Find the information you need for your favorite open source distribution .
It was discovered that libpng did not properly perform bounds checking and comparisons in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng.
Jens Askengren discovered that gnome-screensaver became confused when running under Compiz, and could lose keyboard lock focus. A local attacker could exploit this to bypass the user's locked screen saver.
Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-5339,
USN-531-1 fixed vulnerabilities in dhcp. The fixes were incomplete, and only reduced the scope of the vulnerability, without fully solving it. This update fixes the problem. Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not correctly handle certain client options. A remote attacker could send malicious DHCP replies to the server and execute arbitrary code.
Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. (CVE-2007-5336, CVE-2007-5339, CVE-2007-5340)
USN-501-1 fixed vulnerabilities in Jasper. It was discovered that Jasper did not correctly handle corrupted JPEG2000 images. By tricking a user into opening a specially crafted JPG, a remote attacker could cause the application using libjasper to crash, resulting in a denial of service.
Ludwig Nussel discovered that mount and umount did not properly drop privileges when using helper programs. Local attackers may be able to bypass security restrictions and gain root privileges using programs such as mount.nfs or mount.cifs.
Nobuhiro Ban discovered that check_http in nagios-plugins did not properly sanitize its input when following redirection requests. A malicious remote web server could cause a denial of service or possibly execute arbitrary code as the user.
Nahuel Riva and Gerardo Richarte discovered that the DHCP server did not correctly handle certain client options. A remote attacker could send malicious DHCP replies to the server and execute arbitrary code.
It was discovered that the hpssd tool of hplip did not correctly handle shell meta-characters. A local attacker could exploit this to execute arbitrary commands as the hplip user.
It was discovered that Tk could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges.
Joris van Rantwijk discovered that the Xen host did not correctly validate the contents of a Xen guests's grug.conf file. Xen guest root users could exploit this to run arbitrary commands on the host when the guest system was rebooted.
Thomas de Grenier de Latour discovered that the checkrestart program included in debian-goodies did not correctly handle shell meta-characters. A local attacker could exploit this to gain the privileges of the user running checkrestart.
Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges.
An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with user privileges.
Multiple vulnerabilities were found in the image decoders of ImageMagick. If a user or automated system were tricked into processing a malicious DCM, DIB, XBM, XCF, or XWD image, a remote attacker could execute arbitrary code with user privileges.
It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes.
Luigi Auriemma discovered that libmodplug did not properly sanitize its input. A specially crafted AMF file could be used to exploit this situation to cause buffer overflows and possibly execute arbitrary code as the user.
Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials.
Evan Teran discovered that the Linux kernel ptrace routines did not correctly handle certain requests robustly. Local attackers could exploit this to crash the system, causing a denial of service. (CVE-2007-3731)
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
