Vyatta: Open-Source Router / Firewall / VPN Vyatta - software and appliances combine the features, performance and reliability of an enterprise-class router and firewall with the cost savings and flexibility of open source solutions.
Free Vyatta Community Edition 2 Software & Live Demo Webinars
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian | ||
| Debian: New ldap-account-manager packages fix multiple vulnerabilities | ||
| 7th, May, 2007
Two vulnerabilities have been identified in the version of ldap-account-manager shipped with Debian 3.1 (sarge). An untrusted PATH vulnerability could allow a local attacker to execute arbitrary code with elevated privileges by providing a malicious rm executable and specifying a PATH environment variable referencing this executable. advisories/debian/debian-new-ldap-account-manager-packages-fix-multiple-vulnerabilities |
||
| Debian: New pptpd packages fix denial of service | ||
| 8th, May, 2007
It was discovered that the PoPToP Point to Point Tunneling Server contains a programming error, which allows the tear-down of a PPTP connection through a malformed GRE packet, resulting in denial of service. advisories/debian/debian-new-pptpd-packages-fix-denial-of-service |
||
| Fedora | ||
| Fedora Core 6 Update: vim-7.0.235-1.fc6 | ||
| 7th, May, 2007
This update fixes several issues where opening a malicious file with vim can run an arbitrary command via modeline advisories/fedora/fedora-core-6-update-vim-70235-1fc6-22-40-00-128099 |
||
| Fedora Core 5 Update: evolution-data-server-1.6.3-4.fc5 | ||
| 7th, May, 2007
This update fixes a security vulnerability in APOP authentication. This only affects POP mail accounts. advisories/fedora/fedora-core-5-update-evolution-data-server-163-4fc5-22-40-00-128100 |
||
| Fedora Core 6 Update: evolution-data-server-1.8.3-6.fc6 | ||
| 7th, May, 2007
This update fixes a security vulnerability in APOP authentication. This only affects POP mail accounts. advisories/fedora/fedora-core-6-update-evolution-data-server-183-6fc6-22-40-00-128102 |
||
| Gentoo | ||
| Gentoo: X.Org X11 library Multiple integer overflows | ||
| 5th, May, 2007
The X.Org X11 library contains multiple integer overflows, which could lead to the execution of arbitrary code. |
||
| Gentoo: Lighttpd Two Denials of Service | ||
| 7th, May, 2007
Two vulnerabilities have been discovered in Lighttpd, each allowing for a Denial of Service.Robert Jakabosky discovered an infinite loop triggered by a connection abort when Lighttpd processes carriage return and line feed sequences. Marcus Rueckert discovered a NULL pointer dereference when a server running Lighttpd tries to access a file with a mtime of 0. |
||
| Gentoo: GIMP Buffer overflow | ||
| 7th, May, 2007
GIMP is vulnerable to a buffer overflow which may lead to the execution of arbitrary code.Marsu discovered that the "set_color_table()" function in the SUNRAS plugin is vulnerable to a stack-based buffer overflow. |
||
| Gentoo: IPsec-Tools Denial of Service | ||
| 8th, May, 2007
IPsec-Tools contains a vulnerability that allows a remote attacker to crash the IPsec tunnel. A remote attacker could send a specially crafted IPsec message to one of the two peers during the beginning of phase 1, resulting in the termination of the IPsec exchange. |
||
| Gentoo: LibXfont, TightVNC Multiple vulnerabilities | ||
| 8th, May, 2007
Multiple vulnerabilities have been reported in libXfont and TightVNC, allowing for the execution of arbitrary code with root privileges. The libXfont code is prone to several integer overflows, in functions ProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). TightVNC contains a local copy of this code and is also affected. |
||
| Gentoo: MySQL Two Denial of Service vulnerabilities | ||
| 8th, May, 2007
Two Denial of Service vulnerabilities have been discovered in MySQL. Mu-b discovered a NULL pointer dereference in item_cmpfunc.cc when processing certain types of SQL requests. Sec Consult also discovered another NULL pointer dereference when sorting certain types of queries on the database metadata. |
||
| Gentoo: PostgreSQL Privilege escalation | ||
| 10th, May, 2007
An error involving insecure search_path settings in the SECURITY DEFINER functions has been reported in PostgreSQL. This error contains a vulnerability that could result in SQL privilege escalation. |
||
| Gentoo: ImageMagick Multiple buffer overflows | ||
| 10th, May, 2007
iDefense Labs has discovered multiple integer overflows in ImageMagick in the functions ReadDCMImage() and ReadXWDImage(), that are used to process DCM and XWD files. It can allow for the execution of arbitrary code. |
||
| Mandriva | ||
| Mandriva: Updated xscreensaver packages fix vulnerability | ||
| 3rd, May, 2007
A problem with the way xscreensaver verifies user passwords was discovered by Alex Yamauchi. When a system is using remote authentication (i.e. LDAP) for logins, a local attacker able to cause a network outage on the system could cause xscreensaver to crash, which would unlock the screen. Updated packages have been patched to correct this issue. |
||
| Mandriva: Updated bind packages fix vulnerability | ||
| 9th, May, 2007
A vulnerability in ISC BIND 9.4.0, when recursion is enabled, could allow a remote attacker to cause a denial of service (daemon exit) via a certain sequence of queries. BIND 9.4.1, which corrects this issue, is provided with this update. |
||
| Mandriva: Updated clamav packages fix vulnerabilities | ||
| 8th, May, 2007
iDefense discovered a stack-based overflow in ClamAV when processing negative values in .cab files. As well, multiple file descriptor leaks were also reported and fixed in chmunpack.c, pdf.c, and dblock.c. This update provides ClamAV 0.90.2 which corrects these problems and provides new functionality. |
||
| Mandriva: Updated python packages fix vulnerabilities | ||
| 8th, May, 2007
An off-by-one error was discovered in the PyLocale_strxfrm function in Python 2.4 and 2.5 that could allow context-dependent attackers the ability to read portions of memory via special manipulations that trigger a buffer over-read due to missing null termination. The updated packages have been patched to correct this issue. |
||
| Mandriva: Updated bind packages fix vulnerability | ||
| 9th, May, 2007
A vulnerability in vim 7.0's modeline processing capabilities was discovered where a user with modelines enabled could open a text file containing a carefully crafted modeline, executing arbitrary commands as the user running vim.Updated packages have been patched to prevent this issue. |
||
| Red Hat | ||
| RedHat: Moderate: postgresql security update | ||
| 3rd, May, 2007
Updated postgresql packages that fix several security vulnerabilities are now available for the Red Hat Application Stack. A flaw was found in the way PostgreSQL allows authenticated users to execute security-definer functions. It was possible for an unprivileged user to execute arbitrary code with the privileges of the security-definer function. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-postgresql-security-update-63406 |
||
| RedHat: Moderate: postgresql security update | ||
| 8th, May, 2007
Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. A flaw was found in the way PostgreSQL allows authenticated users to execute security-definer functions. It was possible for an unprivileged user to execute arbitrary code with the privileges of the security-definer function. advisories/red-hat/redhat-moderate-postgresql-security-update-63406 |
||
| RedHat: Important: php security update | ||
| 8th, May, 2007
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5.A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-php-security-update-98171 |
||
| RedHat: Moderate: vim security update | ||
| 9th, May, 2007
Updated vim packages that fix a security issue are now available for Red Hat Enterprise Linux 5.An arbitrary command execution flaw was found in the way VIM processes modelines. If a user with modelines enabled opened a text file containing a carefully crafted modeline, arbitrary commands could be executed as the user running VIM. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-vim-security-update-RHSA-2008-0580-01 |
||
| RedHat: Important: php security update | ||
| 9th, May, 2007
Updated PHP packages that fix two security issues are now available for Red Hat Enterprise Linux 4.A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. Note that this flaw does not affect PHP applications using the pure-PHP XML_RPC class provided in /usr/share/pear. advisories/red-hat/redhat-important-php-security-update-98171 |
||
| RedHat: Important: php security update | ||
| 10th, May, 2007
Updated PHP packages that fix several security issues are now available for Red Hat Application Stack.This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-php-security-update-98171 |
||
| RedHat: Moderate: freeradius security update | ||
| 10th, May, 2007
Updated freeradius packages that fix a memory leak flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. A remote attacker could send a specially crafted authentication request which could cause FreeRADIUS to leak a small amount of memory. If enough of these requests are sent, the FreeRADIUS daemon would consume a vast quantity of system memory leading to a possible denial of service. advisories/red-hat/redhat-moderate-freeradius-security-update-56896 |
||
| Slackware | ||
| Slackware: php | ||
| 8th, May, 2007
New php packages are available for Slackware 10.2, 11.0, and -current to improve the stability and security of PHP. Quite a few bugs were fixed -- please see https://www.php.net/ for a detailed list. |
||
| SuSE | ||
| SuSE: Linux kernel (SUSE-SA:2007:029) | ||
| 3rd, May, 2007
A NULL pointer dereference in the IPv6 sockopt handling could potentially be used by local attackers to read arbitrary kernel memory and thereby gain access to private information. |
||
| SuSE: Linux kernel (SUSE-SA:2007:030) | ||
| 10th, May, 2007
This kernel update is for SUSE Linux 9.3 which fixes the some security problems. The ftdi_sio driver allowed local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. This requires this driver to be loaded, which only happens if such a device is plugged in. |
||
| Ubuntu | ||
| Ubuntu: elinks vulnerability | ||
| 7th, May, 2007
Arnaud Giersch discovered that elinks incorrectly attempted to load gettext catalogs from a relative path. If a user were tricked into running elinks from a specific directory, a local attacker could execute code with user privileges. advisories/ubuntu/ubuntu-elinks-vulnerability |
||
| Ubuntu: MoinMoin vulnerabilities | ||
| 8th, May, 2007
A flaw was discovered in MoinMoin's error reporting when using the AttachFile action. By tricking a user into viewing a crafted MoinMoin URL, an attacker could execute arbitrary JavaScript as the current MoinMoin user, possibly exposing the user's authentication information for the domain where MoinMoin was hosted. advisories/ubuntu/ubuntu-moinmoin-vulnerabilities-96010 |
||
