Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
EnGarde Secure Linux v3.0.10 Now Available
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.10 (Version 3.0, Release 10). This release includes several bug fixes and feature enhancements to Guardian Digital WebTool and the SELinux policy, several updated packages, and several new features.
EnGarde Secure Community is a secure distribution of Linux engineered from the ground-up to provide organizations with the level of security required to create a corporate Web presence or even conduct e-business on the Web. It can be used as a Web, DNS, e-mail, database, e-commerce, and general Internet server where security is a primary concern.
- Guardian Digital WebTool help system. All of the existing WebTool modules
now have help -- just roll your mouse pointer over any help-enabled field
for assistance. Special thanks to Ankit Patel and Eric Lubow for all their
hard work writing the help text.
- Guardian Digital WebTool SELinux Control Console. This new WebTool module
gives you greater control over the SELinux subsystem of EnGarde Secure Linux.
With it you may monitor the audit logs, toggle enforcing mode and booleans,
download the policy to your local computer, and trigger a relabel of the filesystems.
- A new SELinux policy boolean: httpd_script_remote. This boolean was added
in response to bug #0000093 and grants PHP and CGI scripts to external websites
(such as RSS feeds).
- Major upgrades of apache (from 2.0.59 to 2.2.3), postfix (2.2.11 to 2.3.3),
and snort (2.4.5 to 2.6.0.2).
- The latest stable versions of MySQL (5.0.27), aide (0.12), asterisk (1.2.13),
libapache-mod_mono (1.1.18), mod_perl (2.0.2), postgresql (8.1.5), and zaptel
(1.2.10).
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian: New libpam-ldap packages fix access control bypass | ||
2nd, November, 2006
Updated package. advisories/debian/debian-new-libpam-ldap-packages-fix-access-control-bypass |
||
| Debian: New ingo1 packages fix arbitrary shell command execution | ||
2nd, November, 2006
Updated package. advisories/debian/debian-new-ingo1-packages-fix-arbitrary-shell-command-execution |
||
| Debian: New thttpd packages fix insecure temporary file creation | ||
3rd, November, 2006
Marco d'Itri discovered that thttpd, a small, fast and secure webserver, makes use of insecure temporary files when its logfiles are rotated, which might lead to a denial of service through a symlink attack. advisories/debian/debian-new-thttpd-packages-fix-insecure-temporary-file-creation-98706 |
||
| Debian: New php4 packages fix several vulnerabilities | ||
6th, November, 2006
Updated package. advisories/debian/debian-new-php4-packages-fix-several-vulnerabilities-67618 |
||
| Debian: New phpmyadmin packages fix several vulnerabilities | ||
9th, November, 2006
The following CVEIDs are addressed: CVE-2006-1678 CVE-2006-2418 CVE-2005-3621 CVE-2005-3665 CVE-2006-5116 advisories/debian/debian-new-phpmyadmin-packages-fix-several-vulnerabilities-72435 |
||
| EnGarde Secure Community Release Notes 3.0.10 | ||
7th, November, 2006
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.10 |
||
| Fedora Core 5 Update: firefox-1.5.0.8-1.fc5 | ||
9th, November, 2006
Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processes certain malformed Javascript code. A malicious web page could cause the execution of Javascript code in such a way that could cause Firefox to crash or execute arbitrary code as the user running Firefox. (CVE-2006-5463, CVE-2006-5747, CVE-2006-5748) Several flaws were found in the way Firefox renders web pages. A malicious web page could cause the browser to crash or possibly execute arbitrary code as the user running Firefox. (CVE-2006-5464) Users of Firefox are advised to upgrade to this update, which contains Firefox version 1.5.0.8 that corrects these issues. advisories/fedora/fedora-core-5-update-firefox-1508-1fc5-12-16-00-125654 |
||
| Fedora Extras [3 4 5 6 devel] / 1.2.1-2 [FE 3 4], 1.3.0-3 [FE 5 6 devel] | ||
9th, November, 2006
CVE IDs: CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809 M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user's privileges. Fedora Extras versions earlier then the versions mentioned above are vulnerable to this problem, upgrade to fix this vulnerability. advisories/fedora/fedora-extras-3-4-5-6-devel-121-2-fe-3-4-130-3-fe-5-6-devel-12-16-00-125656 |
||
| Gentoo: Screen UTF-8 character handling vulnerability | ||
3rd, November, 2006
Screen contains an error in its UTF-8 character handling code that would allow a remote Denial of Service or possibly the remote execution of arbitrary code. |
||
| Gentoo: Qt Integer overflow | ||
6th, November, 2006
An integer overflow flaw in the Qt pixmap handling could possibly lead to a Denial of Service or the remote execution of arbitrary code. |
||
| Gentoo: NVIDIA binary graphics driver Privilege escalation vulnerability | ||
7th, November, 2006
The NVIDIA binary graphics driver is vulnerable to a local privilege escalation through an X session. |
||
| Mandriva: Updated php packages to address buffer overflow issue | ||
3rd, November, 2006
The Hardened-PHP Project discovered buffer overflows in htmlentities/htmlspecialchars internal routines to the PHP Project. Of course the whole purpose of these functions is to be filled with user input. (The overflow can only be when UTF-8 is used) In addition, selected patches backported from php cvs that address other issues that may or may not have security implications have been applied to this release. Updated packages have been patched to correct these issues. Users must restart Apache for the changes to take effect. |
||
| Mandriva: Updated wireshark packages fix multiple vulnerabilities | ||
3rd, November, 2006
Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart dissectors were discovered in versions of wireshark less than 0.99.4, as well as various other bugs. This updated provides wireshark 0.99.4 which is not vulnerable to these issues. |
||
| Mandriva: Updated kernel packages fix multiple vulnerabilities and bugs | ||
3rd, November, 2006
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. |
||
| Mandriva: Updated imlib2 packages fix several vulnerabilities | ||
6th, November, 2006
M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. |
||
| Mandriva: Updated libx11 packages fix file descriptor leak vulnerability | ||
6th, November, 2006
The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor. |
||
| Mandriva: Updated rpm packages fix vulnerability | ||
7th, November, 2006
A heap-based buffer overflow was discovered in librpm when the LANG or LC_ALL environment variable is set to ru_RU.UTF-8 (and possibly other locales), which could allow for ser-assisted attackers to execute arbitrary code via crafted RPM packages. |
||
| Mandriva: Updated jabber package fix SSL support issue | ||
7th, November, 2006
The OpenSSL library was not properly initialized in the jabber SSL support code, which prevented SSL support for incoming client connections on the jabber server. This update corrects this issue. |
||
| Mandriva: Updated pam_ldap packages fix PasswordPolicyReponse coding error | ||
7th, November, 2006
Pam_ldap does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. This might lead to an attacker being able to login into a suspended system account. |
||
| Mandriva: Updated imlib2 packages fix several vulnerabilities | ||
7th, November, 2006
M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. |
||
| Mandriva: Updated wv packages fix vulnerabilities | ||
7th, November, 2006
Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord?, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function. |
||
| Mandriva: Updated openssh packages fix vulnerability | ||
8th, November, 2006
A vulnerability in the privilege separation functionality in OpenSSH was discovered, caused by an incorrect checking for bad signatures in sshd's privsep monitor. As a result, the monitor and the unprivileged process can get out sync. The OpenSSH team indicated that this bug is not known to be exploitable in the abence of additional vulnerabilities. |
||
| Mandriva: Updated texinfo packages fix vulnerability | ||
8th, November, 2006
Miloslav Trmac discovered a buffer overflow in texinfo. This issue can cause texi2dvi or texindex to crash when processing a carefully crafted file. Updated packages have been patched to correct this issue. |
||
| RedHat: Important: php security update | ||
6th, November, 2006
Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-php-security-update-98171 |
||
| RedHat: Critical: firefox security update | ||
8th, November, 2006
Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-firefox-security-update-38591 |
||
| RedHat: Critical: seamonkey security update | ||
8th, November, 2006
Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-seamonkey-security-update-3241 |
||
| RedHat: Critical: thunderbird security update | ||
8th, November, 2006
Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-thunderbird-security-update-41360 |
||
| RedHat: Moderate: texinfo security update | ||
8th, November, 2006
New Texinfo packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-texinfo-security-update-RHSA-2006-0727-01 |
||
| RedHat: Moderate: ruby security update | ||
8th, November, 2006
Updated ruby packages that fix a denial of service issue for the CGI instance are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-ruby-security-update-81302 |
||
| RedHat: Moderate: wireshark security update | ||
9th, November, 2006
New Wireshark packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-wireshark-security-update-RHSA-2008-0890-01 |
||
| Slackware: screen | ||
4th, November, 2006
New screen packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database. |
||
| Slackware: php | ||
4th, November, 2006
New php packages are available for Slackware 10.2 and 11.0 to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database. |
||
| Slackware: bind | ||
7th, November, 2006
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. The minimum OpenSSL version was raised to OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws in older versions (these patches were already issued for Slackware). If you have not upgraded yet, get those as well to prevent a potentially exploitable security problem in named. |
||
| Ubuntu: PHP vulnerability | ||
2nd, November, 2006
Stefan Esser discovered two buffer overflows in the htmlentities() and htmlspecialchars() functions. By supplying specially crafted input to PHP applications which process that input with these functions, a remote attacker could potentially exploit this to execute arbitrary code with the privileges of the application. (CVE-2006-5465) This update also fixes bugs in the chdir() and tempnam() functions, which did not perform proper open_basedir checks. This could allow local scripts to bypass intended restrictions. advisories/ubuntu/ubuntu-php-vulnerability |
||
| Ubuntu: imlib2 vulnerabilities | ||
3rd, November, 2006
M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-imlib2-vulnerabilities |
||
| Ubuntu: NVIDIA vulnerability | ||
3rd, November, 2006
Derek Abdine discovered that the NVIDIA Xorg driver did not correctly verify the size of buffers used to render text glyphs. When displaying very long strings of text, the Xorg server would crash. If a user were tricked into viewing a specially crafted series of glyphs, this flaw could be exploited to run arbitrary code with root privileges. advisories/ubuntu/ubuntu-nvidia-vulnerability |
||
| Ubuntu: RPM vulnerability | ||
3rd, November, 2006
An error was found in the RPM library's handling of query reports. In some locales, certain RPM packages would cause the library to crash. If a user was tricked into querying a specially crafted RPM package, the flaw could be exploited to execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-rpm-vulnerability |
||
| Ubuntu: imlib2 regression fix | ||
6th, November, 2006
USN-376-1 provided an update to imlib2 to fix several security vulnerabilities. Unfortunately the update broke JPG file handling in certain situations. This update corrects this problem. We apologize for the inconvenience. advisories/ubuntu/ubuntu-imlib2-regression-fix |
||
| Ubuntu: texinfo vulnerability | ||
9th, November, 2006
Miloslav Trmac discovered a buffer overflow in texinfo's index processor. If a user is tricked into processing a .texi file with texindex, this could lead to arbitrary code execution with user privileges. advisories/ubuntu/ubuntu-texinfo-vulnerability |
||
