Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New libgsf packages fix arbitrary code execution | ||
| 30th, November, 2006
Updated package. advisories/debian/debian-new-libgsf-packages-fix-arbitrary-code-execution |
||
| Debian: New proftpd packages fix several vulnerabilities | ||
| 30th, November, 2006
Several remote vulnerabilities have been discovered in the proftpd FTP daemon, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-5815 It was discovered that a buffer overflow in the sreplace() function may lead to denial of service and possibly the execution of arbitrary code. CVE-2006-6170 It was discovered that a buffer overflow in the mod_tls addon module may lead to the execution of arbitrary code. CVE-2006-6171 It was discovered that insufficient validation of FTP command buffer size limits may lead to denial of service. Due to unclear information this issue was already fixed in DSA-1218 as CVE-2006-5815. advisories/debian/debian-new-proftpd-packages-fix-several-vulnerabilities-31340 |
||
| Debian: New thttpd packages fix insecure temporary file creation | ||
| 1st, December, 2006
Marco d'Itri discovered that thttpd, a small, fast and secure webserver, makes use of insecure temporary files when its logfiles are rotated, which might lead to a denial of service through a symlink attack. The original advisory for this issue didn't contain fixed packages for all supported architectures which are corrected in this update. advisories/debian/debian-new-thttpd-packages-fix-insecure-temporary-file-creation-98706 |
||
| Debian: New tar packages fix arbitrary file overwrite | ||
| 1st, December, 2006
Teemu Salmela discovered a vulnerability in GNU tar that could allow a malicious user to overwrite arbitrary files by inducing the victim to attempt to extract a specially crafted tar file containing a GNUTYPE_NAMES record with a symbolic link. advisories/debian/debian-new-tar-packages-fix-arbitrary-file-overwrite |
||
| Debian: New proftpd packages fix several vulnerabilities | ||
| 1st, December, 2006
Updated package. advisories/debian/debian-new-proftpd-packages-fix-several-vulnerabilities-31340 |
||
| Debian: New Mozilla packages fix several vulnerabilities | ||
| 3rd, December, 2006
Updated package. advisories/debian/debian-new-mozilla-packages-fix-several-vulnerabilities-49307 |
||
| Debian: New Mozilla Firefox packages fix several vulnerabilities | ||
| 3rd, December, 2006
Updated package. advisories/debian/debian-new-mozilla-firefox-packages-fix-several-vulnerabilities-71271 |
||
| Debian: New Mozilla Firefox packages fix several vulnerabilities | ||
| 3rd, December, 2006
Updated package. advisories/debian/debian-new-mozilla-firefox-packages-fix-several-vulnerabilities-71271 |
||
| Debian: New links packages fix arbitrary shell command execution | ||
| 3rd, December, 2006
Updated package. advisories/debian/debian-new-links-packages-fix-arbitrary-shell-command-execution |
||
| Debian: New Mozilla Thunderbird packages fix several vulnerabilities | ||
| 4th, December, 2006
Updated package. advisories/debian/debian-new-mozilla-thunderbird-packages-fix-several-vulnerabilities-8356 |
||
| Debian: New Asterisk packages fix arbitrary code execution | ||
| 6th, December, 2006
Adam Boileau discovered an integer overflow in the Skinny channel driver in Asterisk, an Open Source Private Branch Exchange or telephone system, as used by Cisco SCCP phones, which allows remote attackers to execute arbitrary code. advisories/debian/debian-new-asterisk-packages-fix-arbitrary-code-execution-24815 |
||
| Gentoo | ||
| Gentoo: ProFTPD Remote execution of arbitrary code | ||
| 30th, November, 2006
ProFTPD is affected by mutiple vulnerabilities allowing for the remote execution of arbitrary code. |
||
| Gentoo: wv library Multiple integer overflows | ||
| 7th, December, 2006
The wv library is vulnerable to multiple integer overflows which could lead to the execution of arbitrary code. |
||
| Mandriva | ||
| Mandriva: Updated proftpd packages fix vulnerabilities | ||
| 30th, November, 2006
A stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier, allows remote attackers to cause a denial of service, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit." (CVE-2006-5815) |
||
| Mandriva: Updated libgsf packages fix heap buffer overflow vulnerability | ||
| 1st, December, 2006
"infamous41md" discovered a heap buffer overflow vulnerability in libgsf, a GNOME library for reading and writing structured file formats, which could lead to the execution of arbitrary code. The updated packages have been patched to correct this problem. |
||
| Mandriva: Updated gnupg packages fix vulnerability | ||
| 1st, December, 2006
Buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages that cause the make_printable_string function to return a longer string than expected while constructing a prompt. Updated packages have been patched to correct this issue. |
||
| Mandriva: Updated koffice packages fixes integer overflow vulnerability | ||
| 1st, December, 2006
An integer overflow was discovered in KOffice's filtering code. By tricking a user into opening a specially crafted PPT file, attackers could crash KOffice or possibly execute arbitrary code with the user's privileges. The updated packages have been patched to correct this issue. |
||
| Mandriva: Updated ImageMagick packages fixes vulnerability | ||
| 1st, December, 2006
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image. Updated packages have been patched to correct this issue. |
||
| Mandriva: Updated clamav packages to sync with upstream release | ||
| 1st, December, 2006
There are no known security issues with clamav-0.88.5, which was included in the last update (MDKSA-2006:184). Upstream has released a new stable 0.88.6, with some bugfixes. This update is to address user reports with regards to clamav's behavior of producing output. |
||
| Mandriva: Updated gv packages fix buffer overflow vulnerability | ||
| 4th, December, 2006
Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the DocumentMedia header. Packages have been patched to correct this issue. Update: The patch used in the previous update still left the possibility of causing X to consume unusual amounts of memory if gv is used to view a carefully crafted image designed to exploit CVE-2006-5864. This update uses an improved patch to address this issue. |
||
| Mandriva: Updated xine-lib packages fix buffer overflow vulnerability | ||
| 6th, December, 2006
Buffer overflow in the asmrp_eval function for the Real Media input plugin allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. |
||
| Mandriva: Updated ruby packages fix DoS vulnerability | ||
| 6th, December, 2006
Another vulnerability has been discovered in the CGI library (cgi.rb) that ships with Ruby which could be used by a malicious user to create a denial of service attack (DoS). Updated packages have been patched to correct this issue. |
||
| Red Hat | ||
| RedHat: Low: mod_auth_kerb security update | ||
| 6th, December, 2006
Updated mod_auth_kerb packages that fix a security flaw and a bug in multiple realm handling are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-low-modauthkerb-security-update-RHSA-2006-0746-01 |
||
| RedHat: Important: gnupg security update | ||
| 6th, December, 2006
Updated GnuPG packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-gnupg-security-update-90286 |
||
| Slackware | ||
| Slackware: libpng | ||
| 1st, December, 2006
New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. |
||
| Slackware: tar | ||
| 1st, December, 2006
New tar packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix a security issue. |
||
| Slackware: proftpd | ||
| 1st, December, 2006
New proftpd packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. |
||
| Slackware: gnupg | ||
| 6th, December, 2006
New gnupg packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. |
||
| SuSE | ||
| SuSE: mono (SUSE-SA:2006:073) | ||
| 1st, December, 2006
Sebastian Krahmer of SUSE Security found that the Mono System.Xml.Serialization class contained a /tmp race which potentially allows local attackers to execute code as the user using the Serialization method. This is tracked by the Mitre CVE ID CVE-2006-5072. |
||
| Ubuntu | ||
| Ubuntu: evince vulnerability | ||
| 30th, November, 2006
A buffer overflow was discovered in the PostScript processor included in evince. By tricking a user into opening a specially crafted PS file, an attacker could crash evince or execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-evince-vulnerability-17850 |
||
| Ubuntu: libgsf vulnerability | ||
| 4th, December, 2006
A heap overflow was discovered in the OLE processing code in libgsf. If a user were tricked into opening a specially crafted OLE document, an attacker could execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-libgsf-vulnerability |
||
| Ubuntu: xine-lib vulnerability | ||
| 4th, December, 2006
A buffer overflow was discovered in the Real Media input plugin in xine-lib. If a user were tricked into loading a specially crafted stream from a malicious server, the attacker could execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-xine-lib-vulnerability |
||
| Ubuntu: evince vulnerability | ||
| 5th, December, 2006
USN-390-1 fixed a vulnerability in evince. The original fix did not fully solve the problem, allowing for a denial of service in certain situations. advisories/ubuntu/ubuntu-evince-vulnerability-17850 |
||
| Ubuntu: evince-gtk vulnerability | ||
| 6th, December, 2006
USN-390-2 fixed vulnerabilities in evince. This update provides the corresponding update for evince-gtk. advisories/ubuntu/ubuntu-evince-gtk-vulnerability |
||
| Ubuntu: GnuPG vulnerability | ||
| 6th, December, 2006
Tavis Ormandy discovered that gnupg was incorrectly using the stack. If a user were tricked into processing a specially crafted message, an attacker could execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-gnupg-vulnerability-58303 |
||
