Debian, Ubuntu, Red Hat: Security Advisory Overview with Critical Updates
Accelerate your career with a Master in Information Assurance from Norwich - The NSA has designated Norwich University a center of Academic Excellence in Information Security.
Our program offers unparalleled Infosec management education and the case study offers you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LinuxSecurity.com Feature Extras:
Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian: Subject: [DSA 1311-1] New PostgreSQL 7.4 packages fix privilege escalation | ||
29th, June, 2007
It was discovered that the PostgreSQL database performs insufficient validation of variables passed to privileged SQL statement called "security definers", which could lead to SQL privilege escalation. advisories/debian/debian-subject-dsa-1311-1-new-postgresql-74-packages-fix-privilege-escalation |
||
| Debian: Subject: [DSA 1312-1] New libapache-mod-jk packages fix information disclosure | ||
29th, June, 2007
It was discovered that the Apache 1.3 connector for the Tomcat Java servlet engine decoded request URLs multiple times, which can lead to information disclosure. advisories/debian/debian-subject-dsa-1312-1-new-libapache-mod-jk-packages-fix-information-disclosure |
||
| Debian: Subject: [DSA 1313-1] New MPlayer packages fix arbitrary code execution | ||
29th, June, 2007
Stefan Cornelius and Reimar Doeffinger discovered that the MPlayer movie player performs insufficient boundary checks when accessing CDDB data, which might lead to the execution of arbitrary code. advisories/debian/debian-subject-dsa-1313-1-new-mplayer-packages-fix-arbitrary-code-execution |
||
| Debian: Subject: [DSA 1314-1] New open-iscsi packages fix several vulnerabilities | ||
29th, June, 2007
Several local and remote vulnerabilities have been discovered in open-iscsi, a transport-independent iSCSI implementation. One of the security flaw discovered by Olaf Kirch was that due to a programming error access to the management interface socket was insufficiently protected, which allows denial of service. advisories/debian/debian-subject-dsa-1314-1-new-open-iscsi-packages-fix-several-vulnerabilities |
||
| Debian: Subject: [DSA 1315-1] New libphp-phpmailer packages fix arbitrary shell command execution | ||
29th, June, 2007
Thor Larholm discovered that libphp-phpmailer, an email transfer class for PHP, performs insufficient input validition if configured to use Sendmail. This allows the execution of arbitrary shell commands. advisories/debian/debian-subject-dsa-1315-1-new-libphp-phpmailer-packages-fix-arbitrary-shell-command-execution |
||
| Debian: Subject: [DSA 1318-1] New ekg packages fix denial of service | ||
29th, June, 2007
Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client. It was discovered that memory alignment errors may allow remote attackers to cause a denial of service on certain architectures such as sparc. This only affects Debian Sarge. advisories/debian/debian-subject-dsa-1318-1-new-ekg-packages-fix-denial-of-service |
||
| Debian: Subject: [DSA 1319-1] New maradns packages fix denial of service | ||
29th, June, 2007
Several remote vulnerabilities have been discovered in MaraDNS, a simple security-aware Domain Name Service server. One flaw was that malformed DNS requests can trigger memory leaks, allowing denial of service. advisories/debian/debian-subject-dsa-1319-1-new-maradns-packages-fix-denial-of-service |
||
| Debian: Subject: [DSA 1320-1] New clamav packages fix several vulnerabilities | ||
29th, June, 2007
Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project found the flaws. It was discovered that the NsPack decompression code performed insufficient sanitising on an internal length variable, resulting in a potential buffer overflow. advisories/debian/debian-subject-dsa-1320-1-new-clamav-packages-fix-several-vulnerabilities |
||
| Debian: Subject: [DSA 1322-1] New wireshark packages fix denial of service | ||
29th, June, 2007
Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service. One security flaw was is Off-by-one overflows were discovered in the iSeries dissector. advisories/debian/debian-subject-dsa-1322-1-new-wireshark-packages-fix-denial-of-service |
||
| Debian: Subject: [DSA 1324-1] New hiki packages fix missing input sanitising | ||
29th, June, 2007
Kazuhiro Nishiyama found a vulnerability in hiki, a Wiki engine written in Ruby, which could allow a remote attacker to delete arbitary files which are writable to the Hiki user, via a specially crafted session parameter. advisories/debian/debian-subject-dsa-1324-1-new-hiki-packages-fix-missing-input-sanitising |
||
| Debian: New evolution packages fix arbitrary code execution | ||
29th, June, 2007
Several remote vulnerabilities have been discovered in Evolution, a groupware suite with mail client and organizer. Ulf Harnhammer discovered that a format string vulnerability in the handling of shared calendars may allow the execution of arbitrary code. advisories/debian/debian-new-evolution-packages-fix-arbitrary-code-execution-229 |
||
| Debian: New fireflier-server packages fix unsafe temporary files | ||
1st, July, 2007
Steve Kemp from the Debian Security Audit project discovered that fireflier-server, an interactive firewall rule creation tool, uses temporary files in an unsafe manner which may be exploited to remove arbitary files from the local system. advisories/debian/debian-new-fireflier-server-packages-fix-unsafe-temporary-files |
||
| Debian: New gsambad packages fix unsafe temporary files | ||
1st, July, 2007
Steve Kemp from the Debian Security Audit project discovered that gsambad, a GTK+ configuration tool for samba, uses temporary files in an unsafe manner which may be exploited to truncate arbitary files from the local system. advisories/debian/debian-new-gsambad-packages-fix-unsafe-temporary-files |
||
| Debian: New unicon-imc2 packages fix buffer overflow | ||
1st, July, 2007
Steve Kemp from the Debian Security Audit project discovered that unicon-imc2, a Chinese input method library, makes unsafe use of an environmental variable, which may be exploited to execute arbitary code. advisories/debian/debian-new-unicon-imc2-packages-fix-buffer-overflow |
||
| Fedora Core 6 Update: samba-3.0.24-7.fc6 | ||
29th, June, 2007
Bugfixes against the recent security patches. The bug names are CVE-2007-2447 patch v2 and CVE-2007-2444 patch v2. advisories/fedora/fedora-core-6-update-samba-3024-7fc6-10-12-00-128622 |
||
| Fedora Core 5 Update: kernel-2.6.20-1.2320.fc5 | ||
29th, June, 2007
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file. advisories/fedora/fedora-core-5-update-kernel-2620-12320fc5-10-12-00-128624 |
||
| Fedora Core 5 Update: libexif-0.6.12-5 | ||
29th, June, 2007
An integer overflow flaw was found in the way libexif parses EXIF image tags. If a victim opens a carefully crafted EXIF image file it could cause the application linked against libexif to execute arbitrary code or crash. (CVE-2007-4168) Users of libexif should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. advisories/fedora/fedora-core-5-update-libexif-0612-5-10-12-00-128625 |
||
| Fedora Core 5 Update: openoffice.org-2.0.2-5.22.2 | ||
29th, June, 2007
A heap overflow flaw was found in the RTF import filer. An attacker could create a carefully crafted RTF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. All users of OpenOffice.org are advised to upgrade to these updated packages, which contain a backported fix to correct this issue. advisories/fedora/fedora-core-5-update-openofficeorg-202-5222-10-12-00-128626 |
||
| Fedora Core 6 Update: kernel-2.6.20-1.2962.fc6 | ||
29th, June, 2007
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file. advisories/fedora/fedora-core-6-update-kernel-2620-12962fc6-10-12-00-128627 |
||
| Fedora Core 5 Update: evolution-data-server-1.6.3-5.fc5 | ||
29th, June, 2007
This update fixes a security flaw in Evolution's IMAP module. Adds a patch for a list of security bug which were reported. advisories/fedora/fedora-core-5-update-evolution-data-server-163-5fc5-10-12-00-128628 |
||
| Fedora Core 6 Update: evolution-data-server-1.8.3-7.fc6 | ||
29th, June, 2007
This update fixes a security flaw in Evolution's IMAP module. It add a patch for RH bug #244287 (Camel IMAP security flaw). advisories/fedora/fedora-core-6-update-evolution-data-server-183-7fc6-10-12-00-128629 |
||
| Fedora Core 6 Update: libexif-0.6.15-2.fc6 | ||
29th, June, 2007
The libexif package contains the EXIF library. Applications use this library to parse EXIF image files. An integer overflow flaw was found in the way libexif parses EXIF image tags. If a victim opens a carefully crafted EXIF image file it could cause the application linked against libexif to execute arbitrary code or crash. (CVE-2007-4168) Users of libexif should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. advisories/fedora/fedora-core-6-update-libexif-0615-2fc6-10-12-00-128630 |
||
| Fedora Core 5 Update: krb5-1.4.3-5.5 | ||
29th, June, 2007
This update incorporates fixes for a stack buffer overflow and heap corruption in the RPC library, and a fix for a potential stack buffer overflow in kadmind. advisories/fedora/fedora-core-5-update-krb5-143-55-10-12-00-128633 |
||
| Fedora Core 6 Update: krb5-1.5-21.1 | ||
29th, June, 2007
This update incorporates fixes for a stack buffer overflow and heap corruption in the RPC library, and a fix for a potential stack buffer overflow in kadmind. advisories/fedora/fedora-core-6-update-krb5-15-211-10-12-00-128634 |
||
| Fedora Core 5 Update: httpd-2.2.2-1.3 | ||
2nd, July, 2007
The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service (CVE-2007-3304). advisories/fedora/fedora-core-5-update-httpd-222-13-12-59-00-128699 |
||
| Gentoo: Mozilla products Multiple vulnerabilities | ||
29th, June, 2007
Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted arbitrary remote code execution. |
||
| Gentoo: PHProjekt Multiple vulnerabilities | ||
29th, June, 2007
Multiple vulnerabilities have been discovered in PHProjekt, allowing for the execution of arbitrary PHP and SQL code, and cross-site scripting attacks.An authenticated user could elevate their privileges by exploiting the vulnerabilities described above. Note that the magic_quotes_gpc PHP configuration setting must be set to "off" to exploit these vulnerabilities. |
||
| Gentoo: emul-linux-x86-java Multiple vulnerabilities | ||
29th, June, 2007
Multiple vulnerabilities have been discovered in emul-linux-x86-java, possibly resulting in the execution of arbitrary code or a Denial of Service. |
||
| Gentoo: libexif Buffer overflow | ||
29th, June, 2007
libexif does not properly handle image EXIF information, possibly allowing for the execution of arbitrary code.An attacker could entice a user of an application making use of a vulnerable version of libexif to load a specially crafted image file, possibly resulting in a crash of the application or the execution of arbitrary code with the rights of the user running the application. |
||
| Gentoo: Firebird Buffer overflow | ||
1st, July, 2007
A vulnerability has been discovered in Firebird, allowing for the execution of arbitrary code.Cody Pierce from TippingPoint DVLabs has discovered a buffer overflow when processing "connect" requests with an overly large "p_cnct_count" value. |
||
| Gentoo: OpenOffice.org Two buffer overflows | ||
2nd, July, 2007
Multiple vulnerabilities have been discovered in OpenOffice.org, allowing for the remote execution of arbitrary code.A remote attacker could entice a user to open a specially crafted document, possibly leading to execution of arbitrary code with the rights of the user running OpenOffice.org. |
||
| Gentoo: Evolution User-assisted remote execution of arbitrary code | ||
2nd, July, 2007
The IMAP client of Evolution contains a vulnerability potentially leading to the execution of arbitrary code.A malicious or compromised IMAP server could trigger the vulnerability and execute arbitrary code with the permissions of the user running Evolution. |
||
| Gentoo: GNU C Library Integer overflow | ||
3rd, July, 2007
An integer overflow in the dynamic loader, ld.so, could result in the execution of arbitrary code with escalated privileges.As the hardware capabilities mask is honored by the dynamic loader during the execution of suid and sgid programs, in theory this vulnerability could result in the execution of arbitrary code with root privileges. This update is provided as a precaution against currently unknown attack vectors. |
||
| Mandriva: Updated apache packages fix mod_mem_cache issue | ||
29th, June, 2007
The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously-used data, which could be used to obtain potentially sensitive information by unauthorized users. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated libexif packages fix integer overflow flaw | ||
29th, June, 2007
Another integer overflow was found in the way libexif parses EXIF image tags. An individual who opened a carefully-crafted EXIF image file could cause the application linked against libexif to crash or possibly execute arbitrary code. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated jasper packages fix vulnerability | ||
29th, June, 2007
A function in the JasPer JPEG-2000 library before 1.900 could allow a remote user-assisted attack to cause a crash and possibly corrupt the heap via malformed image files. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated proftpd packages fix authentication | ||
29th, June, 2007
The Auth API in ProFTPD, when multiple simultaneous authentication modules are configured, did not require that the module that checks authentication is the same module that retrieves authentication data, which could possibly be used to allow remote attackers to bypass authentication. The updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated Thunderbird packages fix multiple | ||
29th, June, 2007
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.4. This update provides the latest Thunderbird to correct these issues. |
||
| Mandriva: Updated madwifi-source, | ||
29th, June, 2007
The 802.11 network stack in MadWifi prior to 0.9.3.1 would alloa remote attackers to cause a denial of service (system hang) via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference. |
||
| Mandriva: Updated emacs packages fix DoS vulnerability | ||
29th, June, 2007
A vulnerability in emacs was discovered where it would crash when processing certain types of images. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated xfsdump packages fix unsafe temporary | ||
29th, June, 2007
The vulnerability is xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated evolution packages fix vulnerability | ||
29th, June, 2007
A flaw in Evolution/evolution-data-server was found in how Evolution would process certain IMAP server messages. If a user were tricked into connecting to a malicious IMAP server, it was possible that arbitrary code could be executed with the privileges of the user using Evolution. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated evolution packages fix vulnerability | ||
29th, June, 2007
A flaw in Evolution/evolution-data-server was found in how Evolution would process certain IMAP server messages. If a user were tricked into connecting to a malicious IMAP server, it was possible that arbitrary code could be executed with the privileges of the user using Evolution. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated krb5 packages fix vulnerabilities | ||
29th, June, 2007
David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code. |
||
| Mandriva: Updated e2fsprogs packages fix memory leak | ||
29th, June, 2007
The libblkid library contained in the libext2fs2 package contains a serious memory leak which can cause machines being used as NFS servers to rapidly consume system memory. This update fixes the memory leak. |
||
| Mandriva: Updated webmin packages fix XSS vulnerability | ||
29th, June, 2007
Multiple cross-site scripting (XSS) vulnerabilities were discovered in pam_login.cgi in webmin prior to version 1.350, which could allow a remote attacker to inject arbitrary web script or HTML. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated MySQL packages fix multiple security | ||
4th, July, 2007
MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function. This issue does not affect MySQL 5.0.37 in Mandriva Linux 2007.1. |
||
| Mandriva: Updated console-tools packages fix problems caused | ||
4th, July, 2007
vt-is-UTF8 utility included in console-tools package, and used by Mandriva initscripts, can hang, causing random problems like preventing a local/remote system reboot, unless user take interactive action (#27948). Also, when executed on a terminal different from a linux vt, it can cause errors and make it unresponsive. Updated packages fixes both problems, and also removes setkeycodes limit, better fix for a previous issue alread addressed (#21741). |
||
| Mandriva: Updated apache packages fix multiple security | ||
4th, July, 2007
A vulnerability was discovered in the the Apache mod_status module that could lead to a cross-site scripting attack on sites where the server-status page was publically accessible and ExtendedStatus was enabled (CVE-2006-5752). |
||
| Mandriva: Updated apache packages fix multiple security | ||
5th, July, 2007
A vulnerability was discovered in the the Apache mod_status module that could lead to a cross-site scripting attack on sites where the server-status page was publically accessible and ExtendedStatus was enabled. |
||
| Mandriva: Updated apache packages fix multiple security | ||
5th, July, 2007
A vulnerability was discovered in the the Apache mod_status module that could lead to a cross-site scripting attack on sites where the server-status page was publically accessible and ExtendedStatus was enabled (CVE-2006-5752). |
||
| RedHat: Moderate: mod_perl security update | ||
29th, June, 2007
Updated mod_perl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1. The Apache::PerlRun module was found to not properly escape PATH_INFO before being used in a regular expression. If a server is configured to use Apache::PerlRun, an attacker could request a carefully crafted URI causing resource consumption, which could lead to a denial of service. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-modperl-security-update-2466 |
||
| RedHat: Low: mod_perl security update | ||
29th, June, 2007
Updated mod_perl packages that fix a security issue are now available for Red Hat Application Stack. An issue was found in the "namespace_from_uri" method of the ModPerl::RegistryCooker class. If a server implemented a mod_perl registry module using this method, a remote attacker requesting a carefully crafted URI can cause resource consumption, which could lead to a denial of service This update has been rated as having low security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-low-modperl-security-update-68276 |
||
| RedHat: Important: evolution security update | ||
29th, June, 2007
Updated evolution packages that fix a security bug are now available for Red Hat Enterprise Linux 3 and 4. A flaw was found in the way Evolution processes certain IMAP server messages. If a user can be tricked into connecting to a malicious IMAP server it may be possible to execute arbitrary code as the user running evolution. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-evolution-security-update-RHSA-2007-0509-01 |
||
| RedHat: Important: evolution-data-server security update | ||
29th, June, 2007
Updated evolution-data-server package that fixes a security bug are now available for Red Hat Enterprise Linux 5.A flaw was found in the way evolution-data-server processes certain IMAP server messages. If a user can be tricked into connecting to a malicious IMAP server it may be possible to execute arbitrary code as the user running the evolution-data-server process. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-evolution-data-server-security-update-RHSA-2007-0510-01 |
||
| RedHat: Important: kernel security update | ||
29th, June, 2007
Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 4 kernel are now available. A flaw in the connection tracking support for SCTP that allowed a remote user to cause a denial of service by dereferencing a NULL pointer. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-kernel-security-update-85756 |
||
| RedHat: Moderate: apache security update | ||
29th, June, 2007
Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 2.1. The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker who has the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated, which could lead to a denial of service. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-apache-security-update-RHSA-2007-0532-01 |
||
| RedHat: Moderate: httpd security update | ||
29th, June, 2007
Updated Apache httpd packages that correct two security issues are now available for Red Hat Enterprise Linux 4. A flaw was found in the Apache HTTP Server mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. On Red Hat Enterprise Linux the server-status page is not enabled by default and it is best practice to not make this publicly available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-httpd-security-update-87284 |
||
| RedHat: Moderate: httpd security update | ||
29th, June, 2007
Updated Apache httpd packages that correct three security issues are now available for Red Hat Enterprise Linux 5.The Apache HTTP Server did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the Apache HTTP Server could manipulate the scoreboard and cause arbitrary processes to be terminated which could lead to a denial of service. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-httpd-security-update-87284 |
||
| RedHat: Critical: krb5 security update | ||
29th, June, 2007
Updated krb5 packages that fix several security flaws are now available for Red Hat Enterprise Linux 2.1 and 3. David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash or potentially execute arbitrary code as root. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-krb5-security-update-50912 |
||
| RedHat: Important: krb5 security update | ||
29th, June, 2007
Updated krb5 packages that fix several security flaws are now available for Red Hat Enterprise Linux 4 and 5.Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC. kadmind is the KADM5 administration server. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-krb5-security-update-66067 |
||
| RedHat: Critical: HelixPlayer security update | ||
29th, June, 2007
An updated HelixPlayer package that fixes a buffer overflow flaw is now available. A buffer overflow flaw was found in the way HelixPlayer processed Synchronized Multimedia Integration Language (SMIL) files. It was possible for a malformed SMIL file to execute arbitrary code with the permissions of the user running HelixPlayer This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-helixplayer-security-update-82453 |
||
| RedHat: Moderate: httpd security update | ||
29th, June, 2007
Updated Apache httpd packages that correct two security issues and two bugs are now available for Red Hat Enterprise Linux 3.A flaw was found in the Apache HTTP Server mod_status module. On sites where the server-status page is publicly accessible and ExtendedStatus is enabled this could lead to a cross-site scripting attack. On Red Hat Enterprise Linux the server-status page is not enabled by default and it is best practice to not make this publicly available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-httpd-security-update-87284 |
||
| RedHat: Important: cman security update | ||
29th, June, 2007
Updated cman packages that correct a security issue are now available for Red Hat Enterprise Linux 5.A flaw was found in the cman daemon. A local attacker could connect to the cman daemon and trigger a static buffer overflow leading to a denial of service or, potentially, an escalation of privileges This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-cman-security-update-RHSA-2007-0559-01 |
||
| Slackware: gd | ||
29th, June, 2007
GD is an open source code library for the dynamic creation of images. New gd packages are available for Slackware 11.0, and -current to fix possible security issues. Please see: for complete release notes. "Upgrading is strongly recommended." |
||
| Ubuntu: evolution-data-server vulnerability | ||
29th, June, 2007
Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute arbitrary code with user privileges. advisories/ubuntu/ubuntu-evolution-data-server-vulnerability |
||
| Ubuntu: redhat-cluster-suite vulnerability | ||
29th, June, 2007
Fabio Massimo Di Nitto discovered that cman did not correctly validate the size of client messages. A local user could send a specially crafted message and execute arbitrary code with cluster manager privileges or crash the manager, leading to a denial of service. advisories/ubuntu/ubuntu-redhat-cluster-suite-vulnerability-26371 |
||
| Ubuntu: krb5 vulnerabilities | ||
29th, June, 2007
Wei Wang discovered that the krb5 RPC library did not correctly handle certain error conditions. A remote attacker could cause kadmind to free an uninitialized pointer, leading to a denial of service or possibly execution of arbitrary code with root privileges. advisories/ubuntu/ubuntu-krb5-vulnerabilities |
||
| Ubuntu: libexif vulnerability | ||
29th, June, 2007
Sean Larsson discovered that libexif did not correctly verify the size of EXIF components. By tricking a user into opening an image with specially crafted EXIF headers, a remote attacker could cause the application using libexif to execute arbitrary code with user privileges. advisories/ubuntu/ubuntu-libexif-vulnerability-98087 |
||
| Ubuntu: MadWifi vulnerabilities | ||
29th, June, 2007
Multiple flaws in the MadWifi driver were discovered that could lead to a system crash. A physically near-by attacker could generate specially crafted wireless network traffic and cause a denial of service. advisories/ubuntu/ubuntu-madwifi-vulnerabilities |
||
| Ubuntu: Gimp vulnerability | ||
4th, July, 2007
Stefan Cornelius discovered that Gimp could miscalculate the size of heap buffers when processing PSD images. By tricking a user into opening a specially crafted PSD file with Gimp, an attacker could exploit this to execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-gimp-vulnerability-58725 |
||
