Debian, RedHat, Gentoo, Ubuntu Security Updates: Buffer Overflows and More
Sep 21, 2007
•
Anthony Pell
4 - 8 min read
Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.
In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments.
LinuxSecurity.com Feature Extras:
Review: Ruby by Example - Learning a new language cannot be complete without a few 'real world' examples. 'Hello world!'s and fibonacci sequences are always nice as an introduction to certain aspects of programming, but soon or later you crave something meatier to chew on. 'Ruby by Example: Concepts and Code' by Kevin C. Baird provides a wealth of knowledge via general to specialized examples of the dynamic object oriented programming language, Ruby. Want to build an mp3 playlist processor? How about parse out secret codes from 'Moby Dick'? Read on!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian: New OpenOffice.org packages fix arbitrary code execution | ||
17th, September, 2007
A heap overflow vulnerability has been discovered in the TIFF parsing code of the OpenOffice.org suite. The parser uses untrusted values from the TIFF file to calculate the number of bytes of memory to allocate. A specially crafted TIFF image could trigger an integer overflow and subsequently a buffer overflow that could cause the execution of arbitrary code. advisories/debian/debian-new-openofficeorg-packages-fix-arbitrary-code-execution-79391 |
||
| Debian: New vim packages fix several vulnerabilities | ||
19th, September, 2007
Editors often provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened. Harmful commands are filtered by a sandbox mechanism. It was discovered that function calls to writefile(), feedkeys() and system() were not filtered, allowing shell command execution with a carefully crafted file opened in vim. advisories/debian/debian-new-vim-packages-fix-several-vulnerabilities-28252 |
||
| Gentoo: RealPlayer Buffer overflow | ||
14th, September, 2007
RealPlayer is vulnerable to a buffer overflow allowing for execution of arbitrary code. A stack-based buffer overflow vulnerability has been reported in the SmilTimeValue::parseWallClockValue() function in smlprstime.cpp when handling HH:mm:ss.f type time formats. |
||
| Gentoo: flac123 Buffer overflow | ||
14th, September, 2007
flac123 is affected by a buffer overflow vulnerability, which could allow for the execution of arbitrary code.An attacker could entice a user to play a specially crafted audio file, which could lead to the execution of arbitrary code with the privileges of the user running the application. |
||
| Gentoo: Eggdrop Buffer overflow | ||
15th, September, 2007
A remote stack-based buffer overflow has been discovered in Eggdrop. |
||
| Gentoo: id3lib Insecure temporary file creation | ||
15th, September, 2007
A vulnerability has been discovered in id3lib allowing local users to overwrite arbitrary files via a symlink attack. |
||
| Gentoo: GNU Tar Directory traversal vulnerability | ||
15th, September, 2007
A directory traversal vulnerability has been discovered in GNU Tar. |
||
| Gentoo: MIT Kerberos 5 Multiple | ||
17th, September, 2007
Two vulnerabilities have been found in MIT Kerberos 5, which could allow a remote unauthenticated user to execute arbitrary code with root privileges. |
||
| Gentoo: PhpWiki Authentication bypass | ||
18th, September, 2007
A vulnerability has been discovered in PhpWiki authentication mechanism. |
||
| Gentoo: GDM Local Denial of Service | ||
18th, September, 2007
A local user could send a crafted message to /tmp/.gdm_socket that would trigger the null pointer dereference and crash GDM, thus preventing it from managing future displays. |
||
| Gentoo: Poppler Two buffer overflow vulnerabilities | ||
19th, September, 2007
Poppler is vulnerable to an integer overflow and a stack overflow. |
||
| Mandriva: Updated qt3/qt4 packages fix vulnerability | ||
14th, September, 2007
A buffer overflow was found in how Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or potentially allow for the execution of arbitrary code. Updated packages have been patched to prevent this issue. Although the problem is not exploitable in Qt4, patched packages have been issued regardless. |
||
| Mandriva: Updated cacti packages fix vulnerability | ||
17th, September, 2007
A vulnerability in Cacti 0.8.6i and earlier versions allows remote authenticated users to cause a denial of service (CPU consumption) via large values of the graph_start, graph_end, graph_height, or graph_width parameters. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated avahi packages fix vulnerability | ||
17th, September, 2007
The Avahi daemon in 0.6.20 and previous allows attackers to cause a denial of service via empty TXT data over D-Bus, which triggers an assert error. Updated packages have been patched to prevent this issue. |
||
| RedHat: Important: openoffice.org security update | ||
18th, September, 2007
Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. A heap overflow flaw was found in the TIFF parser. An attacker could create a carefully crafted document containing a malicious TIFF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if opened by a victim. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-openofficeorg-security-update-69768 |
||
| RedHat: Important: libvorbis security update | ||
19th, September, 2007
Several flaws were found in the way libvorbis processed audio data. An attacker could create a carefully crafted OGG audio file in such a way that it could cause an application linked with libvorbis to crash or execute arbitrary code when it was opened. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-libvorbis-security-update-323 |
||
| RedHat: Moderate: xorg-x11 security update | ||
19th, September, 2007
A flaw was found in the way X.Org's composite extension handles 32 bit color depth windows while running in 16 bit color depth mode. If an X.org server has enabled the composite extension, it may be possible for a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-xorg-x11-security-update-RHSA-2007-0519-01 |
||
| RedHat: Important: nfs-utils-lib security update | ||
19th, September, 2007
An updated nfs-utils-lib package to correct a security flaw is now available for Red Hat Enterprise Linux 4. Tenable Network Security discovered a stack buffer overflow flaw in the RPC library used by nfs-utils-lib. A remote unauthenticated attacker who can access an application linked against nfs-utils-lib could trigger this flaw and cause the application to crash This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-nfs-utils-lib-security-update-56402 |
||
| RedHat: Moderate: php security update | ||
20th, September, 2007
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. Various integer overflow flaws were found in the PHP gd extension. A script that could be forced to resize images from an untrusted source could possibly allow a remote attacker to execute arbitrary code as the apache user. advisories/red-hat/redhat-moderate-php-security-update-38610 |
||
| Ubuntu: Quagga vulnerability | ||
15th, September, 2007
It was discovered that Quagga did not correctly verify OPEN messages or COMMUNITY attributes sent from configured peers. Malicious authenticated remote peers could send a specially crafted message which would cause bgpd to abort, leading to a denial of service. advisories/ubuntu/ubuntu-quagga-vulnerability |
||
| Ubuntu: Qt vulnerability | ||
18th, September, 2007
Dirk Mueller discovered that UTF8 strings could be made to cause a small buffer overflow. A remote attacker could exploit this by sending specially crafted strings to applications that use the Qt3 library for UTF8 processing, potentially leading to arbitrary code execution with user privileges, or a denial of service. advisories/ubuntu/ubuntu-qt-vulnerability-40968 |
||
| Ubuntu: X.org vulnerability | ||
18th, September, 2007
Aaron Plattner discovered that the Composite extension did not correctly calculate the size of buffers when copying between different bit depths. An authenticated user could exploit this to execute arbitrary code with root privileges. advisories/ubuntu/ubuntu-xorg-vulnerability |
||
| Ubuntu: t1lib vulnerability | ||
19th, September, 2007
It was discovered that t1lib does not properly perform bounds checking which can result in a buffer overflow vulnerability. An attacker could send specially crafted input to applications linked against t1lib which could result in a DoS or arbitrary code execution. advisories/ubuntu/ubuntu-t1lib-vulnerability |
||
PREVIOUS
NEXT
