Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Advisory Watch: March 16th 2007
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, advisories were released for Mozilla, gnupg, SeaMonkey, Smb4K, Amarok,
xine-lib, tcpdump, mplayer, kdelibs, ekiga, gnupg, timezone, kernel, php, and
ktorrent. The distributors include Debian, Gentoo, Mandriva, Ubuntu.
RFID
with Bio-Smart Card in Linux - In this paper, we describe the integration
of fingerprint template and RF smart card for clustered network, which is
designed on Linux platform and Open source technology to obtain biometrics
security. Combination of smart card and biometrics has achieved in two step
authentication where smart card authentication is based on a Personal Identification
Number (PIN) and the card holder is authenticated using the biometrics template
stored in the smart card that is based on the fingerprint verification.
The fingerprint verification has to be executed on central host server for
security purposes. Protocol designed allows controlling entire parameters
of smart security controller like PIN options, Reader delay, real-time clock,
alarm option and cardholder access conditions.
Linux
File & Directory Permissions Mistakes - One common mistake Linux
administrators make is having file and directory permissions that are far
too liberal and allow access beyond that which is needed for proper system
operations. A full explanation of unix file permissions is beyond the scope
of this article, so I'll assume you are familiar with the usage of such
tools as chmod, chown, and chgrp. If you'd like a refresher, one is available
right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to security-discuss-request@linuxsecurity.com
with "subscribe" as the subject.
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
Debian
Debian: New Mozilla packages fix several
vulnerabilities
Mandriva: Updated xine-lib packages to
address buffer overflow vulnerability
8th, March, 2007
The DMO_VideoDecoder_Open function in dmo/DMO_VideoDecoder.c
in xine-lib does not set the biSize before use in a memcpy, which allows
user-assisted remote attackers to cause a buffer overflow and possibly
execute arbitrary code. Updated packages have been patched to address
this issue.
http://www.linuxsecurity.com/content/view/127374
Off-by-one buffer overflow in the parse_elements function in
the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier
allows remote attackers to cause a denial of service (crash) via a crafted
802.11 frame. NOTE: this was originally referred to as heap-based, but
it might be stack-based. Updated packages have been patched to address
this issue.
http://www.linuxsecurity.com/content/view/127375
Mandriva: Updated mplayer packages to
address buffer overflow vulnerability
8th, March, 2007
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c
in MPlayer 1.0rc1 and earlier does not set the biSize before use in a
memcpy, which allows user-assisted remote attackers to cause a buffer
overflow and possibly execute arbitrary code. Updated packages have been
patched to address this issue.
http://www.linuxsecurity.com/content/view/127376
Mandriva: Updated kdelibs packages to
address DoS issue in KDE Javascript
8th, March, 2007
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror,
allows remote attackers to cause a denial of service (crash) by accessing
the content of an iframe with an ftp:// URI in the src attribute, probably
due to a NULL pointer dereference. Updated packages have been patched
to address this issue.
http://www.linuxsecurity.com/content/view/127377
A format string flaw was discovered in how ekiga processes certain
messages, which could permit a remote attacker that can connect to ekiga
to potentially execute arbitrary code with the privileges of the user
running ekiga. This is similar to the previous CVE-2007-1006, but the
original evaluation/patches were incomplete. Updated package have been
patched to correct this issue.
http://www.linuxsecurity.com/content/view/127381
Mandriva: Updated gnupg packages provide
enhanced forgery detection
9th, March, 2007
GnuPG prior to 1.4.7 and GPGME prior to 1.1.4, when run from
the command line, did not visually distinguish signed and unsigned portions
of OpenPGP messages with multiple components. This could allow a remote
attacker to forge the contents of an email message without detection.
GnuPG 1.4.7 is being provided with this update and GPGME has been patched
on Mandriva 2007.0 to provide better visual notification on these types
of forgeries.
http://www.linuxsecurity.com/content/view/127382
Mandriva: Updated timezone packages provide
updated DST information
10th, March, 2007
Updated timezone packages are being provided for older Mandriva
Linux systems that do not contain the new Daylight Savings Time information
for 2007 for certain time zones. These updated packages contain the new
information.
http://www.linuxsecurity.com/content/view/127390
Mandriva: Updated kernel packages fix
multiple vulnerabilities and bugs
10th, March, 2007
The 2.6.17 kernel and earlier, when running on IA64 and SPARC
platforms would allow a local user to cause a DoS (crash) via a malformed
ELF file (CVE-2006-4538).
http://www.linuxsecurity.com/content/view/127391
Mandriva: Updated mplayer packages to
address buffer overflow vulnerability
13th, March, 2007
The DS_VideoDecoder_Open function in loader/dshow/DS_VideoDecoder.c
in MPlayer 1.0rc1 and earlier does not set the biSize before use in a
memcpy, which allows user-assisted remote attackers to cause a buffer
overflow and possibly execute arbitrary code. Updated packages have been
patched to address this issue.
http://www.linuxsecurity.com/content/view/127424
Mandriva: Updated xine-lib packages to
address buffer overflow vulnerability
13th, March, 2007
The DS_VideoDecoder_Open function in DirectShow/DS_VideoDecoder.c
in xine-lib does not set the biSize before use in a memcpy, which allows
user-assisted remote attackers to cause a buffer overflow and possibly
execute arbitrary code. packages have been patched to address this issue.
http://www.linuxsecurity.com/content/view/127425
Ubuntu
Ubuntu: GnuPG vulnerability
8th, March, 2007
Gerardo Richarte from Core Security Technologies discovered
that when gnupg is used without --status-fd, there is no way to distinguish
initial unsigned messages from a following signed message.
http://www.linuxsecurity.com/content/view/127368
Ubuntu: PHP regression
8th, March, 2007
USN-424-1 fixed vulnerabilities in PHP. However, some upstream
changes were not included, which caused errors in the stream filters.
This update fixes the problem.
http://www.linuxsecurity.com/content/view/127369
Ubuntu: Xine vulnerability
8th, March, 2007
Moritz Jodeit discovered that the DMO loader of Xine did not
correctly validate the size of an allocated buffer. By tricking a user
into opening a specially crafted media file, an attacker could execute
arbitrary code with the user's privileges.
http://www.linuxsecurity.com/content/view/127378
Ubuntu: Ekiga vulnerability
8th, March, 2007
It was discovered that Ekiga had format string vulnerabilities
beyond those fixed in USN-426-1. If a user was running Ekiga and listening
for incoming calls, a remote attacker could send a crafted call request,
and execute arbitrary code with the user's privileges.
http://www.linuxsecurity.com/content/view/127380
Ubuntu: Xine vulnerability
12th, March, 2007
Moritz Jodeit discovered that the DirectShow loader of Xine
did not correctly validate the size of an allocated buffer. By tricking
a user into opening a specially crafted media file, an attacker could
execute arbitrary code with the user's privileges.
http://www.linuxsecurity.com/content/view/127411
Ubuntu: KTorrent vulnerabilities
12th, March, 2007
Bryan Burns of Juniper Networks discovered that KTorrent did
not correctly validate the destination file paths nor the HAVE statements
sent by torrent peers. A malicious remote peer could send specially crafted
messages to overwrite files or execute arbitrary code with user privileges.
http://www.linuxsecurity.com/content/view/127413
Ubuntu: GnuPG2, GPGME vulnerability
13th, March, 2007
USN-432-1 fixed a vulnerability in GnuPG. This update provides
the corresponding updates for GnuPG2 and the GPGME library. Original advisory
details: Gerardo Richarte from Core Security Technologies discovered that
when gnupg is used without --status-fd, there is no way to distinguish
initial unsigned messages from a following signed message. An attacker
could inject an unsigned message, which could fool the user into thinking
the message was entirely signed by the original sender.
http://www.linuxsecurity.com/content/view/127422
Only registered users can write comments. Please login or register.
