This week, advisories were released for tomcat, wireshark, maradns, php, tcpreen, libsndfile, peercast, inotify-tools, type3-src, tar, zope, imlib, wireshark, firefox, clamav, syslog, daap, dosfstools, and ez-ipupdate. The distributors include Debian, Gentoo, and Mandriva.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
Master's Student: A Quick and Dirty Guide To Kernel Hardening with GrSecurity - Our resident Master's student Gian Spicuzza chimes in this month with a great feature HowTo on Kernel Hardening! There are a number of ways to lock down a system, and RBAC (role based access control) is one of them. Read on to learn more about what makes RBAC so useful, and to read one of the best overviews on Low/Medium/High Security... The combination of the Linux kernel and GNU packages has always been regarded as a secure operating system, but can it be more secure? Kernel hardening is the answer to tightening up the Linux backbone. GrSecurity, a kernel patch for Linux, is one of the more popular approaches...
One of the most significant feature is the addition of a role-based access control system (RBAC) that monitors what each user can execute based on their role and denies execution if they overstep their pre-defined rules.
Creating Snort Rules with EnGarde - There are already tons of written Snort rules, but there just might be a time where you need to write one yourself. You can think of writing Snort rules as writing a program. They can include variables, keywords and functions. Why do we need to write rules? The reason is, without rules Snort will never detect someone trying to hack your machine. This HOWTO will give you confidence to write your own rules.
|
EnGarde Secure Community v3.0.18 Now Available! (Dec 4) |
|
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
|
|
|
|
Debian: New tomcat5.5 packages fix several vulnerabilities (Jan 3) |
|
Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. It was discovered that single quotes (') in cookies were treated as a delimiter, which could lead to an information leak. advisories/debian/debian-new-tomcat55-packages-fix-several-vulnerabilities-571
|
|
Debian: New wireshark packages fix denial of service (Jan 3) |
|
Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service. advisories/debian/debian-new-wireshark-packages-fix-denial-of-service
|
|
Debian: New maradns packages fix denial of service (Jan 3) |
|
Michael Krieger and Sam Trenholme discovered a programming error in MaraDNS, a simple security-aware Domain Name Service server, which might to denial of service through malformed DNS packets. advisories/debian/debian-new-maradns-packages-fix-denial-of-service
|
|
Debian: New php5 packages fix several vulnerabilities (Jan 3) |
|
Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. It was discovered that the session_start() function allowed the insertion of attributes into the session cookie. advisories/debian/debian-new-php5-packages-fix-several-vulnerabilities-1312
|
|
Debian: New tcpreen packages fix denial of service (Jan 3) |
|
It was discovered that several buffer overflows in tcpreen, a tool for monitoring a TCP connection may lead to denial of service. advisories/debian/debian-new-tcpreen-packages-fix-denial-of-service
|
|
Debian: New libsndfile packages fix arbitrary code execution (Dec 28) |
|
Rubert Buchholz discovered that libsndfile, a library for reading / writing audio files performs insufficient boundary checks when processing FLAC files, which might lead to the execution of arbitrary code. advisories/debian/debian-new-libsndfile-packages-fix-arbitrary-code-execution
|
|
Debian: New peercast packages fix arbitrary code execution (Dec 28) |
|
Luigi Auriemma discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request. advisories/debian/debian-new-peercast-packages-fix-arbitrary-code-execution-87429
|
|
Debian: New inotify-tools packages fix arbitrary code (Dec 28) |
|
It was discovered that a buffer overflow in the filename processing of the inotify-tools, a command-line interface to inotify, may lead to the execution of arbitrary code. This only affects the internal library and none of the frontend tools shipped in Debian. advisories/debian/debian-new-inotify-tools-packages-fix-arbitrary-code
|
|
Debian: New typo3-src packages fix SQL injection (Dec 28) |
|
Henning Pingel discovered that TYPO3, a web content management framework, performs insufficient input sanitising, making it vulnerable to SQL injection by logged-in backend users. advisories/debian/debian-new-typo3-src-packages-fix-sql-injection
|
|
Debian: New tar packages fix several vulnerabilities (Dec 28) |
|
Several vulnerabilities have been discovered in GNU Tar. A directory traversal vulnerability enables attackers using specially crafted archives to extract contents outside the directory tree created by tar. advisories/debian/debian-new-tar-packages-fix-several-vulnerabilities
|
|
Debian: New zope-cmfplone packages fix regression (Dec 27) |
|
The Plone developers discovered that their hotfix, released as DSA 1405, introduced two regressions. This update corrects these flaws. For completeness, the original advisory text below:
It was discovered that Plone, a web content management system, allows remote attackers to execute arbitrary code via specially crafted web browser cookies. advisories/debian/debian-new-zope-cmfplone-packages-fix-regression-24258
|
|
|
|
Fedora 8 Update: imlib-1.9.15-6.fc8 (Dec 28) |
|
This update includes a fix for a denial-of-service issue (CVE-2007-3568) whereby an attacker who could get an imlib-using user to view a specially-crafted BMP image could cause the user's CPU to go into an infinite loop. advisories/fedora/fedora-8-update-imlib-1915-6fc8-12-12-00-132629
|
|
|
|
Gentoo: AMD64 x86 emulation GTK+ library User-assisted execution of arbitrary code (Dec 30) |
|
Multiple integer overflow vulnerabilities in the AMD64 x86 emulation GTK+ libraries may result in the execution of arbitrary code in applications using Cairo.
|
|
Gentoo: Wireshark Multiple vulnerabilities (Dec 30) |
|
Multiple vulnerabilities have been discovered in Wireshark, allowing for the remote execution of arbitrary code and a Denial of Service.
|
|
Gentoo: Mozilla Firefox, SeaMonkey Multiple vulnerabilities (Dec 29) |
|
Multiple vulnerabilities have been discovered in Mozilla Firefox and Mozilla Seamonkey.
|
|
Gentoo: ClamAV Multiple vulnerabilities (Dec 29) |
|
Multiple vulnerabilities have been discovered in ClamAV allowing remote execution of arbitrary code and Denial of Service attacks.
|
|
Gentoo: Syslog-ng Denial of Service (Dec 29) |
|
A Denial of Service vulnerability has been discovered in Syslog-ng.
|
|
Gentoo: Multi-Threaded DAAP Daemon Multiple vulnerabilities (Dec 29) |
|
Multiple vulnerabilities in the web server in the Multi-Threaded DAAP Daemon may lead to the remote execution of arbitrary code.
|
|
|
|
Mandriva: Updated dosfstools package fixes dosfsck bug (Jan 3) |
|
The previous update introduced a bug into the dosfsck program that made it crash. This update fixes it.
|
|
Mandriva: Updated wireshark packages fix multiple (Jan 2) |
|
A number of vulnerabilities in the Wireshark program were found that could cause crashes, excessive looping, or arbitrary code execution. This update rovides Wireshark 0.99.7 which is not vulnerable to these issues.
|
|
Mandriva: Updated ez-ipupdate packages correct crash on (Dec 31) |
|
A 64-bit type error in ez-ipupdate would cause it to creash on x86_64 systems. This update corrects the problem.
|
Jan 04, 2008
•
Anthony Pell
PREVIOUS
NEXT
