General Esm W900
This week advisories were released for freetype, gimp, httpd, perl-Net-DNS, xorg-x11, flash-plugin, tomcat, seamonkey, thunderbird, libnet-dns-perl, curl, php, dovecot, mod_perl, and the Linux kernel. The distributors include Debian, Fedora, Mandriva, Red Hat, and Ubuntu.


Accelerate your career with a Master in Information Assurance from Norwich - The NSA has designated Norwich University a center of Academic Excellence in Information Security.

Our program offers unparalleled Infosec management education and the case study offers you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.


LinuxSecurity.com Feature Extras:

    Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it. with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


Debian: New freetype packages fix arbitary code execution
18th, July, 2007

A problem was discovered with freetype, a FreeType2 font engine, which could allow the execution of arbitary code via an integer overflow in specially crafted TTF files.

advisories/debian/debian-new-freetype-packages-fix-arbitary-code-execution
Debian: New gimp packages fix arbitrary code execution
18th, July, 2007

Several remote vulnerabilities have been discovered in Gimp, the GNU Image Manipulation Program, which might lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identified the following problems. Sean Larsson discovered several integer overflows in the processing code for DICOM, PNM, PSD, RAS, XBM and XWD images, which might lead to the execution of arbitrary code if a user is tricked into opening such a malformed media file.

advisories/debian/debian-new-gimp-packages-fix-arbitrary-code-execution-316
Fedora Core 6 Update: httpd-2.2.4-2.1.fc6
12th, July, 2007

The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service (CVE-2007-3304). This issue is not exploitable on Fedora if using the default SELinux targeted policy.

advisories/fedora/fedora-core-6-update-httpd-224-21fc6-21-15-00-128775
Mandriva: Updated perl-Net-DNS packages fix multiple
12th, July, 2007

A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data (CVE-2007-3377).

RedHat: Moderate: xorg-x11 security update
12th, July, 2007

Updated X.org packages that correct a flaw in the way the X.Org X11 xfs font server starts are now available for Red Hat Enterprise Linux. The init.d xfs script chown has race condition vulnerability. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-moderate-xorg-x11-security-update-RHSA-2007-0519-01
RedHat: Moderate: xorg-x11-xfs security update
12th, July, 2007

Updated X.org packages that address a flaw in the way the X.Org X11 xfs font server starts are now available for Red Hat Enterprise Linux 5.A temporary file flaw was found in the way the X.Org X11 xfs font server startup script executes. A local user could modify the permissions of a file of their choosing, possibly elevating their local privileges. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-moderate-xorg-x11-xfs-security-update-RHSA-2007-0520-01
RedHat: Moderate: perl-Net-DNS security update
12th, July, 2007

Updated perl-Net-DNS packages that correct two security issues are now available for Red Hat Enterprise Linux 3 and 5.A denial of service flaw was found in the way Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-moderate-perl-net-dns-security-update-71780
RedHat: Moderate: perl-Net-DNS security update
12th, July, 2007

An updated perl-Net-DNS package that corrects a security issue is now available for Red Hat Enterprise Linux 4.A flaw was found in the way Net::DNS generated the ID field in a DNS query. This predictable ID field could be used by a remote attacker to return invalid DNS data. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-moderate-perl-net-dns-security-update-71780
RedHat: Critical: flash-plugin security update
12th, July, 2007

An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. An input validation flaw was found in the way Flash Player displayed certain content. It may be possible to execute arbitrary code on a victim's machine if the victim opens a malicious Adobe Flash file. This update has been rated as having critical security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-critical-flash-plugin-security-update-73664
RedHat: Moderate: httpd security update
13th, July, 2007

Updated Apache httpd packages that correct two security issues are now available for Red Hat Application Stack. A flaw was found in the Apache HTTP Server mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled, this flaw could lead to a cross-site scripting attack. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-moderate-httpd-security-update-87284
RedHat: Moderate: httpd security update
13th, July, 2007

Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 3 and 4.A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-moderate-httpd-security-update-87284
RedHat: Moderate: tomcat security update
17th, July, 2007

Updated tomcat packages that fix two security issues and a packaging bug are now available for Red Hat Enterprise Linux 5.Some JSPs within the 'examples' web application did not escape user provided data. If the JSP examples were accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-moderate-tomcat-security-update-58513
RedHat: Critical: seamonkey security update
18th, July, 2007

Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. This update has been rated as having critical security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-critical-seamonkey-security-update-3241
RedHat: Moderate: thunderbird security update
18th, July, 2007

Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. A malicious HTML email message containing JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. JavaScript support is disabled by default in Thunderbird; these issues are not exploitable unless the user has enabled JavaScript. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

advisories/red-hat/redhat-moderate-thunderbird-security-update-RHSA-2007-0723-01
Ubuntu: libnet-dns-perl vulnerabilities
13th, July, 2007

Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks.

advisories/ubuntu/ubuntu-libnet-dns-perl-vulnerabilities
Ubuntu: curl vulnerability
17th, July, 2007

It was discovered that the GnuTLS certificate verification methods implemented in Curl did not check for expiration and activation dates. When performing validations, tools using libcurl3-gnutls would incorrectly allow connections to sites using expired certificates.

advisories/ubuntu/ubuntu-curl-vulnerability
Ubuntu: PHP vulnerabilities
17th, July, 2007

It was discovered that the PHP xmlrpc extension did not correctly check heap memory allocation sizes. A remote attacker could send a specially crafted request to a PHP application using xmlrpc and execute arbitrary code as the Apache user.

advisories/ubuntu/ubuntu-php-vulnerabilities-97448
Ubuntu: Dovecot vulnerability
17th, July, 2007

It was discovered that Dovecot, when configured to use non-system-user spools and compressed folders, would allow directory traversals in mailbox names. Remote authenticated users could potentially read email owned by other users.

advisories/ubuntu/ubuntu-dovecot-vulnerability-32142
Ubuntu: mod_perl vulnerability
18th, July, 2007

Alex Solovey discovered that mod_perl did not correctly validate certain regular expression matches. A remote attacker could send a specially crafted request to a web application using mod_perl, causing the web server to monopolize CPU resources. This could lead to a remote denial of service.

advisories/ubuntu/ubuntu-modperl-vulnerability
Ubuntu: redhat-cluster-suite vulnerability
19th, July, 2007

USN-489-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding fixes for the redhat cluster suite kernel sources. A flaw was discovered in the cluster manager. A remote attacker could connect to the DLM port and block further DLM operations.

advisories/ubuntu/ubuntu-redhat-cluster-suite-vulnerability-26371
Ubuntu: Linux kernel vulnerabilities
19th, July, 2007

A flaw was discovered in dvb ULE decapsulation. A remote attacker could send a specially crafted message and cause a denial of service. The compat_sys_mount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode.

advisories/ubuntu/ubuntu-linux-kernel-vulnerabilities-39223