
   this flaw to [More...]

http://www.linuxsecurity.com/content/view/153111 

* Debian: 2095-1: lvm2: insecure communication prot (Aug 23)
   ----------------------------------------------------------
   Alasdair Kergon discovered that the cluster logical volume manager
   daemon (clvmd) in lvm2, The Linux Logical Volume Manager, does not
   verify client credentials upon a socket connection, which allows
   local users to cause a [More...]

http://www.linuxsecurity.com/content/view/153093 

* Debian: 2094-1: linux-2.6: privilege escalation/denial (Aug 19)
   ---------------------------------------------------------------
   CVE-2009-4895 Kyle Bader reported an issue in the tty subsystem that
   allows local users to create a denial of service (NULL pointer
   dereference). [More...]

http://www.linuxsecurity.com/content/view/153078 

* Debian: 2093-1: ghostscript: Multiple vulnerabilities (Aug 19)
   --------------------------------------------------------------
   Two security issues have been discovered in Ghostscript, the GPL
   PostScript/PDF interpreter. The Common Vulnerabilities and Exposures
   project identifies the following problems: [More...]

http://www.linuxsecurity.com/content/view/153069 

------------------------------------------------------------------------

* Mandriva: 2010:162: kdegraphics4 (Aug 26)
   -----------------------------------------
   A vulnerability has been found and corrected in okular (kdegraphics):
   A specially crafted PDF or PS file could cause okular to crash or
   execute arbitrary code (CVE-2010-2575). [More...]

http://www.linuxsecurity.com/content/view/153131 

* Mandriva: 2010:161: vte (Aug 24)
   --------------------------------
   A vulnerability has been found and corrected in vte: The
   vte_sequence_handler_window_manipulation function in vteseq.c in
   libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in
   gnome-terminal, does not properly handle escape sequences, which
   [More...]

http://www.linuxsecurity.com/content/view/153112 

* Mandriva: 2010:160: cacti (Aug 24)
   ----------------------------------
   Multiple vulnerabilities has been found and corrected in cacti:
   Multiple cross-site scripting (XSS) vulnerabilities in Cacti before
   0.8.7f, allow remote attackers to inject arbitrary web script or HTML
   via the (1) hostname or (2) description parameter to host.php,
   [More...]

http://www.linuxsecurity.com/content/view/153108 

* Mandriva: 2010:159: gv (Aug 23)
   -------------------------------
   A vulnerability has been found and corrected in gv: GNU gv before
   3.7.0 allows local users to overwrite arbitrary files via a symlink
   attack on a temporary file (CVE-2010-2056). [More...]

http://www.linuxsecurity.com/content/view/153101 

* Mandriva: 2010:158: squirrelmail (Aug 23)
   -----------------------------------------
   A vulnerability has been found and corrected in squirrelmail:
   functions/imap_general.php in SquirrelMail before 1.4.21 does not
   properly handle 8-bit characters in passwords, which allows remote
   attackers to cause a denial of service (disk consumption) by making
   [More...]

http://www.linuxsecurity.com/content/view/153094 

* Mandriva: 2010:157: freetype2 (Aug 22)
   --------------------------------------
   Multiple vulnerabilities has been found and corrected in freetype2:
   The FT_Stream_EnterFrame function in base/ftstream.c in FreeType
   before 2.4.2 does not properly validate certain position values,
   which allows remote attackers to cause a denial of service
   (application [More...]

http://www.linuxsecurity.com/content/view/153089 

* Mandriva: 2010:156: freetype2 (Aug 22)
   --------------------------------------
   Multiple vulnerabilities has been found and corrected in freetype2:
   The FT_Stream_EnterFrame function in base/ftstream.c in FreeType
   before 2.4.2 does not properly validate certain position values,
   which allows remote attackers to cause a denial of service
   (application [More...]

http://www.linuxsecurity.com/content/view/153088 

* Mandriva: 2010:155: mysql (Aug 20)
   ----------------------------------
   Multiple vulnerabilities has been found and corrected in mysql: MySQL
   before 5.1.48 allows remote authenticated users with alter database
   privileges to cause a denial of service (server crash and database
   loss) via an ALTER DATABASE command with a #mysql50# [More...]

http://www.linuxsecurity.com/content/view/153085 

------------------------------------------------------------------------

* Red Hat: 2010:0657-02: gdm: Low Advisory (Aug 26)
   -------------------------------------------------
   An updated gdm package that fixes one security issue and one bug is
   now available for Red Hat Enterprise Linux 4. The Red Hat Security
   Response Team has rated this update as having low [More...]

http://www.linuxsecurity.com/content/view/153130 

* Red Hat: 2010:0653-01: ImageMagick: Moderate Advisory (Aug 25)
   --------------------------------------------------------------
   Updated ImageMagick packages that fix one security issue are now
   available for Red Hat Enterprise Linux 4. The Red Hat Security
   Response Team has rated this update as having moderate [More...]

http://www.linuxsecurity.com/content/view/153116 

* Red Hat: 2010:0651-01: spice-xpi: Moderate Advisory (Aug 25)
   ------------------------------------------------------------
   An updated spice-xpi package that fixes two security issues and three
   bugs is now available for Red Hat Enterprise Linux 5. The Red Hat
   Security Response Team has rated this update as having moderate
   [More...]

http://www.linuxsecurity.com/content/view/153115 

* Red Hat: 2010:0652-01: ImageMagick: Moderate Advisory (Aug 25)
   --------------------------------------------------------------
   Updated ImageMagick packages that fix one security issue and one bug
   are now available for Red Hat Enterprise Linux 5. The Red Hat
   Security Response Team has rated this update as having moderate
   [More...]

http://www.linuxsecurity.com/content/view/153114 

* Red Hat: 2010:0632-03: qspice-client: Moderate Advisory (Aug 25)
   ----------------------------------------------------------------
   An updated qspice-client package that fixes one security issue is now
   available for Red Hat Enterprise Linux 5. The Red Hat Security
   Response Team has rated this update as having moderate [More...]

http://www.linuxsecurity.com/content/view/153113 

* Red Hat: 2010:0643-01: openoffice.org: Important Advisory (Aug 23)
   ------------------------------------------------------------------
   Updated openoffice.org packages that fix two security issues are now
   available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security
   Response Team has rated this update as having [More...]

http://www.linuxsecurity.com/content/view/153100 

* Red Hat: 2010:0636-02: acroread: Critical Advisory (Aug 20)
   -----------------------------------------------------------
   Updated acroread packages that fix multiple security issues are now
   available for Red Hat Enterprise Linux 4 Extras and Red Hat
   Enterprise Linux 5 Supplementary. [More...]

http://www.linuxsecurity.com/content/view/153079 

* Red Hat: 2010:0627-01: kvm: Important Advisory (Aug 19)
   -------------------------------------------------------
   Updated kvm packages that fix three security issues and multiple bugs
   are now available for Red Hat Enterprise Linux 5. The Red Hat
   Security Response Team has rated this update as having [More...]

http://www.linuxsecurity.com/content/view/153076 

* Red Hat: 2010:0633-01: qspice: Important Advisory (Aug 19)
   ----------------------------------------------------------
   Updated qspice packages that fix two security issues are now
   available for Red Hat Enterprise Linux 5. The Red Hat Security
   Response Team has rated this update as having [More...]

http://www.linuxsecurity.com/content/view/153077 

------------------------------------------------------------------------

* SuSE: Weekly Summary 2010:016 (Aug 26)
   --------------------------------------
   To avoid flooding mailing lists with SUSE Security Announcements for
   minor issues, SUSE Security releases weekly summary reports for the
   low profile vulnerability fixes. The SUSE Security Summary Reports do
   not list or download URLs like the SUSE Security Announcements that
   are released for more severe vulnerabilities.  List of
   vulnerabilities in this summary include:
   yast2-webclient-patch_updates, perl, openldap2, opera,
   freetype2/libfreetype6, java-1_6_0-openjdk.

http://www.linuxsecurity.com/content/view/153124 

------------------------------------------------------------------------

* Ubuntu: 979-1: okular vulnerability (Aug 26)
   --------------------------------------------
   Stefan Cornelius of Secunia Research discovered a boundary error
   duringRLE decompression in the "TranscribePalmImageToJPEG()" function
   ingenerators/plucker/inplug/image.cpp of okular when processing
   imagesembedded in PDB files, which can be exploited to cause a
   heap-basedbuffer overflow. (CVE-2010-2575) [More...]

http://www.linuxsecurity.com/content/view/153132 

* Ubuntu: 977-1: MoinMoin vulnerabilities (Aug 25)
   ------------------------------------------------
   It was discovered that MoinMoin did not properly sanitize its
   input,resulting in cross-site scripting (XSS) vulnerabilities. With
   cross-sitescripting vulnerabilities, if a user were tricked into
   viewing serveroutput during a crafted server request, a remote
   attacker could exploitthis to modify the contents, or steal
   confidential data, within the same [More...]

http://www.linuxsecurity.com/content/view/153122 

* Ubuntu: 976-1: Tomcat vulnerability (Aug 25)
   --------------------------------------------
   It was discovered that Tomcat incorrectly handled invalid
   Transfer-Encodingheaders. A remote attacker could send specially
   crafted requests containinginvalid headers to the server and cause a
   denial of service, or possiblyobtain sensitive information from other
   requests. [More...]

http://www.linuxsecurity.com/content/view/153123 

* Ubuntu: 974-1: Linux kernel vulnerabilities (Aug 19)
   ----------------------------------------------------
   Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the
   memorymanager did not properly handle when applications grow stacks
   into adjacentmemory regions. A local attacker could exploit this to
   gain control ofcertain applications, potentially leading to privilege
   escalation, asdemonstrated in attacks against the X server.
   (CVE-2010-2240) [More...]

http://www.linuxsecurity.com/content/view/153075 

------------------------------------------------------------------------

* Pardus: 2010-117: MySQL: Denial of Service (Aug 24)
   ---------------------------------------------------
   A security issue has been fixed in MySQL, which can be exploited by
   malicious users to cause a DoS (Denial of Service).

http://www.linuxsecurity.com/content/view/153103 

* Pardus: 2010-118: Apache: Denial of Service (Aug 24)
   ----------------------------------------------------
   A vulnerability has been fixed in Apache, which can be exploited by
   malicious people to cause DoS.

http://www.linuxsecurity.com/content/view/153104 


------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

To unsubscribe email vuln-newsletter-request@linuxsecurity.com 
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


_______________________________________________________      
Subscribe to InfoSec News - www.infosecnews.org 
http://www.infosecnews.org/mailman/listinfo/isn 

Site design & layout copyright © 1986-2014 CodeGods