Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Advisory Watch: February 10th 2006
Source: LinuxSecurity.com Contributor - Posted by Benjamin D. Thomas
This week advisories were released for mydns, gnocatan, ipsec-tools, adzapper,
mozilla, firefox, audit, unzip, Fedora kernel, GPdf, libextractor, LibAST, gallery,
ADOdb, apache, poppler, kdegraphics, xpdf, openoffice, openssh php, and groff.
The distributors include Debian, Fedora, Gentoo, Mandriva, and Red Hat.
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
Guardian Digital is happy to announce the release of EnGarde Secure Community
3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and
feature enhancements to the Guardian Digital WebTool and the SELinux policy,
and several new packages available for installation.
The following reported bugs from bugs.engardelinux.org are fixed in this release:
#0000048 The WebTool 'named' module does not check for duplicate zones
#0000047 Nagios localhost ping test bug
#0000045 SSH cannot create /root/.ssh directory as sysadm_r
#0000042 Postfix-2.2.7's broken firewall workaround has problems - ...
#0000041 Apache cannot talk to the MySQL socket.
#0000039 Unable to mount /home at boot in EnGarde 3.0.3
#0000038 Webtool automatically sets SELinux to Enforcing, even if ...
#0000037 Support for PgSQL via WebTool
#0000036 UPS - fails to work with selinux enabled
#0000035 "postfix reload" fails when run by sysadm_r with selinux ...
#0000034 tcpdump fails with selinux enabled
Several other bugs are fixed in this release as well.
New features include:
A new GDSN Package Management Interface in the Guardian Digital WebTool
which allows you to easily browse and install packages from the EnGarde Secure
Linux package archives.
A new Spanish (Español) translation of the Guardian Digital WebTool, courtesy
of Joe Rodiguez Jr. To use this translation go into to the WebTool Configuration
module, click on your username (normally 'admin'), and select Español from
the drop-down.
New Guardian Digital WebTool modules for DHCP and UPS services. The DHCP
(Dynamic Host Configuration Protocol) module allows you to run a DHCP server
on your EnGarde Secure Linux machine. The UPS (Uninterruptible Power Supply)
module allows you to configure and monitor a UPS connected to your EnGarde
Secure Linux machine and to act as a server for other machines connected to
the same UPS.
The latest stable versions of MySQL (5.0.18), fetchmail (6.3.2), iptables
(1.3.5), mrtg (2.13.1), nmap (4.00), openssh (4.3p1), php (4.4.2), and postfix
(2.2.8).
Several new installable packages such as amavisd-new (2.3.3), clamav (0.88),
nagios (1.3), nagios-plugins (1.4.2), nrpe (2.0), postgresql (8.1.1), spamassassin,
and many, many new Perl modules.
We're also happy to announce the availability of the following HOWTOs:
Installing Joomla! on EnGarde Secure Linux HOWTO
Installing PHPMyAdmin on EnGarde Secure Linux HOWTO
Installing PHP Applications on EnGarde Secure Linux HOWTO
Installing SpamAssassin, ClamAV and Amavisd-new on EnGarde HOWTO
Installing Squirrelmail on EnGarde Secure Linux HOWTO
All new users downloading EnGarde Secure Linux for the first time or users who use the LiveCD environment should download this release.
Users who are currently using EnGarde Secure Linux do not need to download this release -- they can update their machines via the Guardian Digital Secure Network WebTool module.
EnGarde
Secure Community 3.0.3 Released - Guardian Digital is happy to announce
the release of EnGarde Secure Community 3.0.3 (Version 3.0, Release 3). This
release includes several bug fixes and feature enhancements to the Guardian
Digital WebTool, the SELinux policy, and the LiveCD environment.
Linux File
& Directory Permissions Mistakes - One common mistake Linux administrators
make is having file and directory permissions that are far too liberal and
allow access beyond that which is needed for proper system operations. A full
explanation of unix file permissions is beyond the scope of this article,
so I'll assume you are familiar with the usage of such tools as chmod, chown,
and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction:
Buffer Overflow Vulnerabilities - Buffer overflows are a leading type
of security vulnerability. This paper explains what a buffer overflow is,
how it can be exploited, and what countermeasures can be taken to prevent
the use of buffer overflow vulnerabilities.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Debian: New gnocatan packages fix denial
of service
3rd, February, 2006
A problem has been discovered in gnocatan, the computer version
of the settlers of Catan boardgame, that can lead the server an other
clients to exit via an assert, and hence does not permit the execution
of arbitrary code.
http://www.linuxsecurity.com/content/view/121506
Debian: New ipsec-tools packages fix
denial of service
Mozilla is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor. Igor Bukanov discovered a bug
in the way Mozilla's JavaScript interpreter dereferences objects. If a
user visits a malicious web page, Mozilla could crash or execute arbitrary
code as the user running Mozilla. The Common Vulnerabilities and Exposures
project assigned the name CVE-2006-0292 to this issue. moz_bug_r_a4 discovered
a bug in Mozilla's XULDocument.persist() function. A malicious web page
could inject arbitrary RDF data into a user's localstore.rdf file, which
can cause Mozilla to execute arbitrary JavaScript when a user runs Mozilla.
(CVE-2006-0296) A denial of service bug was found in the way Mozilla saves
history information. If a user visits a web page with a very long title,
it is possible Mozilla will crash or take a very long time to start the
next time it is run. (CVE-2005-4134)
http://www.linuxsecurity.com/content/view/121496
Fedora Core 4 Update: firefox-1.0.7-1.2.fc4
2nd, February, 2006
Mozilla Firefox is an open source Web browser. Igor Bukanov
discovered a bug in the way Firefox's JavaScript interpreter dereferences
objects. If a user visits a malicious web page, Firefox could crash or
execute arbitrary code as the user running Firefox. The Common Vulnerabilities
and Exposures project assigned the name CVE-2006-0292 to this issue. moz_bug_r_a4
discovered a bug in Firefox's XULDocument.persist() function. A malicious
web page could inject arbitrary RDF data into a user's localstore.rdf
file, which can cause Firefox to execute arbitrary JavaScript when a user
runs Firefox. (CVE-2006-0296) A denial of service bug was found in the
way Firefox saves history information. If a user visits a web page with
a very long title, it is possible Firefox will crash or take a very long
time to start the next time it is run. (CVE-2005-4134)
http://www.linuxsecurity.com/content/view/121497
This update fixes a remotely exploitable denial of service attack
in the icmp networking code (CVE-2006-0454). An information leak has also
been fixed (CVE-2006-0095), and some debugging patches that had accidentally
been left applied in the previous update have been removed, restoring
the functionality of the 'quiet' argument.
Buffer overflow in Library of Assorted Spiffy Things (LibAST)
0.6.1 and earlier, as used in Eterm and possibly other software, allows
local users to execute arbitrary code as the utmp user via a long -X argument.
The updated packages have been patched to correct this issue.
http://www.linuxsecurity.com/content/view/121491
Heap-based buffer overflow in Splash.cc in xpdf allows attackers
to cause a denial of service and possibly execute arbitrary code via crafted
splash images that produce certain values that exceed the width or height
of the associated bitmap. Poppler uses a copy of the xpdf code and as
such has the same issues. The updated packages have been patched to correct
this issue.
http://www.linuxsecurity.com/content/view/121492
Heap-based buffer overflow in Splash.cc in xpdf allows attackers
to cause a denial of service and possibly execute arbitrary code via crafted
splash images that produce certain values that exceed the width or height
of the associated bitmap. Kdegraphics-kpdf uses a copy of the xpdf code
and as such has the same issues. The updated packages have been patched
to correct this issue.
http://www.linuxsecurity.com/content/view/121493
Heap-based buffer overflow in Splash.cc in xpdf allows attackers
to cause a denial of service and possibly execute arbitrary code via crafted
splash images that produce certain values that exceed the width or height
of the associated bitmap. The updated packages have been patched to correct
this issue.
http://www.linuxsecurity.com/content/view/121494
Mandriva: Updated OpenOffice.org packages
fix issue with disabled hyperlinks
2nd, February, 2006
OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled,
does not prevent the user from clicking the WWW-browser button in the
Hyperlink dialog, which makes it easier for attackers to trick the user
into bypassing intended security settings. Updated packages are patched
to address this issue.
http://www.linuxsecurity.com/content/view/121495
A flaw was discovered in the scp local-to-local copy implementation
where filenames that contain shell metacharacters or spaces are expanded
twice, which could lead to the execution of arbitrary commands if a local
user could be tricked into a scp'ing a specially crafted filename.
http://www.linuxsecurity.com/content/view/121550
Mandriva: Updated php packages fix vulnerability
7th, February, 2006
A flaw in the PHP gd extension in versions prior to 4.4.1 could
allow a remote attacker to bypass safe_mode and open_basedir restrictions
via unknown attack vectors. The updated packages have been patched to
correct this issue.
http://www.linuxsecurity.com/content/view/121562
Mandriva: Updated mozilla packages to
address DoS vulnerability
7th, February, 2006
Mozilla and Mozilla Firefox allow remote attackers to cause
a denial of service (CPU consumption and delayed application startup)
via a web site with a large title, which is recorded in history.dat but
not processed efficiently during startup. (CVE-2005-4134) The Javascript
interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not
properly dereference objects, which allows remote attackers to cause a
denial of service (crash) or execute arbitrary code via unknown attack
vectors related to garbage collection.
http://www.linuxsecurity.com/content/view/121563
Mandriva: Updated mozilla-firefox packages
to address DoS vulnerability
7th, February, 2006
Mozilla and Mozilla Firefox allow remote attackers to cause
a denial of service (CPU consumption and delayed application startup)
via a web site with a large title, which is recorded in history.dat but
not processed efficiently during startup.
http://www.linuxsecurity.com/content/view/121564
The Trustix Secure Linux team discovered a vulnerability in
the groffer utility, part of the groff package. It created a temporary
directory in an insecure way which allowed for the exploitation of a race
condition to create or overwrite files the privileges of the user invoking
groffer.
http://www.linuxsecurity.com/content/view/121572
Red
Hat
RedHat: Critical: mozilla security update
2nd, February, 2006
Updated mozilla packages that fix several security bugs are
now available. This update has been rated as having critical security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/121482
RedHat: Critical: firefox security update
2nd, February, 2006
An updated firefox package that fixes several security bugs
is now available. This update has been rated as having critical security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/121483
Only registered users can write comments. Please login or register.
