Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
Debian | ||
Debian: New file packages fix arbitrary code execution | ||
2nd, April, 2007
Updated package. advisories/debian/debian-new-file-packages-fix-arbitrary-code-execution-21321 |
||
Debian: New zope2.7 packages fix cross-site scripting flaw | ||
2nd, April, 2007
Updated package. advisories/debian/debian-new-zope27-packages-fix-cross-site-scripting-flaw |
||
Debian: New krb5 packages fix several vulnerabilities | ||
3rd, April, 2007
Updated package. advisories/debian/debian-new-krb5-packages-fix-several-vulnerabilities |
||
Debian: New XMMS packages fix arbitrary code execution | ||
4th, April, 2007
Multiple errors have been found in the skin handling routines in xmms, the X Multimedia System. These vulnerabilities could allow an attacker to run arbitrary code as the user running xmms by inducing the victim to load specially crafted interface skin files. |
||
Gentoo | ||
Gentoo: Ekiga Format string vulnerability | ||
29th, March, 2007
A format string vulnerability in Ekiga may allow the remote execution of arbitrary code. |
||
Gentoo: file Integer underflow | ||
30th, March, 2007
A buffer underflow vulnerability has been reported in file allowing for the user-assisted execution of arbitrary code. |
||
Gentoo: Squid Denial of Service | ||
31st, March, 2007
Squid is affected by a Denial of Service vulnerability. |
||
Gentoo: CUPS Denial of Service | ||
31st, March, 2007
CUPS incorrectly handles partially-negotiated SSL connections allowing for a Denial of Service. |
||
Gentoo: Asterisk Two SIP Denial of Service vulnerabilities | ||
2nd, April, 2007
Asterisk is vulnerable to two Denial of Service issues in the SIP channel. |
||
Gentoo: MIT Kerberos 5 Arbitrary remote code execution | ||
3rd, April, 2007
Multiple vulnerabilities in MIT Kerberos 5 could potentially result in unauthenticated remote root code execution. |
||
Gentoo: OpenAFS Privilege escalation | ||
3rd, April, 2007
OpenAFS is subject to a design flaw that could allow privilege escalation on the client. |
||
Gentoo: OpenPBS Multiple vulnerabilities | ||
3rd, April, 2007
OpenPBS contains unspecified vulnerabilities which may allow for the remote execution of arbitrary code or a Denial of Service. |
||
Gentoo: zziplib Buffer Overflow | ||
3rd, April, 2007
The zziplib library contains a buffer overflow vulnerability that could lead to user-assisted remote execution of arbitrary code. |
||
Mandriva | ||
Mandriva: Updated xmms packages to address integer vulnerabilities | ||
29th, March, 2007
Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption. (CVE-2007-0653) Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack-based buffer overflow. (CVE-2007-0654) Updated packages have been patched to correct these issues. |
||
Mandriva: Updated kdelibs packages to address FTP PASV issue in konqueror | ||
29th, March, 2007
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a FTP PASV command. Updated packages have been patched to address this issue. |
||
Mandriva: Updated openoffice.org packages to address vulnerabilities | ||
29th, March, 2007
Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. (CVE-2007-0238) OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. (CVE-2007-0239) Updated packages have been patched to correct these issues. |
||
Mandriva: Updated qt3 packages to address utf8 decoder bug | ||
3rd, April, 2007
|
||
Mandriva: Updated kdelibs packages to address UTF8 issue in KJS | ||
3rd, April, 2007
|
||
Mandriva: Updated qt4 packages to address utf8 decoder bug | ||
3rd, April, 2007
|
||
Red Hat | ||
RedHat: Critical: krb5 security update | ||
3rd, April, 2007
|
||
RedHat: Important: XFree86 security update | ||
3rd, April, 2007
|
||
RedHat: Important: xorg-x11 security update | ||
3rd, April, 2007
|
||
RedHat: Important: xorg-x11-server security update | ||
3rd, April, 2007
|
||
RedHat: Moderate: squid security update | ||
3rd, April, 2007
|
||
RedHat: Important: libXfont security update | ||
3rd, April, 2007
|
||
RedHat: Moderate: mysql security update | ||
3rd, April, 2007
|
||
Slackware | ||
Slackware: file [and bin package] | ||
3rd, April, 2007
|
||
Slackware: qt | ||
3rd, April, 2007
|
||
Slackware: ktorrent | ||
3rd, April, 2007
|
||
SuSE: gpg (SUSE-SA:2007:024) | ||
30th, March, 2007
|
||
Ubuntu | ||
Ubuntu: X.org vulnerabilities | ||
3rd, April, 2007
|
||
Ubuntu: krb5 vulnerabilities | ||
3rd, April, 2007
|
||