Linux Advisory Watch: December 22nd 2006 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 14th, 2012

Linux Advisory Watch: May 10th, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Linux Advisory Watch: December 22nd 2006

User Rating:

How can I rate this item?

Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas

This week, advisories were released for clamav, sql-ledger, links2, dbus, gdm, Radius, pam_ldap, imlib2, ruby, evince, xorg, sendmail, evolution, hal, proftpd, mono, lsb, tar, firefox, seamonkey, libgsf, and avahi. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, SuSE, and Ubuntu.

Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

LinuxSecurity.com Feature Extras:

RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

	Debian
	Debian: New Linux 2.4.27 packages fix several vulnerabilities
	17th, December, 2006 Updated package. http://www.linuxsecurity.com/content/view/126261

	Debian: New clamav packages fix several vulnerabilities
	17th, December, 2006 Updated package. http://www.linuxsecurity.com/content/view/126262

	Debian: New sql-ledger packages fix arbitrary code execution
	17th, December, 2006 Updated package. http://www.linuxsecurity.com/content/view/126263

	Debian: New links2 packages fix arbitrary shell command execution
	21st, December, 2006 Teemu Salmela discovered that the links2 character mode web browser performs insufficient sanitising of smb:// URIs, which might lead to the execution of arbitrary shell commands. http://www.linuxsecurity.com/content/view/126320

	Fedora
	Fedora Core 5 Update: dbus-0.62-0.2.fc5
	15th, December, 2006 Along with the security patch there is also a patch which protects D-Bus from exiting when updating to versions greater than or equal to 1.0.0 (i.e. upgrading to fc6) http://www.linuxsecurity.com/content/view/126252

	Fedora Core 5 Update: gdm-2.14.11-1.fc5
	15th, December, 2006 Fix for a recently reported security issue that has ID CVE-2006-6105. This fixes a problem where a user can enter strings like "%08x" into the gdmchooser "Add"j host button and print out memory. http://www.linuxsecurity.com/content/view/126253

	Fedora Core 6 Update: gdm-2.16.4-1.fc6
	15th, December, 2006 This update brings gdm to the latest stable upstream version, which among other bug fixes and improvements contains a fix for a recently reported security issue that has ID CVE-2006-6105. This fixes a problem where a user can enter strings like "%08x" into the gdmchooser "Add"j host button and print out memory. http://www.linuxsecurity.com/content/view/126254

	Gentoo
	Gentoo: McAfee VirusScan Insecure DT_RPATH
	14th, December, 2006 McAfee VirusScan for Linux is distributed with an insecure DT_RPATH, potentially allowing a remote attacker to execute arbitrary code. http://www.linuxsecurity.com/content/view/126229

	Gentoo: Links Arbitrary Samba command execution
	14th, December, 2006 Links does not properly validate "smb://" URLs, making it vulnerable to the execution of arbitrary Samba commands. http://www.linuxsecurity.com/content/view/126236

	Gentoo: GNU Radius Format string vulnerability
	14th, December, 2006 A format string vulnerabilty has been found in GNU Radius, which could lead to the remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/126237

	Gentoo: ClamAV Denial of Service
	18th, December, 2006 ClamAV is vulnerable to Denial of Service. http://www.linuxsecurity.com/content/view/126268

	Gentoo: pam_ldap Authentication bypass vulnerability
	20th, December, 2006 pam_ldap contains a vulnerability that may allow a remote user with a locked account to gain unauthorized system access. http://www.linuxsecurity.com/content/view/126299

	Gentoo: imlib2 Multiple vulnerabilities
	20th, December, 2006 imlib2 contains several vulnerabilities that could lead to the remote execution of arbitrary code or a Denial of Service. http://www.linuxsecurity.com/content/view/126300

	Gentoo: Ruby Denial of Service vulnerability
	20th, December, 2006 The Ruby cgi.rb CGI library is vulnerable to a Denial of Service attack. http://www.linuxsecurity.com/content/view/126301

	Mandriva
	Mandriva: Updated evince packages fix buffer overflow vulnerability
	14th, December, 2006 Stack-based buffer overflow in ps.c for evince allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the DocumentMedia header http://www.linuxsecurity.com/content/view/126227

	Mandriva: Updated clamav packages fix vulnerability
	14th, December, 2006 The latest version of ClamAV, 0.88.7, fixes some bugs, including vulnerabilities with handling base64-encoded MIME attachment files that can lead to either a) a crash (CVE-2006-5874), or b) a bypass of virus detection (CVE-2006-6406). http://www.linuxsecurity.com/content/view/126228

	Mandriva: Updated xorg-x11/XFree86 packages fix integer overflow vulnerabilities
	14th, December, 2006 Local exploitation of an integer overflow vulnerability in the 'CIDAFM()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3739). Local exploitation of an integer overflow vulnerability in the 'scan_cidfont()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3740). Updated packages are patched to address this issue. Updated packages for Corporate Server 4.0 have been patched http://www.linuxsecurity.com/content/view/126241

	Mandriva: Updated sendmail packages to address init script issues
	14th, December, 2006 A bug in the sendmail service initscript prevented the sm-client service from restarting if had not shut down cleanly from a previous run. The updated packages address this issue. http://www.linuxsecurity.com/content/view/126242

	Mandriva: Updated evolution-sharp packages fixes issues with beagle
	14th, December, 2006 The evolution-sharp bindings weren't configured properly, preventing beagle from indexing Evolution mailboxes. This update fixes this issue. http://www.linuxsecurity.com/content/view/126244

	Mandriva: Updated gdm packages fix string vulnerability
	14th, December, 2006 Local exploitation of a format string vulnerability in GNOME Foundation's GNOME Display Manager host chooser window (gdmchooser) could allow an unauthenticated attacker to execute arbitrary code on the affected system. The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/126246

	Mandriva: Updated hal packages to address several bugs
	15th, December, 2006 A bug in partition detection for some SD/MMC card readers (those using the sdhci driver) was preventing correct detection by HAL, breaking automatic mounting/unmounting on card nsertion/removal. Another bug was preventing correct mounting of LUKS-encrypted removable media. This update fixes these bugs and also provides compatibility with D-Bus 1.0. http://www.linuxsecurity.com/content/view/126260

	Mandriva: Updated proftpd packages fix mod_ctrls vulnerability
	18th, December, 2006 Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value. Packages have been patched to correct these issues. http://www.linuxsecurity.com/content/view/126278

	Mandriva: Updated dbus packages fix vulnerability
	18th, December, 2006 A vulnerability was discovered in D-Bus that could be exploited by a local attacker to cause a Denial of Service. Updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/126279

	Mandriva: Updated mono packages fix vulnerability
	20th, December, 2006 XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack which allow a malicious user to obtain the source code of the server-side application. This vulnerability grants the attacker deeper knowledge of the Web application logic. http://www.linuxsecurity.com/content/view/126316

	Mandriva: Updated lsb package to address missing libmesagl dependency
	21st, December, 2006 When the xorg-x11 package was broken up into subpackages, libGL.so.1, which is required by LSB, ended up not being a requirement of the lsb meta-package. This update corrects this issue and should allow lsblibchk to run without failures. http://www.linuxsecurity.com/content/view/126319

	Red Hat
	RedHat: Moderate: tar security update
	19th, December, 2006 Updated tar packages that fix a path traversal flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/126291

	RedHat: Critical: firefox security update
	19th, December, 2006 Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/126292

	RedHat: Critical: seamonkey security update
	19th, December, 2006 Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/126293

	RedHat: Critical: thunderbird security update
	19th, December, 2006 Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/126294

	SuSE
	SuSE: libgsf buffer overflows
	14th, December, 2006 The libgsf library is used by various GNOME programs to handle for instance OLE2 data streams. Specially crafted OLE documents enabled attackers to use a heap buffer overflow for potentially executing code. This issue is tracked by the Mitre CVE ID CVE-2006-4514. http://www.linuxsecurity.com/content/view/126233

	SuSE: flash-player CRLF injection
	14th, December, 2006 This security update brings the Adobe Flash Player to version 7.0.69. The update fixes the following security problem: CVE-2006-5330: CRLF injection vulnerabilities in Adobe Flash Player allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. The flexibility of the attack varies depending on the type of web browser being used. http://www.linuxsecurity.com/content/view/126234

	SuSE: clamav 0.88.7 (SUSE-SA:2006:078)
	18th, December, 2006 The anti virus scan engine ClamAV has been updated to version 0.88.7 to fix various security problems: CVE-2006-5874: Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference. CVE-2006-6481: Clam AntiVirus (ClamAV) 0.88.6 allowed remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406. CVE-2006-6406: Clam AntiVirus (ClamAV) 0.88.6 allowed remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. http://www.linuxsecurity.com/content/view/126266

	SuSE: Linux kernel (SUSE-SA:2006:079)
	21st, December, 2006 The following CVEIDs are addressed by this vulnerability: CVE-2006-3741, CVE-2006-4145, CVE-2006-4538, CVE-2006-4572, CVE-2006-4623, CVE-2006-4813, CVE-2006-4997, CVE-2006-5173, CVE-2006-5174, CVE-2006-5619, CVE-2006-5648, CVE-2006-5649, CVE-2006-5751, CVE-2006-5757, CVE-2006-5823, CVE-2006-6053, CVE-2006-6054, CVE-2006-6056, CVE-2006-6060 http://www.linuxsecurity.com/content/view/126321

	Ubuntu
	Ubuntu: avahi regression
	14th, December, 2006 USN-380-1 fixed a vulnerability in Avahi. However, if used with Network manager, that version occasionally failed to resolve .local DNS names until Avahi got restarted. This update fixes the problem. We apologize for the inconvenience. http://www.linuxsecurity.com/content/view/126235

	Ubuntu: gdm vulnerability
	14th, December, 2006 A format string vulnerability was discovered in the gdmchooser component of the GNOME Display Manager. By typing a specially crafted host name, local users could gain gdm user privileges, which could lead to further account information exposure. http://www.linuxsecurity.com/content/view/126245

	Ubuntu: mono vulnerability
	20th, December, 2006 Jose Ramon Palanco discovered that the mono System.Web class did not consistently verify local file paths. As a result, the source code for mono web applications could be retrieved remotely, possibly leading to further compromise via the application's source. http://www.linuxsecurity.com/content/view/126315