Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New libsoup packages fix denial of service | ||
12th, January, 2007
Roland Lezuo and Josselin Mouette discovered that the libsoup HTTP library performs insufficient sanitising when parsing HTTP headers, which might lead to denial of service. advisories/debian/debian-new-libsoup-packages-fix-denial-of-service |
||
| Debian: New xfree86 packages fix privilege escalation | ||
15th, January, 2007
Updated package. advisories/debian/debian-new-xfree86-packages-fix-privilege-escalation |
||
| Debian: New cacti packages fix arbitrary code execution | ||
17th, January, 2007
Updated package. advisories/debian/debian-new-cacti-packages-fix-arbitrary-code-execution |
||
| Gentoo | ||
| Gentoo: KDE kfile JPEG info plugin Denial of Service | ||
12th, January, 2007
The KDE kfile JPEG info plugin of kdegraphics could enter an endless loop leading to a Denial of Service. |
||
| Gentoo: w3m Format string vulnerability | ||
12th, January, 2007
w3m does not correctly handle format string specifiers in SSL certificates. |
||
| Gentoo: OpenOffice.org EMF/WMF file handling vulnerabilities | ||
12th, January, 2007
A truncation error and integer overflows in the EMF/WMF file handling of OpenOffice.org could be exploited to execute arbitrary code. |
||
| Gentoo: Opera Two remote code execution vulnerabilities | ||
12th, January, 2007
Two vulnerabilities may allow the execution of arbitrary code. |
||
| Gentoo: oftpd Denial of Service | ||
15th, January, 2007
An assertion in oftpd could lead to a denial of service vulnerability. |
||
| Gentoo: WordPress Multiple vulnerabilities | ||
15th, January, 2007
WordPress is vulnerable to SQL injection, information disclosure, and cross-site scripting attacks. |
||
| Gentoo: Kronolith Local file inclusion | ||
16th, January, 2007
Kronolith contains a flaw that could allow the execution of arbitrary files. |
||
| Gentoo: Mono Information disclosure | ||
16th, January, 2007
Mono does not properly sanitize pathnames allowing unauthorized information disclosure. |
||
| Mandriva | ||
| Mandriva: Updated kdenetwork packages fix ksirc vulnerability | ||
11th, January, 2007
KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. Updated packages are patched to address this issue. |
||
| Mandriva: Updated nmap packages to resolve issue using nmap as root | ||
11th, January, 2007
The version of nmap shipped with Mandriva Linux 2007 was built against the system copies of the libpcap and libdnet libraries. However, nmap actually requires changes to be made to these libraries which have not yet been made to the upstream versions, and consequently should be compiled against its own built-in copies of these libraries. This problem causes nmap not to work as the root user: it would simply freeze up. The updated package fixes this problem. It also fixes the menu entry for the package. |
||
| Mandriva: Updated desktop-common-data packages add Writer menu item | ||
11th, January, 2007
When using "Discovery" menus, there is no menu item for Writer in the Office category. Updated packages correct this issue. |
||
| Mandriva: Updated Firefox packages fix multiple vulnerabilities | ||
11th, January, 2007
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.9. This update provides the latest Firefox to correct these issues. |
||
| Mandriva: Updated lirc packages fixes issue with dkms-lirc and SMP kernels | ||
11th, January, 2007
Dkms-lirc allows one to install LIRC drivers on non-Mandriva kernels. It contains a driver named lirc_parallel.ko which does not work on SMP-enabled kernels, preventing the driver installation on such kernels. The lirc_parallel.ko driver has been removed from the updated package and moved to a separate package named dkms-lirc-parallel. |
||
| Mandriva: Updated Thunderbird packages fix multiple vulnerabilities | ||
11th, January, 2007
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.9. This update provides the latest Thunderbird to correct these issues. |
||
| Mandriva: Updated kernel packages fix multiple vulnerabilities and bugs | ||
12th, January, 2007
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The following CVEIDs have been addressed by this vulnerability: (CVE-2006-4813), (CVE-2006-4997), (CVE-2006-5158), (CVE-2006-5619), (CVE-2006-5749), (CVE-2006-5751), (CVE-2006-5757), (CVE-2006-6106) |
||
| Mandriva: Updated libneon0.26 packages fix vulnerability | ||
12th, January, 2007
An array index error in the URI parser in neon 0.26.0 to 0.26.2 could possibly allow remote malicious servers to cause a crash via a URI with non-ASCII characters. This vulnerability may only exist on 64bit systems. Updated packages are patched to address this issue. |
||
| Mandriva: Updated bluez-utils packages fix bluetooth authentication issues | ||
12th, January, 2007
In Mandriva 2007.0, authentication with bluetooth devices was broken (#24359). This update provides an agent that will prompt for passkeys (PIN code) when needed. |
||
| Mandriva: Updated perl-SOAP-Lite packages fix crash issue | ||
15th, January, 2007
SOAP::Lite makes use of auto-generated methods with names that clash with methods exported by UNIVERSAL::require. As a result, using the two modules simultaneously will result in an immediate program crash. The package has been patched with an upstream fix to correct the issue. |
||
| Mandriva: Updated wvstreams packages fix openssl linkage issue | ||
15th, January, 2007
In Mandriva 2007.0, the wvstreams package was built with openssl 0.9.7, which was not available in the final 2007.0 release. This made the wvstreams package impossible to install on Mandriva 2007.0 (bug 26240). This update is built with openssl 0.9.8, so that it can be installed on a Mandriva 2007.0 system. |
||
| Mandriva: Updated bluez-utils packages fix hidd vulnerability | ||
15th, January, 2007
hidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack. |
||
| Mandriva: Updated cacti packages SQL injection vulnerability | ||
15th, January, 2007
SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function. |
||
| Mandriva: Updated fetchmail packages fix vulnerability | ||
15th, January, 2007
Fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks. The updated packages have been patched to correct this problem. |
||
| Mandriva: Updated wget packages fix ftp vulnerability | ||
15th, January, 2007
The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command. The updated packages have been patched to correct this problem. |
||
| Mandriva: Updated tripwire packages fix key generation issue | ||
16th, January, 2007
The version of tripwire included with Mandriva 2007 would hang while generating keys. The problem has been corrected by avoiding using optimization at compile-time. |
||
| Red Hat | ||
| RedHat: Important: openoffice.org security update | ||
12th, January, 2007
Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-openofficeorg-security-update-69768 |
||
| RedHat: Moderate: flash-plugin security update | ||
12th, January, 2007
An updated Adobe Flash Player package that fixes a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-flash-plugin-security-update-RHSA-2007-0009-01 |
||
| RedHat: Important: XFree86 security update | ||
12th, January, 2007
Updated XFree86 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-xfree86-security-update-11213 |
||
| RedHat: Important: xorg-x11 security update | ||
12th, January, 2007
Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-xorg-x11-security-update-6165 |
||
| RedHat: Critical: Adobe Acrobat Reader security update | ||
12th, January, 2007
Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-adobe-acrobat-reader-security-update-90817 |
||
| RedHat: Moderate: libgsf security update | ||
12th, January, 2007
Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-libgsf-security-update-RHSA-2007-0011-01 |
||
| RedHat: Moderate: kernel security update | ||
17th, January, 2007
Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 (64 bit architectures) This security advisory has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-kernel-security-update-63622 |
||
| RedHat: Moderate: kernel security update | ||
17th, January, 2007
Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 (32 bit architectures) This security advisory has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-kernel-security-update-63622 |
||
| SuSE | ||
| SuSE: XFree86/Xorg (SUSE-SA:2007:008) | ||
12th, January, 2007
This update fixes three memory corruptions within the X server which could be used by local attackers with access to this display to crash the X server and potentially execute code. The following CVEIDs are addressed by this vulnerability: CVE-2006-6101, CVE-2006-6102, CVE-2006-6103 |
||
| SuSE: mozilla (SUSE-SA:2007:006) | ||
12th, January, 2007
The following CVEIDs are addressed by this vulnerability: CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6500, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6505, CVE-2006-6506, CVE-2006-6507 |
||
| SuSE: cacti cmd injection | ||
12th, January, 2007
A command injection in cmd.php in cacti was fixed, which might have allowed remote attackers to inject commands and so execute code. This issue is tracked by the Mitre CVE ID CVE-2006-6799. |
||
| SuSE: Opera 9.10 (SUSE-SA:2007:009) | ||
15th, January, 2007
This update brings the Opera Web browser to version 9.10, including fixes for the following 2 security problems: CVE-2007-0126: Opera processes a JPEG DHT marker incorrectly, which can potentially lead to remote code execution. CVE-2007-0127: Opera is affected by a typecasting bug in its Javascripts SVG implementation which could potentially be used to execute code. |
||
| SuSE: IBMJava (SUSE-SA:2007:010) | ||
18th, January, 2007
Various security problems and bugs have been fixed in the IBMJava JRE and SDK. The IBM Java packages were updated to: IBM Java 1.4.2 to Service Refresh 7. IBM JAVA 1.3.10 to Service Refresh 10. It contains several security fixes also fixed in SUN Java including: CVE-2006-4339: fix for the RSA exponent padding attack. CVE-2006-6736,CVE-2006-6737: 2 unspecified vulnerabilities that allow untrusted applets to access data in other applets. CVE-2006-6745: Multiple unspecified vulnerabilities that allow applets to gain privileges related to serialization bugs in the JRE. CVE-2006-6731: Multiple buffer overflows in java image handling routines that allow attackers to potentially read/write/execute local files. |
||
| Ubuntu | ||
| Ubuntu: fetchmail vulnerability | ||
11th, January, 2007
It was discovered that fetchmail did not correctly require TLS negotiation in certain situations. This would result in a user's unencrypted password being sent across the network.If fetchmail has been configured to use the "sslproto tls1", "sslcertck", or "sslfingerprint" options with a server that does not correctly support TLS negotiation, this update may cause fetchmail to (correctly) abort authentication. advisories/ubuntu/ubuntu-fetchmail-vulnerability |
||
| Ubuntu: OpenOffice.org vulnerability | ||
12th, January, 2007
An integer overflow was discovered in OpenOffice.org's handling of WMF files. If a user were tricked into opening a specially crafted WMF file, an attacker could execute arbitrary code with user privileges. advisories/ubuntu/ubuntu-openofficeorg-vulnerability-17436 |
||
| Ubuntu: libgtop2 vulnerability | ||
15th, January, 2007
Liu Qishuai discovered a buffer overflow in the /proc parsing routines in libgtop. By creating and running a process in a specially crafted long path and tricking an user into running gnome-system-monitor, an attacker could exploit this to execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-libgtop2-vulnerability |
||
| Ubuntu: krb5 vulnerability | ||
15th, January, 2007
The server-side portion of Kerberos' RPC library had a memory management flaw which allowed users of that library to call a function pointer located in unallocated memory. By doing specially crafted calls to the kadmind server, a remote attacker could exploit this to execute arbitrary code with root privileges on the target computer. advisories/ubuntu/ubuntu-krb5-vulnerability |
||
| Ubuntu: ksirc vulnerability | ||
15th, January, 2007
Federico L. Bossi Bonin discovered a Denial of Service vulnerability in ksirc. By sending a special response packet, a malicious IRC server could crash ksirc. advisories/ubuntu/ubuntu-ksirc-vulnerability |
||
| Ubuntu: poppler vulnerability | ||
18th, January, 2007
The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library. kpdf in Ubuntu 5.10, and KOffice in all Ubuntu releases contains a copy of this code and thus is affected as well. advisories/ubuntu/ubuntu-poppler-vulnerability-81822 |
||
