+------------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| February 8th, 2008 Volume 9, Number 6 |
| |
| Editorial Team: Dave Wreski <dwreski@private> |
| Benjamin D. Thomas <bthomas@private> |
+------------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week, advisories were released for squid, poppler, gnatsweb, tk,
dovecot, rb_libtorrent, libcdio, emacs, ruby, boost, pcre, apache,
kernel, and pulseaudio. The distributors include Debian, Fedora,
Mandriva, Ubuntu.
---
15-Month NSA Certified Masters in Info Assurance
Now you can earn your Master of Science in Information Assurance (MSIA) in
15 months. Norwich University has recently launched a 30-credit, 15-month
program, alongside the standard 36-credit, 18-month program. To find out
if you are eligible for the 15-month MSIA program, please visit:
http://www.msia.norwich.edu/linsec
---
>> Linux+DVD Magazine <<
Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.
In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.
http://www.linuxsecurity.com/ads/adclick.php?bannerid=26
---
OS Tool of February: Nmap!
--------------------------
This February, the team at Linuxsecurity.com has chosen NMAP as the OS
Security Tool of the Month!
In January, we chose GnuPG in part because it had just celebrated its
10th anniversary. Well, it wasn't alone. As of this past December Nmap
("Network Mapper"), the free and open source utility for network
exploration and auditing, celebrated its 10th Anniversary as well! And
because of its popularity, chances are very good that you've already used
NMAP for quite some time. Even if you have, it's always good to take a
look at how it all got started and what it's all about...
http://www.linuxsecurity.com/content/view/133931
---
HowTo: Secure your Ubuntu Apache Web Server
-------------------------------------------
Setting up a web server with Apache on a Linux distribution is a very
quick process, however to make it a secure setup takes some work. This
article will show you how to make your Apache web server more secure from
an attack by effectively using Access control and authentication
strategies.
http://www.linuxsecurity.com/content/view/133913
--> Take advantage of the LinuxSecurity.com Quick Reference Card! <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <--
--------------------------------------------------------------------------
* EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
-------------------------------------------------------
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.18 (Version 3.0, Release 18). This release includes the
brand new Health Center, new packages for FWKNP and PSAD, updated
packages and bug fixes, some feature enhancements to Guardian Digital
WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the
very first security platforms developed entirely from open source, and
has been engineered from the ground-up to provide users and
organizations with complete, secure Web functionality, DNS, database
and e-mail security, integrated intrusion detection and SELinux
policies and more.
http://www.linuxsecurity.com/content/view/131851
--------------------------------------------------------------------------
* Debian: New squid packages fix denial of service (Feb 5)
--------------------------------------------------------
It was discovered that malformed cache update replies against the Squid
WWW proxy cache could lead to the exhaustion of system memory,
resulting in potential denial of service.
http://www.linuxsecurity.com/content/view/134027
* Debian: New poppler packages fix several vulnerabilities (Feb 5)
----------------------------------------------------------------
Alin Rad Pop discovered several buffer overflows in the Poppler PDF
library, which could allow the execution of arbitrary code if a
malformed PDF file is opened.
http://www.linuxsecurity.com/content/view/134023
* Debian: New gnatsweb packages fix cross-site scripting (Feb 5)
--------------------------------------------------------------
"r0t" discovered that gnatsweb, a web interface to GNU GNATS, did not
correctly sanitize the database parameter in the main CGI script. This
could allow the injection of arbitrary HTML, or javascript code.
http://www.linuxsecurity.com/content/view/134022
--------------------------------------------------------------------------
* Fedora 7 Update: tk-8.4.13-7.fc7 (Feb 7)
----------------------------------------
Fixed security issue - buffer overflow in gif parsing.
http://www.linuxsecurity.com/content/view/134096
* Fedora 8 Update: dovecot 1.0.10-4.fc8 (Feb 7)
---------------------------------------------
New upstream release, fixing a very minor security issue.
http://www.linuxsecurity.com/content/view/134058
* Fedora 8 Update: rb_libtorrent-0.12-3.fc8 (Feb 1)
-------------------------------------------------
A potential remote exploit was found in the bdecode_recursive routine
that could trigger a stack overflow when passed malformed message
data. This release adds a fix for this issue from the upstream
subversion repository that limits the maximum recursive depth of this
function.
http://www.linuxsecurity.com/content/view/133934
--------------------------------------------------------------------------
* Mandriva: Updated libcdio packages fix DoS vulnerability (Feb 5)
----------------------------------------------------------------
Multiple vulnerabilities were discovered in the image decoders of
ImageMagick. If a user or automated system were tricked into
processing malicious DCM, DIB, XBM, XCF, or XWD images, a remote
attacker could execute arbitrary code with user privileges. The updated
packages have been patched to correct these issues.
http://www.linuxsecurity.com/content/view/134025
* Mandriva: Updated emacs packages fix vulnerabilities (Feb 5)
------------------------------------------------------------
The hack-local-variable function in Emacs 22 prior to version 22.2,
when enable-local-variables is set to ':safe', did not properly search
lists of unsafe or risky variables, which could allow user-assisted
attackers to bypass intended restrictions and modify critical program
variables via a file containing a Local variables declaration.
http://www.linuxsecurity.com/content/view/134018
* Mandriva: Updated ruby-gnome2 packages fix arbitrary code (Feb 1)
-----------------------------------------------------------------
A format string vulnerability in Ruby-GNOME 2 0.16.0, and SVN versions
before 20071127, allows context-dependent attackers to execute
arbitrary code via format string specifiers in the message parameter.
The updated packages have been patched to prevent this issue.
http://www.linuxsecurity.com/content/view/133962
* Mandriva: Updated boost packages fix DoS vulnerabilities (Feb 1)
----------------------------------------------------------------
Tavis Ormandy and Will Drewry found that the bost library did not
properly perform input validation on regular expressions. An attacker
could exploit this by sening a specially crafted regular expression to
an application linked against boost and cause a denial of service via
an application crash. The updated packages have been patched to correct
this issue.
http://www.linuxsecurity.com/content/view/133932
* Mandriva: Subject: [Security Announce] [ MDVSA-2008:031 ] - (Feb 1)
-------------------------------------------------------------------
A vulnerability was found in xdg-open and xdg-email commands, which
allows remote attackers to execute arbitrary commands if the user is
tricked into trying to open a maliciously crafted URL. The updated
packages have been patched to prevent the issue.
http://www.linuxsecurity.com/content/view/133928
* Mandriva: Updated pcre packages fix vulnerability (Jan 31)
----------------------------------------------------------
Multiple vulnerabilities were discovered by Tavis Ormandy and Will
Drewry in the way that pcre handled certain malformed regular
expressions. If an application linked against pcre, such as Konqueror,
parses a malicious regular expression, it could lead to the execution
of arbitrary code as the user running the application. Updated packages
have been patched to prevent this issue.
http://www.linuxsecurity.com/content/view/133927
* Mandriva: Updated ruby packages fix possible (Jan 31)
-----------------------------------------------------
Ruby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet,
Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a
possible man-in-the-middle attack, when using SSL, due to a missing
check of the CN (common name) attribute in SSL certificates against the
server's hostname. The updated packages have been patched to prevent
the issue.
http://www.linuxsecurity.com/content/view/133923
--------------------------------------------------------------------------
* Ubuntu: Apache vulnerabilities (Feb 4)
---------------------------------------
It was discovered that Apache did not sanitize the Expect header from
an HTTP request when it is reflected back in an error message, which
could result in browsers becoming vulnerable to cross-site scripting
attacks when processing the output. With cross-site scripting
vulnerabilities, if a user were tricked into viewing server output
during a crafted server request, a remote attacker could exploit this
to modify the contents, or steal confidential data (such as passwords),
within the same domain. This was only vulnerable in Ubuntu 6.06.
(CVE-2006-3918)
http://www.linuxsecurity.com/content/view/134017
* Ubuntu: Linux kernel vulnerabilities (Feb 4)
---------------------------------------------
The minix filesystem did not properly validate certain filesystem
values. If a local attacker could trick the system into attempting to
mount a corrupted minix filesystem, the kernel could be made to hang
for long periods of time, resulting in a denial of service. This was
only vulnerable in Ubuntu 7.04 and 7.10. (CVE-2006-6058)
http://www.linuxsecurity.com/content/view/134016
* Ubuntu: PulseAudio vulnerability (Jan 31)
------------------------------------------
It was discovered that PulseAudio did not properly drop privileges when
running as a daemon. Local users may be able to exploit this and gain
privileges. The default Ubuntu configuration is not affected.
http://www.linuxsecurity.com/content/view/133926
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@private
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
___________________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
Comments