Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
RFID with Bio-Smart Card in Linux
In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
The RF Smart Card and card reader/writer were developed to handle payment transaction for public transportation systems. These contact less cards have security features, such as encrypted RF transmission mutual authentication, and security keys. The RF smart card has up to 16 separate sectors, which can be configured as purses or for general data storage. The first sector is typically used as a directory for the rest of the card, leaving 15 segments available for data or purses.
Each sector has two keys, called the A and B keys, allowing different access privileges to that sector. These key pairs can be designated as read and read/write, or decrement and increment/decrement .For example this would allow turnstile readers with the A key to only deduct value from a card sector, while smart card readers with the B keys could either add or subtract value .The card also has a 32-bit unique random number, which is permanently encoded into each chip by the chip manufacturer. Public key infrastructure (PKI) based systems are used to construct a secure system that can achieve secure access conditions. They are consequently being used to carry keys and store personal information in applications such student identification systems.
features/features/rfid-with-bio-smart-card-in-linux
The Community edition of EnGarde Secure Linux is completely free and open source. Updates are also freely available when you register with the Guardian Digital Secure Network.
Guardian Digital Makes Email Safe For Business - Microsoft 365, Goo....
LinuxSecurity.com Feature Extras:
- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.8 (Version 3.0, Release 8). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool, several updated packages, and several new packages available for installation.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New Mozilla packages fix several vulnerabilities | ||
| 15th, September, 2006
The latest security updates of Mozilla introduced a regression that led to a disfunctional attachment panel which warrants a correction to fix this issue. For reference please find below the original advisory text: CVE-2006-2779 CVE-2006-3805 CVE-2006-3806 CVE-2006-3807 CVE-2006-3808 CVE-2006-3809 CVE-2006-3810 advisories/debian/debian-new-mozilla-packages-fix-several-vulnerabilities-49307 |
||
| Debian: New usermin packages fix denial of service | ||
| 15th, September, 2006
Updated package. advisories/debian/debian-new-usermin-packages-fix-denial-of-service |
||
| Debian: New bomberclone packages fix several vulnerabilities | ||
| 19th, September, 2006
Luigi Auriemma discovered two security related bugs in bomberclone, a free Bomberman clone. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-4005 CVE-2006-4006 advisories/debian/debian-new-bomberclone-packages-fix-several-vulnerabilities |
||
| Debian: New freetype packages fix execution of arbitrary code | ||
| 16th, September, 2006
Updated package. advisories/debian/debian-new-freetype-packages-fix-execution-of-arbitrary-code |
||
| Debian: New alsaplayer packages fix denial of service | ||
| 19th, September, 2006
Updated package. advisories/debian/debian-new-alsaplayer-packages-fix-denial-of-service |
||
| Debian: New gzip packages fix arbitrary code execution | ||
| 19th, September, 2006
Updated package. advisories/debian/debian-new-gzip-packages-fix-arbitrary-code-execution |
||
| Gentoo | ||
| Gentoo: DokuWiki Arbitrary command execution | ||
| 14th, September, 2006
Vulnerabilities in some accessory scripts of DokuWiki allow remote code execution. |
||
| Gentoo: BIND Denial of Service | ||
| 15th, September, 2006
ISC BIND contains two vulnerabilities allowing a Denial of Service under certain conditions. |
||
| Gentoo: Mailman Multiple vulnerabilities | ||
| 19th, September, 2006
Mailman has multiple vulnerable that can result in Denial of Service, log file injection and XSS. |
||
| Mandriva | ||
| Mandriva: Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities | ||
| 15th, September, 2006
Local exploitation of an integer overflow vulnerability in the 'CIDAFM()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3739). Local exploitation of an integer overflow vulnerability in the 'scan_cidfont()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3740). Updated packages are patched to address this issue. |
||
| Mandriva: Updated ipsec-tools to address various issues | ||
| 15th, September, 2006
IPsec-Tools[1] is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation. This update fixes a few issues and introduces new functionalities to the package provided for Mandriva 2006 users. It is recommended that users of ipsec-tools upgrade their packages. After the upgrade, the services will be restarted automatically if needed. |
||
| Mandriva: Updated mailman packages fix multiple vulnerabilities | ||
| 18th, September, 2006
A flaw was discovered in how Mailman handles MIME multipart messages where an attacker could send a carefully-crafted MIME multipart message to a Mailman-run mailing list causing that mailing list to stop working (CVE-2006-2941). |
||
| Mandriva: Updated gnutls packages fixes PKCS signature verification issue. | ||
| 20th, September, 2006
verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339. The provided packages have been patched to correct this issues. |
||
| Mandriva: Updated gzip packages fix multiple vulnerabilities | ||
| 20th, September, 2006
The following CVE IDs have been addressed by this update: CVE-2006-4334 CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 CVE-2006-4338 |
||
| Mandriva: Updated Firefox packages fix multiple vulnerabilities | ||
| 21st, September, 2006
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.7. This update provides the latest Firefox to correct these issues. |
||
| Red Hat | ||
| RedHat: Important: gnutls security update | ||
| 14th, September, 2006
Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-gnutls-security-update-74087 |
||
| RedHat: Critical: firefox security update | ||
| 15th, September, 2006
Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-firefox-security-update-38591 |
||
| RedHat: Critical: seamonkey security update | ||
| 15th, September, 2006
Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-seamonkey-security-update-3241 |
||
| RedHat: Critical: thunderbird security update | ||
| 15th, September, 2006
Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-thunderbird-security-update-41360 |
||
| RedHat: Moderate: gzip security update | ||
| 19th, September, 2006
Updated gzip packages that fix several security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-gzip-security-update-RHSA-2006-0667-01 |
||
| RedHat: Moderate: php security update | ||
| 21st, September, 2006
Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-php-security-update-38610 |
||
| RedHat: Moderate: php security update | ||
| 21st, September, 2006
Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-php-security-update-38610 |
||
| Slackware | ||
| Slackware: openssl | ||
| 14th, September, 2006
Updated package. |
||
| Slackware: bind DoS | ||
| 14th, September, 2006
New bind packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a Denial of Service issue. |
||
| Slackware: firefox/thunderbird/seamonkey | ||
| 15th, September, 2006
New Firefox and Thunderbird packages are available for Slackware 10.2 and -current to fix security issues. In addition, a new Seamonkey package is available for Slackware -current to fix similar issues. |
||
| Slackware: x11 multiple vulnerabilities | ||
| 17th, September, 2006
New x11 (X.Org) packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: CVE-2006-3739 CVE-2006-3740 |
||
| Slackware: gzip | ||
| 19th, September, 2006
New gzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix possible security issues. |
||
| SuSE | ||
| SuSE: php4,php5 (SUSE-SA:2006:052) | ||
| 21st, September, 2006
Various security problems have been fixed in the PHP script language engine and its modules, versions 4 and 5. The PHP4 updated packages were released on September 12, the PHP5 update packages were released on September 20. The following CVE IDs have been resolved: CVE-2006-2563 CVE-2006-4483 CVE-2006-4481 CVE-2006-4482 CVE-2006-4484 CVE-2006-4482 CVE-2006-4020 |
||
| SuSE: flash-player (SUSE-SA:2006:053) | ||
| 21st, September, 2006
Multiple input validation errors have been identified in the Macromedia Flash Player that could lead to the potential execution of arbitrary code. These vulnerabilities could be accessed through content delivered from a remote location via the user's web browser, email client, or other applications that include or reference the Flash Player. (CVE-2006-3311, CVE-2006-3587, CVE-2006-3588) These updates also include changes to prevent circumvention of the "allowScriptAccess" option. (CVE-2006-4640) |
||
