Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New imagemagick packages fix several vulnerabilities | ||
| 19th, November, 2006
Updated package. advisories/debian/debian-new-imagemagick-packages-fix-several-vulnerabilities-74067 |
||
| Debian: New phpmyadmin packages fix regression | ||
| 19th, November, 2006
Updated package. advisories/debian/debian-new-phpmyadmin-packages-fix-regression |
||
| Debian: New gv packages fix arbitrary code execution | ||
| 20th, November, 2006
Updated package. advisories/debian/debian-new-gv-packages-fix-arbitrary-code-execution |
||
| Debian: New xine-lib packages fix execution of arbitrary code | ||
| 20th, November, 2006
Updated package. advisories/debian/debian-new-xine-lib-packages-fix-execution-of-arbitrary-code |
||
| Debian: New flexbackup packages fix denial of service | ||
| 20th, November, 2006
Updated package. advisories/debian/debian-new-flexbackup-packages-fix-denial-of-service |
||
| Debian: New linux-ftpd packages fix access control bypass | ||
| 20th, November, 2006
Updated package. advisories/debian/debian-new-linux-ftpd-packages-fix-access-control-bypass |
||
| Debian: New proftpd packages fix denial of service | ||
| 21st, November, 2006
It was discovered that the proftpd FTP daemon performs insufficient validation of FTP command buffer size limits, which may lead to denial of service. CVEID CVE-2006-5815 is addressed by this vulnerability. advisories/debian/debian-new-proftpd-packages-fix-denial-of-service-12671 |
||
| Gentoo | ||
| Gentoo: libpng Denial of Service | ||
| 17th, November, 2006
A vulnerability in libpng may allow a remote attacker to crash applications that handle untrusted images. |
||
| Gentoo: WordPress Multiple vulnerabilities | ||
| 17th, November, 2006
Flaws in WordPress allow a Denial of Service, the disclosure of user metadata and the overwriting of restricted files. |
||
| Gentoo: TikiWiki Multiple vulnerabilities | ||
| 20th, November, 2006
TikiWiki allows for the disclosure of MySQL database authentication credentials and for cross-site scripting attacks. |
||
| Gentoo: Ruby Denial of Service vulnerability | ||
| 20th, November, 2006
The Ruby cgi.rb CGI library is vulnerable to a Denial of Service attack. |
||
| Gentoo: Avahi "netlink" message vulnerability | ||
| 20th, November, 2006
Avahi fails to verify the origin of netlink messages, which could allow local users to spoof network changes. |
||
| Gentoo: TORQUE Insecure temproary file creation | ||
| 20th, November, 2006
TORQUE creates temporary files in an insecure manner which could lead to the execution of arbitrary code with elevated privileges. |
||
| Gentoo: qmailAdmin Buffer overflow | ||
| 21st, November, 2006
qmailAdmin is vulnerable to a buffer overflow that could lead to the remote execution of arbitrary code. |
||
| Gentoo: TORQUE Insecure temporary file creation | ||
| 21st, November, 2006
TORQUE creates temporary files in an insecure manner which could lead to the execution of arbitrary code with elevated privileges. |
||
| Gentoo: Texinfo Buffer overflow | ||
| 21st, November, 2006
Texinfo is vulnerable to a buffer overflow that could lead to the execution of arbitrary code. |
||
| Gentoo: fvwm fvwm-menu-directory fvwm command injection | ||
| 23rd, November, 2006
A flaw in fvwm-menu-directory may permit a local attacker to execute arbitrary commands with the privileges of another user. |
||
| Mandriva | ||
| Mandriva: Updated libpng packages fix vulnerabilities | ||
| 16th, November, 2006
Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". |
||
| Mandriva: Updated syslinux packages to fix embedded libpng vulnerabilities | ||
| 16th, November, 2006
SYSLINUX is a boot loader for the Linux operating system which operates off an MS-DOS/Windows FAT filesystem. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities. |
||
| Mandriva: Updated pxelinux packages to fix embedded libpng vulnerabilities | ||
| 16th, November, 2006
PXELINUX is a PXE bootloader. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities. |
||
| Mandriva: Updated doxygen packages to fix embedded libpng vulnerabilities | ||
| 16th, November, 2006
Doxygen is a documentation system for C, C++ and IDL. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities. |
||
| Mandriva: Updated chromium packages to fix embedded libpng vulnerabilities | ||
| 16th, November, 2006
Chromium is an OpenGL-based shoot them up game with fine graphics. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities. |
||
| Mandriva: Updated gv packages fix buffer overflow vulnerability | ||
| 17th, November, 2006
Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the DocumentMedia header. |
||
| Mandriva: Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities | ||
| 18th, November, 2006
Local exploitation of an integer overflow vulnerability in the 'CIDAFM()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3739). |
||
| Mandriva: Updated avahi packages fix netlink vulnerability | ||
| 20th, November, 2006
Steve Grubb discovered that netlink messages were not being checked for their sender identity. This could lead to local users manipulating the Avahi service. |
||
| Mandriva: Updated links packages fix smb vulnerability | ||
| 20th, November, 2006
The links web browser with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements. |
||
| Mandriva: Updated proftpd packages fix vulnerabilities | ||
| 20th, November, 2006
As disclosed by an exploit (vd_proftpd.pm) and a related vendor bugfix, a Denial of Service (DoS) vulnerability exists in the FTP server ProFTPD, up to and including version 1.3.0. The flaw is due to both a potential bus error and a definitive buffer overflow in the code which determines the FTP command buffer size limit. The vulnerability can be exploited only if the "CommandBufferSize" directive is explicitly used in the server configuration, which is not the case in the default configuration of ProFTPD. |
||
| Mandriva: Updated openldap packages fixes Bind vulnerability | ||
| 21st, November, 2006
An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap. Packages have been patched to correct this issue. Packages for Corp4 were built from the wrong src.rpm, breaking Heimdal Kerboros and possibly other support. Updated packages are being provided to correct this issue. |
||
| Mandriva: Updated apache-mod_auth_kerb packages fixes DoS vulnerability | ||
| 23rd, November, 2006
An off-by-one error in the der_get_oid function in mod_auth_kerb 5.0 allows remote attackers to cause a denial of service (crash) via a crafted Kerberos message that triggers a heap-based buffer overflow in the component array. Packages have been patched to correct this issue. |
||
| SuSE | ||
| SuSE: Mozilla Firefox, Thunderbird, | ||
| 16th, November, 2006
The following CVEIDs are addresed by this vulnerability: CVE-2006-5464 CVE-2006-5747 CVE-2006-5748 CVE-2006-5462 CVE-2006-5463 |
||
| SuSE: asterisk (SUSE-SA:2006:069) | ||
| 16th, November, 2006
Two security problem have been found and fixed in the PBX software Asterisk. CVE-2006-5444: Integer overflow in the get_input function in the Skinny channel driver (chan_skinny.c) as used by Cisco SCCP phones, allows remote attackers to potentially execute arbitrary code via a certain dlen value that passes a signed integer comparison and leads to a heap-based buffer overflow. CVE-2006-5445: A vulnerability in the SIP channel driver (channels/chan_sip.c) in Asterisk on SUSE Linux 10.1 allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors that result in the creation of "a real pvt structure" that uses more resources than necessary. |
||
| SuSE: powerdns denial of service | ||
| 16th, November, 2006
Two security problems that have been found in PowerDNS are fixed by this update: CVE-2006-4251: The PowerDNS Recursor can be made to crash by sending malformed questions to it over TCP potentially executing code. CVE-2006-4252: Zero second CNAME TTLs can make PowerDNS exhaust allocated stack space and crash. |
||
| Ubuntu | ||
| Ubuntu: libpng vulnerability | ||
| 17th, November, 2006
Tavis Ormandy discovered that libpng did not correctly calculate the size of sPLT structures when reading an image. By tricking a user or an automated system into processing a specially crafted PNG file, an attacker could exploit this weakness to crash the application using the library. advisories/ubuntu/ubuntu-libpng-vulnerability |
||
| Ubuntu: OpenLDAP vulnerability | ||
| 20th, November, 2006
Evgeny Legerov discovered that the OpenLDAP libraries did not correctly truncate authcid names. This situation would trigger an assert and abort the program using the libraries. A remote attacker could send specially crafted bind requests that would lead to an LDAP server denial of service. advisories/ubuntu/ubuntu-openldap-vulnerability |
||
| Ubuntu: Thunderbird vulnerabilities | ||
| 21st, November, 2006
USN-352-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. (CVE-2006-5462) Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious email containing JavaScript. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it. (CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748) advisories/ubuntu/ubuntu-thunderbird-vulnerabilities-67510 |
||
| Ubuntu: Firefox vulnerabilities | ||
| 21st, November, 2006
USN-351-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. (CVE-2006-5462) Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript. (CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748) advisories/ubuntu/ubuntu-firefox-vulnerabilities-99643 |
||
