Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
203
security advisorysecurity fixman-in-the-middleMageia: 2021-0281 Moderate: Bluez Man-In-The-Middle Attack Fix
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing . MGASA-2021-0281 - Updated bluez packages fix security vulnerability Publication date: 23 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0281.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2020-26558, CVE-2021-3588 Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time (CVE-2020-26558). The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading (CVE-2021-3588). References: - https://bugs.mageia.org/show_bug.cgi?id=29140 - https://ubuntu.com/security/notices/USN-4989-1 - https://www.cve.org/CVERecord?id=CVE-2020-26558 - https://www.cve.org/CVERecord?id=CVE-2021-3588 SRPMS: - 7/core/bluez-5.54-1.2.mga7 - 8/core/bluez-5.55-3.1.mga8 . Revised Debian bluez updates tackle a security vulnerability that enables man-in-the-middle infiltrations during Bluetooth connections.. Bluetooth Security, Bluez Package, Mageia Advisory. . LinuxSecurity.com Team
Jun 23, 2021
Mageia
98
security advisoryremote exploitimportantRed Hat: RHSA-2013:0869-01 Important: tomcat6 Privilege Escalation
Updated tomcat6 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Important: tomcat6 security update Advisory ID: RHSA-2013:0869-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2013:0869.html Issue date: 2013-05-28 CVE Names: CVE-2013-1976 CVE-2013-2051 ==================================================================== 1. Summary: Updated tomcat6 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - noarch Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Enterprise Linux Server Optional (v. 6) - noarch Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Enterprise Linux Workstation Optional (v. 6) - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. A flaw was found in the way the tomcat6 init script handled the tomcat6-initd.log log file. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root. (CVE-2013-1976) Note: With this update, tomcat6-initd.log has been moved from /var/log/tomcat6/ to the /var/log/ directory. It was found that the RHSA-2013:0623 update did not correctlyfix CVE-2012-5887, a weakness in the Tomcat DIGEST authentication implementation. A remote attacker could use this flaw to perform replay attacks in some circumstances. Additionally, this problem also prevented users from being able to authenticate using DIGEST authentication. (CVE-2013-2051) Red Hat would like to thank Simon Fayer of Imperial College London for reporting the CVE-2013-1976 issue. Users of Tomcat are advised to upgrade to these updated packages, which correct these issues. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 927622 - CVE-2013-1976 tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE) 959047 - CVE-2013-2051 tomcat: DIGEST authentication vulnerable to replay attacks 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: noarch: tomcat6-6.0.24-55.el6_4.noarch.rpm tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm tomcat6-lib-6.0.24-55.el6_4.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: noarch: tomcat6-6.0.24-55.el6_4.noarch.rpm tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm tomcat6-lib-6.0.24-55.el6_4.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm Red HatEnterprise Linux Server (v. 6): Source: noarch: tomcat6-6.0.24-55.el6_4.noarch.rpm tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm tomcat6-lib-6.0.24-55.el6_4.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: noarch: tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: noarch: tomcat6-6.0.24-55.el6_4.noarch.rpm tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm tomcat6-lib-6.0.24-55.el6_4.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: noarch: tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2013-1976 https://access.redhat.com/security/cve/CVE-2013-2051 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/errata/RHSA-2013:0623.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. . Oracle announces a vital WebLogic security patch addressing severe vulnerabilities threatening corporate environments. Upgrade immediately!. Tomcat6 Security, Red Hat Advisory, Enterprise Update, Security Impact. . Severity: Important. LinuxSecurity.com Team
May 28, 2013
•Important
Red Hat
100
security advisorycritical issuesecurity updateopenSUSE: 10.3 SUSE-SA:2008:041 Critical: Remote Code Execution Issue
The openwsman project provides an implementation of the Web Service The openwsman project provides an implementation of the Web Service Management specification. Management specification. The SuSE Security-Team has found two critical issues in the code: - two remote buffer overflows while decoding the HTTP basic authenticationheader (CVE-2008-2234) - a possible SSL session replay attack affectin [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: openwsman Announcement ID: SUSE-SA:2008:041 Date: Thu, 14 Aug 2008 18:00:00 +0000 Affected Products: openSUSE 10.3 openSUSE 11.0 Vulnerability Type: remote code execution Severity (1-10): 7 SUSE Default Package: no Cross-References: CVE-2008-2233 CVE-2008-2234 Content of This Advisory: 1) Security Vulnerability Resolved: remote code execution, SSL session replay Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - pdns - dnsmasq - gnome-screensaver - mysql - rdesktop 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The openwsman project provides an implementation of the Web Service Management specification. The SuSE Security-Team has found two critical issues in the code: - two remote buffer overflows while decoding the HTTP basic authentication header (CVE-2008-2234) - a possible SSL session replay attack affecting the client(depending on the configuration) (CVE-2008-2233) Both issues were fixed. 2) Solution or Work-Around Please install the fixed package. 3) Special Instructions and Notes Please restart the openwsman daemon. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv to apply the update, replacing with the filename of the downloaded RPM package. x86 Platform: openSUSE 11.0: openSUSE 10.3: Sources: openSUSE 10.3: ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - pdns This update of pdns offers better spoofing resistance by not ignoring invalid queries. (CVE-2008-3337) - dnsmasq This update of dnsmasq uses random UDP source ports and a random TRXID now. (CVE-2008-1447) - gnome-screensaver This update of gnome-screensaver disallows local users to read the contents of the clipboard for a locked screen using ctrl-v. (CVE-2007-6389) - mysql The database server MySQL was updated to fix two security problems. (CVE-2008-2079, CVE-2006-7232) - rdesktop Multiple problems have been fixed in rdesktop. (CVE-2008-1801, CVE-2008-1802, CVE-2008-1803) ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. Theauthenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from
Aug 14, 2008
•Critical
SuSE
200
security advisorymoderatesecurity updateScientific Linux: 2007-10-19 Moderate: Thunderbird Security Update
Moderate: thunderbird security update. Date: Fri, 19 Oct 2007 20:12:06 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for thunderbird on SL5.x, SL4.x, SL3,x i386/x86_64 Comments: To:
Oct 19, 2007
•Important
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!