Security Advisories: Debian, Red Hat, Ubuntu September 2007
Sep 28, 2007
•
Anthony Pell
5 - 9 min read
Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.
In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments.
LinuxSecurity.com Feature Extras:
Review: Ruby by Example - Learning a new language cannot be complete without a few 'real world' examples. 'Hello world!'s and fibonacci sequences are always nice as an introduction to certain aspects of programming, but soon or later you crave something meatier to chew on. 'Ruby by Example: Concepts and Code' by Kevin C. Baird provides a wealth of knowledge via general to specialized examples of the dynamic object oriented programming language, Ruby. Want to build an mp3 playlist processor? How about parse out secret codes from 'Moby Dick'? Read on!
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian: New kdebase packages fix authentication bypass | ||
21st, September, 2007
iKees Huijgen discovered that under certain circumstances KDM, an X session manage for KDE, it is possible for KDM to be tricked into allowing user logins without a password. advisories/debian/debian-new-kdebase-packages-fix-authentication-bypass |
||
| Debian: New fetchmail packages fix denial of service | ||
21st, September, 2007
Matthias Andree discovered that fetchmail, an SSL enabled POP3, APOP and IMAP mail gatherer/forwarder, can under certain circumstances attempt to dereference a NULL pointer and crash. advisories/debian/debian-new-fetchmail-packages-fix-denial-of-service-36645 |
||
| Debian: New fetchmail packages fix denial of service | ||
21st, September, 2007
Matthias Andree discovered that fetchmail, an SSL enabled POP3, APOP and IMAP mail gatherer/forwarder, can under certain circumstances attempt to dereference a NULL pointer and crash. advisories/debian/debian-new-fetchmail-packages-fix-denial-of-service-36645 |
||
| Debian: New file packages fix arbitrary code execution | ||
26th, September, 2007
The Debian 4.0r1 release contains a file package with the same version number as the last security update (4.17-5etch2), potentially overriding it. This security advisory reissues DSA-1343-1 with a higher version number, to ensure that its changes remain in effect. The changes from Debian 4.0r1 (which fix a minor denial of service issue, CVE-2007-2026) are included as well. advisories/debian/debian-new-file-packages-fix-arbitrary-code-execution-21321 |
||
| Debian: New Linux 2.6.18 packages fix several vulnerabilities | ||
27th, September, 2007
Adam Litke reported a potential local denial of service (oops) on powerpc platforms resulting from unchecked VMA expansion into address space reserved for hugetlb pages. advisories/debian/debian-new-linux-2618-packages-fix-several-vulnerabilities-45410 |
||
| Gentoo: rsync Two buffer overflows | ||
20th, September, 2007
Two user-assisted buffer overflow vulnerabilities have been discovered in rsync. |
||
| Gentoo: BEA JRockit Multiple vulnerabilities | ||
23rd, September, 2007
BEA JRockit contains several vulnerabilities, some of which may allow the execution of arbitrary code. An integer overflow vulnerability exists in the embedded ICC profile image parser (CVE-2007-2788), an unspecified vulnerability exists in the font parsing implementation (CVE-2007-4381), and an error exists when processing XSLT stylesheets contained in XSLT Transforms in XML signatures (CVE-2007-3716), among other vulnerabilities. |
||
| Mandriva: Updated openoffice.org packages fix TIFF parser | ||
20th, September, 2007
An integer overflow in the TIFF parser in OpenOffice.org prior to version 2.3 allows remote attackers to execute arbitrary code via a TIFF file with crafted values which triggers the allocation of an incorrect amount of memory which results in a heap-based buffer overflow. Updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated PHP packages fix numerous vulnerabilities | ||
21st, September, 2007
Numerous vulnerabilities were discovered in the PHP scripting language that are corrected with this update. An integer overflow in the substr_compare() function allows context-dependent attackers to read sensitive memory via a large value in the length argument. This only affects PHP5 (CVE-2007-1375). A stack-based buffer overflow in the zip:// URI wrapper in PECL ZIP 1.8.3 and earlier allowes remote attackers to execute arbitrary code via a long zip:// URL. This only affects Corporate Server 4.0 |
||
| Mandriva: Updated postgresql packages prevent access abuse | ||
25th, September, 2007
PostgreSQL 8.1 and probably later and earlier versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1. |
||
| Mandriva: Updated t1lib packages fix vulnerability | ||
27th, September, 2007
A buffer overflow vulnerability was discovered in t1lib due to improper bounds checking. An attacker could send specially crafted input to an application linked against t1lib which could lead to a denial of service or the execution of arbitrary code. Updated packages have been patched to prevent this issue. |
||
| RedHat: Moderate: php security update | ||
20th, September, 2007
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. Various integer overflow flaws were found in the PHP gd extension. A script that could be forced to resize images from an untrusted source could possibly allow a remote attacker to execute arbitrary code as the apache user. advisories/red-hat/redhat-moderate-php-security-update-38610 |
||
| RedHat: Moderate: gimp security update | ||
26th, September, 2007
Updated gimp packages that fix several security issues are now available for Red Hat Enterprise Linux. Multiple integer overflow and input validation flaws were found in The GIMP's image loaders. An attacker could create a carefully crafted image file that could cause The GIMP to crash or possibly execute arbitrary code if the file was opened by a victim. advisories/red-hat/redhat-moderate-gimp-security-update-RHSA-2007-0343-01 |
||
| RedHat: Moderate: tomcat security update | ||
26th, September, 2007
Updated tomcat packages that fix several security issues are now available for Red Hat Enterprise Linux 5. It was reported Tomcat did not properly handle the following character sequence in a cookie: \" (a backslash followed by a double-quote). It was possible remote attackers could use this failure to obtain sensitive information, such as session IDs, for session hijacking attacks. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-tomcat-security-update-58513 |
||
| RedHat: Moderate: php security update | ||
26th, September, 2007
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-php-security-update-38610 |
||
| RedHat: Important: kernel security update | ||
27th, September, 2007
Updated kernel packages that fix a security issue in the Red Hat Enterprise Linux 5 kernel are now available. A flaw was found in the IA32 system call emulation provided on AMD64 and Intel 64 platforms. An improperly validated 64-bit value could be stored in the %RAX register, which could trigger an out-of-bounds system call table access. An untrusted local user could exploit this flaw to run code in the kernel (ie a root privilege escalation). advisories/red-hat/redhat-important-kernel-security-update-85756 |
||
| RedHat: Important: kernel security update | ||
27th, September, 2007
Updated kernel packages that fix a security issue in the Red Hat Enterprise Linux 4 kernel are now available. A flaw was found in the IA32 system call emulation provided on AMD64 and Intel 64 platforms. An improperly validated 64-bit value could be stored in the %RAX register, which could trigger an out-of-bounds system call table access. An untrusted local user could exploit this flaw to run code in the kernel (ie a root privilege escalation). advisories/red-hat/redhat-important-kernel-security-update-85756 |
||
| RedHat: Important: kernel security update | ||
27th, September, 2007
Updated kernel packages that fix a security issue in the Red Hat Enterprise Linux 3 kernel are now available.A flaw was found in ia32 emulation affecting users running 64-bit versions of Red Hat Enterprise Linux on x86_64 architectures. A local user could use this flaw to gain elevated privileges. advisories/red-hat/redhat-important-kernel-security-update-85756 |
||
| Slackware: kdebase, kdelibs | ||
21st, September, 2007
New kdebase packages are available for Slackware 12.0 to fix security issues. A long URL padded with spaces could be used to display a false URL in Konqueror's addressbar, and KDM when used with no-password login could be tricked into logging a different user in without a password. This is not the way KDM is configured in Slackware by default, somewhat mitigating the impact of this issue. |
||
| Ubuntu: xfsdump vulnerability | ||
20th, September, 2007
Paul Martin discovered that xfs_fsr creates a temporary directory with insecure permissions. This allows a local attacker to exploit a race condition in xfs_fsr to read or overwrite arbitrary files on xfs filesystems. advisories/ubuntu/ubuntu-xfsdump-vulnerability |
||
| Ubuntu: kdm vulnerability | ||
24th, September, 2007
It was discovered that KDM would allow logins without password checks under certain circumstances. If autologin was configured, and "shutdown with password" enabled, a local user could exploit the problem and gain root privileges. advisories/ubuntu/ubuntu-kdm-vulnerability |
||
| Ubuntu: Linux kernel vulnerabilities | ||
24th, September, 2007
Evan Teran discovered that the Linux kernel ptrace routines did not correctly handle certain requests robustly. Local attackers could exploit this to crash the system, causing a denial of service. (CVE-2007-3731) advisories/ubuntu/ubuntu-linux-kernel-vulnerabilities-39223 |
||
| Ubuntu: elinks vulnerability | ||
25th, September, 2007
Kalle Olavi Niemitalo discovered that if elinks makes a POST request to an HTTPS URL through a proxy, information may be sent in clear-text between elinks and the proxy. Attackers with access to the network could steal sensitive information (such as passwords). advisories/ubuntu/ubuntu-elinks-vulnerability |
||
| Ubuntu: fetchmail vulnerabilities | ||
25th, September, 2007
Gaetan Leurent discovered a vulnerability in the APOP protocol based on MD5 collisions. As fetchmail supports the APOP protocol, this vulnerability can be used by attackers to discover a portion of the APOP user's authentication credentials. advisories/ubuntu/ubuntu-fetchmail-vulnerabilities |
||
PREVIOUS
NEXT
