This week, advisories were released for policyd, firebird, cupsys, serendipity, debian-goodies, xwine, asterisk, kerberos, ssl-cert, openssl, perl-Tk, wml, bzip2, audacity, perl-Net-DNS, Ruby, Dovecot, libicu, unzip, and mysql. The distributors include Debian, Gentoo, Mandriva, and Ubuntu.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
|
EnGarde Secure Community v3.0.18 Now Available! (Dec 4) |
|
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
|
|
|
|
Debian: New policyd-weight packages fix insecure temporary files (Mar 27) |
|
Chris Howells discovered that policyd-weight, a policy daemon for the Postfix mail transport agent, created its socket in an insecure way, which may be exploited to overwrite or remove arbitary files from the local system. advisories/debian/debian-new-policyd-weight-packages-fix-insecure-temporary-files-13408
|
|
Debian: New Firebird packages fix several vulnerabilities (Mar 27) |
|
Multiple security problems have been discovered in the Firebird database, which may lead to the execution of arbitrary code or denial of service. advisories/debian/debian-new-firebird-packages-fix-several-vulnerabilities
|
|
Debian: New cupsys packages fix multiple vulnerabilities (Mar 25) |
|
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted packets to the cupsd port (631/udp), related to an unspecified manipulation of a remote printer. advisories/debian/debian-new-cupsys-packages-fix-multiple-vulnerabilities
|
|
Debian: New serendipity packages fix cross site scripting (Mar 24) |
|
Peter Hüwe and Hanno Böck discovered that Serendipity, a weblog manager, did not properly sanitise input to several scripts which allowed for cross site scriptin advisories/debian/debian-new-serendipity-packages-fix-cross-site-scripting
|
|
Debian: New debian-goodies packages fix privilege escalation (Mar 24) |
|
Thomas de Grenier de Latour discovered that the checkrestart tool in the debian-goodies suite of utilities, allowed local users to gain privileges via shell metacharacters in the name of the executable file for a running process. advisories/debian/debian-new-debian-goodies-packages-fix-privilege-escalation
|
|
Debian: New xwine packages fix several vulnerabilities (Mar 20) |
|
Steve Kemp from the Debian Security Audit project discovered several local vulnerabilities have been discovered in xwine, a graphical user interface for the WINE emulator. advisories/debian/debian-new-xwine-packages-fix-several-vulnerabilities
|
|
Debian: New asterisk packages fix several vulnerabilities (Mar 20) |
|
Tilghman Lesher discovered that database-based registrations are insufficiently validated. This only affects setups, which are configured to run without a password and only host-based authentication. advisories/debian/debian-new-asterisk-packages-fix-several-vulnerabilities-43808
|
|
|
|
Gentoo: MIT Kerberos 5 Multiple vulnerabilities (Mar 24) |
|
Multiple vulnerabilites have been found in MIT Kerberos 5, which could allow a remote unauthenticated user to execute arbitrary code with root privileges.
|
|
Gentoo: ssl-cert eclass Certificate disclosure (Mar 20) |
|
An error in the usage of the ssl-cert eclass within multiple ebuilds might allow for disclosure of generated SSL private keys.
|
|
Gentoo: ssl-cert eclass Certificate disclosure (Mar 20) |
|
An error in the usage of the ssl-cert eclass within multiple ebuilds might allow for disclosure of generated SSL private keys.
|
|
|
|
Mandriva: Updated openssh packages fix X connection (Mar 26) |
|
OpenSSH allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port.
|
|
Mandriva: Updated perl-Tk packages fix GIF processing (Mar 26) |
|
A vulnerability in perl-Tk was found where specially crafted GIF images could crash perl-Tk (an identical issue to that found in php-gd, gd, and SDL_image). The updated packages have been patched to correct this issue.
|
|
Mandriva: Updated wml packages fix symlink vulnerabilities (Mar 26) |
|
Two vulnerabilities were found in the Website META Language (WML) package that allowed local users to overwrite arbitrary files via symlink attacks.
|
|
Mandriva: Updated bzip2 packages fix denial of service (Mar 23) |
|
Bzip2 versions before 1.0.5 are vulnerable to a denial of service attack via malicious compressed data. The updated packages have been patched to prevent the issue.
|
|
Mandriva: Updated audacity package fixes insecure temporary (Mar 20) |
|
Audacity creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. This issue can also be leveraged to delete arbitrary files or directories via a symlink attack. The updated package fixes the issue.
|
|
Mandriva: Updated perl-Net-DNS packages fix DoS (Mar 20) |
|
A vulnerability in the Net::DNS perl module was found that could allow remote attackers to cause a denial of service via a crafted DNS response. The updated packages have been patched to correct this issue.
|
|
Mandriva: Updated kernel packages fix vulnerability (Mar 20) |
|
The Linux kernel prior to 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allowed local users to access kernel memory via an out-of-range offset (CVE-2008-0007).
|
|
|
|
Ubuntu: Ruby vulnerabilities (Mar 26) |
|
Chris Clark discovered that Ruby's HTTPS module did not check for commonName mismatches early enough during SSL negotiation. If a remote attacker were able to perform man-in-the-middle attacks, this flaw could be exploited to view sensitive information in HTTPS requests coming from Ruby applications. (CVE-2007-5162) advisories/ubuntu/ubuntu-ruby-vulnerabilities-97955
|
|
Ubuntu: Dovecot vulnerabilities (Mar 26) |
|
It was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. (CVE-2008-1199) advisories/ubuntu/ubuntu-dovecot-vulnerabilities
|
|
Ubuntu: libnet-dns-perl vulnerability (Mar 26) |
|
It was discovered that Net::DNS did not correctly validate the size of DNS replies. A remote attacker could send a specially crafted DNS response and cause applications using Net::DNS to abort, leading to a denial of service. advisories/ubuntu/ubuntu-libnet-dns-perl-vulnerability
|
|
Ubuntu: SDL_image vulnerabilities (Mar 26) |
|
Michael Skladnikiewicz discovered that SDL_image did not correctly load GIF images. If a user or automated system were tricked into processing a specially crafted GIF, a remote attacker could execute arbitrary code or cause a crash, leading to a denial of service. (CVE-2007-6697) David Raulo discovered that SDL_image did not correctly load ILBM images. If a user or automated system were tricked into processing a specially crafted ILBM, a remote attacker could execute arbitrary code or cause a crash, leading to a denial of service. (CVE-2008-0544) advisories/ubuntu/ubuntu-sdlimage-vulnerabilities
|
|
Ubuntu: Firefox vulnerabilities (Mar 26) |
|
Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. (CVE-2008-0416) advisories/ubuntu/ubuntu-firefox-vulnerabilities-99643
|
|
Ubuntu: bzip2 vulnerability (Mar 24) |
|
It was discovered that bzip2 did not correctly handle certain malformed archives. If a user or automated system were tricked into processing a specially crafted bzip2 archive, applications linked against libbz2 could be made to crash, possibly leading to a denial of service. advisories/ubuntu/ubuntu-bzip2-vulnerability
|
|
Ubuntu: libicu vulnerabilities (Mar 24) |
|
Will Drewry discovered that libicu did not properly handle '\0' when processing regular expressions. If an application linked against libicu processed a crafted regular expression, an attacker could execute arbitrary code with privileges of the user invoking the program. advisories/ubuntu/ubuntu-libicu-vulnerabilities
|
|
Ubuntu: unzip vulnerability (Mar 20) |
|
Tavis Ormandy discovered that unzip did not correctly clean up pointers. If a user or automated service was tricked into processing a specially crafted ZIP archive, a remote attacker could execute arbitrary code with user privileges. advisories/ubuntu/ubuntu-unzip-vulnerability
|
|
Ubuntu: MySQL vulnerabilities (Mar 20) |
|
Masaaki Hirose discovered that MySQL could be made to dereference a NULL pointer. An authenticated user could cause a denial of service (application crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table. This issue only affects Ubuntu 6.06 and 6.10. (CVE-2006-7232) Alexander Nozdrin discovered that MySQL did not restore database access privileges when returning from SQL SECURITY INVOKER stored routines. An authenticated user could exploit this to gain privileges. This issue does not affect Ubuntu 7.10. (CVE-2007-2692) advisories/ubuntu/ubuntu-mysql-vulnerabilities-82610
|
Mar 28, 2008
•
Anthony Pell
PREVIOUS
NEXT
