Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Advisory Watch: January 26th 2007
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, advisories were released for netrik, fetchmail, mod_auth_kerb, libgtop,
xine-ui, openldap, centericq, koffice, pdftohtml, poppler, xpdf, tetex, libgtop,
glibc, locale, kdegraphics, proftpd, squid, gtk2, IBMJava, xine, libsoup, GeoIP,
and BlueZ. The distributors include Debian, Gentoo, Mandriva, Red Hat, Slackware,
SuSE, and Ubuntu.
RFID
with Bio-Smart Card in Linux - In this paper, we describe the integration
of fingerprint template and RF smart card for clustered network, which is
designed on Linux platform and Open source technology to obtain biometrics
security. Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a Personal Identification
Number (PIN) and the card holder is authenticated using the biometrics template
stored in the smart card that is based on the fingerprint verification.
The fingerprint verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire parameters
of smart security controller like PIN options, Reader delay, real-time clock,
alarm option and cardholder access conditions.
Linux
File & Directory Permissions Mistakes - One common mistake Linux
administrators make is having file and directory permissions that are far
too liberal and allow access beyond that which is needed for proper system
operations. A full explanation of unix file permissions is beyond the scope
of this article, so I'll assume you are familiar with the usage of such
tools as chmod, chown, and chgrp. If you'd like a refresher, one is available
right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Debian
Debian: New netrik packages fix arbitary
shell command execution
Mandriva: Updated koffice packages fix
crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1
patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers
to have an unknown impact, possibly including denial of service (infinite
loop), arbitrary code execution, or memory corruption, via a PDF file
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute
that references an invalid page tree node. The updated packages have been
patched to correct this problem.
http://www.linuxsecurity.com/content/view/126649
Mandriva: Updated pdftohtml packages
fix crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1
patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers
to have an unknown impact, possibly including denial of service (infinite
loop), arbitrary code execution, or memory corruption, via a PDF file
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute
that references an invalid page tree node. The updated packages have been
patched to correct this problem.
http://www.linuxsecurity.com/content/view/126650
Mandriva: Updated poppler packages fix
crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1
patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers
to have an unknown impact, possibly including denial of service (infinite
loop), arbitrary code execution, or memory corruption, via a PDF file
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute
that references an invalid page tree node. The updated packages have been
patched to correct this problem.
http://www.linuxsecurity.com/content/view/126652
Mandriva: Updated xpdf packages fix crafted
pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1
patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers
to have an unknown impact, possibly including denial of service (infinite
loop), arbitrary code execution, or memory corruption, via a PDF file
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute
that references an invalid page tree node. The updated packages have been
patched to correct this problem.
http://www.linuxsecurity.com/content/view/126653
Mandriva: Updated tetex packages fix
crafted pdf file vulnerability
18th, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1
patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers
to have an unknown impact, possibly including denial of service (infinite
loop), arbitrary code execution, or memory corruption, via a PDF file
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute
that references an invalid page tree node. The updated packages have been
patched to correct this problem.
http://www.linuxsecurity.com/content/view/126654
Stack-based buffer overflow in the glibtop_get_proc_map_s function
in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial
of service (crash) and possibly execute arbitrary code via a process with
a long filename that is mapped in its address space, which triggers the
overflow in gnome-system-monitor. The updated packages have been patched
to correct this problem.
http://www.linuxsecurity.com/content/view/126655
Mandriva: Updated glibc, locale packages
address several issues
21st, January, 2007
The version of glibc shipped with Mandriva 2007 has a bug that
prevents the system from passing the lsb-runtime test suite (T.ttyname_r).
This update also includes sparc64 updates and Unicode 5.0 support.
http://www.linuxsecurity.com/content/view/126664
Mandriva: Updated packages link to the
correct version of Firefox
22nd, January, 2007
Due to an error in the compilation system, the firefox-dependant
packages provided in MDKSA-2007:010 for Mandriva 2007/x86_64 were linked
to the older version of Firefox. This update corrects the problem.
http://www.linuxsecurity.com/content/view/126695
Mandriva: Updated kdegraphics packages
fix crafted pdf file vulnerability
22nd, January, 2007
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1
patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers
to have an unknown impact, possibly including denial of service (infinite
loop), arbitrary code execution, or memory corruption, via a PDF file
with a (1) crafted catalog dictionary or (2) a crafted Pages attribute
that references an invalid page tree node.
http://www.linuxsecurity.com/content/view/126701
Mandriva: Updated mandriva-doc-common
packages fix help links
22nd, January, 2007
Due to changes in the structure of the documentation, the Help
buttons of the Software Management tools led to broken links. This update
fixes the links catalog system so the inline help works again.
http://www.linuxsecurity.com/content/view/126702
Mandriva: Updated kernel packages fix
multiple vulnerabilities and bugs
A stack-based buffer overflow in the sreplace function in ProFTPD
1.3.0 and earlier, allows remote attackers to cause a denial of service,
as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."
http://www.linuxsecurity.com/content/view/126718
Updated acroread packages that fix several security issues are
now available for Red Hat Enterprise Linux 3. This update has been rated
as having critical security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/126694
RedHat: Moderate: gtk2 security update
24th, January, 2007
Updated gtk2 packages that fix a security issue are now available.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
http://www.linuxsecurity.com/content/view/126728
Various security problems and bugs have been fixed in the IBMJava
JRE and SDK. The IBM Java packages were updated to: IBM Java 1.4.2 to
Service Refresh 7. IBM JAVA 1.3.10 to Service Refresh 10. It contains
several security fixes also fixed in SUN Java including: CVE-2006-4339:
fix for the RSA exponent padding attack. CVE-2006-6736,CVE-2006-6737:
2 unspecified vulnerabilities that allow untrusted applets to access data
in other applets. CVE-2006-6745: Multiple unspecified vulnerabilities
that allow applets to gain privileges related to serialization bugs in
the JRE. CVE-2006-6731: Multiple buffer overflows in java image handling
routines that allow attackers to potentially read/write/execute local
files.
http://www.linuxsecurity.com/content/view/126639
SuSE: Acrobat Reader 7.0.9
22nd, January, 2007
The Adobe Acrobat Reader has been updated to version 7.0.9.
This update also includes following security fixes: CVE-2006-5857: A memory
corruption problem was fixed in Adobe Acrobat Reader can potentially lead
to code execution. CVE-2007-0044: Universal Cross Site Request Forgery
(CSRF) problems were fixed in the Acrobat Reader plugin which could be
exploited by remote attackers to conduct CSRF attacks using any site that
is providing PDFs. CVE-2007-0045: Cross site scripting problems in the
Acrobat Reader plugin were fixed, which could be exploited by remote attackers
to conduct XSS attacks against any site that is providing PDFs. CVE-2007-0046:
A double free problem in the Acrobat Reader plugin was fixed which could
be used by remote attackers to potentially execute arbitrary code. Note
that all platforms using Adobe Reader currently have counter measures
against such attack where it will just cause a controlled abort(). CVE-2007-0047
and CVE-2007-0048 affect only Microsoft Windows and Internet Explorer.
Please note that the Acrobat Reader on SUSE Linux Enterprise Server 9
is affected too, but can not be updated currently due to GTK+ 2.4 requirements.
We are trying to find a solution. Acrobat Reader on SUSE Linux Enterprise
Server 8 and SUSE Linux Desktop 1 is no longer supported and should be
deinstalled.
http://www.linuxsecurity.com/content/view/126671
SuSE: squid (SUSE-SA:2007:012)
23rd, January, 2007
This update fixes a remotely exploitable denial-of-service bug
in squid that can be triggered by using special ftp:// URLs. (CVE-2007-0247)
Additionally the 10.2 package needed a fix for another DoS bug (CVE-2007-0248)
and for max_user_ip handling in ntlm_auth.
http://www.linuxsecurity.com/content/view/126706
SuSE: xine (SUSE-SA:2007:013)
23rd, January, 2007
This update fixes several format string bugs that can be exploited
remotely with user-assistance to execute arbitrary code. Since SUSE Linux
version 10.1 format string bugs are not exploitable anymore. (CVE-2007-0017)
http://www.linuxsecurity.com/content/view/126707
Ubuntu
Ubuntu: poppler vulnerability
18th, January, 2007
The poppler PDF loader library did not limit the recursion depth
of the page model tree. By tricking a user into opening a specially crafter
PDF file, this could be exploited to trigger an infinite loop and eventually
crash an application that uses this library. kpdf in Ubuntu 5.10, and
KOffice in all Ubuntu releases contains a copy of this code and thus is
affected as well.
http://www.linuxsecurity.com/content/view/126640
Ubuntu: libsoup vulnerability
23rd, January, 2007
Roland Lezuo and Josselin Mouette discovered that the HTTP server
code in libsoup did not correctly verify request headers. Remote attackers
could crash applications using libsoup by sending a crafted HTTP request,
resulting in a denial of service.
http://www.linuxsecurity.com/content/view/126717
Ubuntu: GeoIP vulnerability
23rd, January, 2007
Dean Gaudet discovered that the GeoIP update tool did not validate
the filename responses from the update server. A malicious server, or
man-in-the-middle system posing as a server, could write to arbitrary
files with user privileges.
http://www.linuxsecurity.com/content/view/126721
Ubuntu: BlueZ vulnerability
23rd, January, 2007
A flaw was discovered in the HID daemon of bluez-utils. A remote
attacker could gain control of the mouse and keyboard if hidd was enabled.
This does not affect a default Ubuntu installation, since hidd is normally
disabled.
http://www.linuxsecurity.com/content/view/126723
Ubuntu: Squid vulnerabilities
24th, January, 2007
David Duncan Ross Palmer and Henrik Nordstrom discovered that
squid incorrectly handled special characters in FTP URLs. Remote users
with access to squid could crash the server leading to a denial of service.
http://www.linuxsecurity.com/content/view/126736
Only registered users can write comments. Please login or register.
