LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: October 20th, 2014
Linux Advisory Watch: October 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: May 12th 2006 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributor - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, advisories were released for thunderbird, cgiirc, tiff, rsync, firefox, nagios, xorg-x11, cpio, gzip, gdm, mysql, xine, libtiff, ruby, php, and cyrus. The distributors include Debain, Gentoo, Mandriva, Red Hat, and SuSE.


EnGarde Secure Linux: Why not give it a try?

EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration.

http://www.engardelinux.org/modules/index/register.cgi


OSSEC HIDS v0.8 Available

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows. This is the first version offering native support for Windows (XP/2000/2003). It includes as well a new set of log analysis rules for sendmail, web logs (Apache and IIS), IDSs and Windows authentication events.

The correlation rules for squid, mail logs, firewall events and authentication systems have been improved, now detecting scans, worms and internal attacks.The active-responses were also refined, with support to IPFW (FreeBSD) added.

The installation process was re-organized, now including simpler configuration options and translation to 6 different languages (English, Portuguese, German, Turkish, Polish and Italian).

To download the Unix and Windows versions:
http://www.ossec.net/en/downloads.html

More information:
http://www.ossec.net/en/v08-2006-05-12.html

Use our mailling list if you have questions or comments:
http://www.ossec.net/en/mailing_lists.html


LinuxSecurity.com Feature Extras:

EnGarde Secure Linux v3.0.6 Now Available - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.6 (Version 3.0, Release 6). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, several updated packages, and a couple of new packages available for installation.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Debian
  Debian: New Mozilla Thunderbird packages fix several vulnerabilities
  4th, May, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122674
 
  Debian: New cgiirc packages fix arbitrary code execution
  8th, May, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122704
 
  Debian: New Mozilla packages fix arbitrary code execution
  9th, May, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122714
 
  Debian: New TIFF packages fix denial of service and arbitrary code execution
  9th, May, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122715
 
  Debian: New Mozilla Firefox packages fix arbitrary code execution
  11th, May, 2006

Updated package.

http://www.linuxsecurity.com/content/view/122741
 
   Gentoo
  Gentoo: rsync Potential integer overflow
  6th, May, 2006

An attacker having write access to an rsync module might be able to execute arbitrary code on an rsync server.

http://www.linuxsecurity.com/content/view/122699
 
  Gentoo: Mozilla Firefox Potential remote code execution
  6th, May, 2006

The Mozilla Firefox 1.5 line is vulnerable to a buffer overflow in the JavaScript extension which may in theory lead to remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122700
 
  Gentoo: Nagios Buffer overflow
  7th, May, 2006

Nagios is vulnerable to a buffer overflow which may lead to remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/122701
 
   Mandriva
  Mandriva: Updated xorg-x11 packages fix vulnerability
  5th, May, 2006

A problem was discovered in xorg-x11 where the X render extension would mis-calculate the size of a buffer, leading to an overflow that could possibly be exploited by clients of the X server.

http://www.linuxsecurity.com/content/view/122687
 
  Mandriva: Updated cpio package fixes symlink bug in passthrough mode
  9th, May, 2006

When using cpio in passthrough mode (i.e.: find dira|cpio -pdmv dirb) symbolic links are replaced with the actual files or directories they point to. Updated packages have been rebuilt with the correct CPPFLAGS to correct this issue.

http://www.linuxsecurity.com/content/view/122723
 
  Mandriva: Updated gzip packages fix bug with zgrep passing options to grep
  9th, May, 2006

The zgrep wrapper script does not correctly pass all available options that grep accepts to the grep binary. Updated packages have been patched to correct this issue.

http://www.linuxsecurity.com/content/view/122730
 
  Mandriva: Updated gdm package fixes symlink attack vulnerability
  10th, May, 2006

A race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. Packages have been patched to correct this issue.

http://www.linuxsecurity.com/content/view/122731
 
  Mandriva: Updated MySQL packages fix several vulnerabilities
  10th, May, 2006

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. (CVE-2006-1516) sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. (CVE-2006-1517) Updated packages have been patched to correct these issues.

http://www.linuxsecurity.com/content/view/122738
 
  Mandriva: Updated xine-ui packages fix format string vulnerabilities
  10th, May, 2006

Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file. Packages have been patched to correct this issue.

http://www.linuxsecurity.com/content/view/122740
 
   Red Hat
  RedHat: Important: xorg-x11 security update
  4th, May, 2006

Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/122679
 
  RedHat: Important: libtiff security update
  9th, May, 2006

Updated libtiff packages that fix several security flaws are now availabl for Red Hat Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/122717
 
  RedHat: Moderate: ruby security update
  9th, May, 2006

Updated ruby packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/122719
 
   SuSE
  SuSE: php4,php5 various security problems
  5th, May, 2006

This update fixes the following security issues in the scripting languages PHP4 and PHP5:

- copy() and tempnam() functions could bypass open_basedir restrictions (CVE-2006-1494)
- Cross-Site-Scripting (XSS) bug in phpinfo() (CVE-2006-0996)
- mb_send_mail() lacked safe_mode checks (CVE-2006-1014, CVE-2006-1015)
- html_entity_decode() could expose memory content (CVE-2006-1490)

http://www.linuxsecurity.com/content/view/122692
 
  SuSE: cyrus-sasl-digestmd5 denial of
  5th, May, 2006

If a server or client is using DIGEST-MD5 authentication via the cyrus-sasl libraries it is possible to cause a denial of service attack against the other side (client or server) by leaving out the "realm=" header in the authentication. This is tracked by the Mitre CVE ID CVE-2006-1721.

http://www.linuxsecurity.com/content/view/122693
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
USB is now UEC (use with extreme caution)
iPhone Encryption and the Return of the Crypto Wars
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.