Vyatta Open-Source Router, Firewall & VPN - Vyatta software and appliances combine the features, performance and reliability of enterprise-class networking gear with the cost-savings and flexibility of open-source solutions. Vyatta empowers you to replace overpriced proprietary router, firewall and VPN equipment with commercially supported open-source solutions.
Free Webinars & Vyatta Community Edition 2 Software
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian: New Linux 2.6.18 packages fix several vulnerabilities | ||
13th, May, 2007
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. We recommend that you upgrade your kernel package immediately and reboot the machine. If you have built a custom kernel from the kernel source package, you will need to rebuild to take advantage of these fixes. advisories/debian/debian-new-linux-2618-packages-fix-several-vulnerabilities-45410 |
||
| Debian: New squirrelmail packages fix cross-site scripting | ||
13th, May, 2007
It was discovered that the webmail package Squirrelmail performs insufficient sanitising inside the HTML filter, which allows the injection of arbitrary web script code during the display of HTML email messages. advisories/debian/debian-new-squirrelmail-packages-fix-cross-site-scripting-68684 |
||
| Debian: New samba packages fix multiple vulnerabilities | ||
15th, May, 2007
Several issues have been identified in Samba, the SMB/CIFS file and print-server implementation for GNU/Linux. When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a transition to the root user id rather than the non-root user. advisories/debian/debian-new-samba-packages-fix-multiple-vulnerabilities-42749 |
||
| Debian: New qt4-x11 packages fix cross-site scripting vulnerability | ||
15th, May, 2007
ndreas Nolden discovered a bug in the UTF8 decoding routines in qt4-x11, a C++ GUI library framework, that could allow remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters. advisories/debian/debian-new-qt4-x11-packages-fix-cross-site-scripting-vulnerability |
||
| Debian: New samba packages fix multiple vulnerabilities | ||
17th, May, 2007
Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. advisories/debian/debian-new-samba-packages-fix-multiple-vulnerabilities-42749 |
||
| Fedora Core 6 Update: php-5.1.6-3.6.fc6 | ||
14th, May, 2007
This update fixes a number of security issues in PHP. A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. Note that this flaw does not affect PHP applications using the pure-PHP XML_RPC class provided in /usr/share/pear. advisories/fedora/fedora-core-6-update-php-516-36fc6-16-37-00-128184 |
||
| Fedora Core 5 Update: samba-3.0.24-5.fc5 | ||
14th, May, 2007
This release of Samba fixes some Serious security bugs, CVE-2007-2444, CVE-2007-2446 and CVE-2007-2447. Fixes the security bugs which causes a Samba smbd denial of service. advisories/fedora/fedora-core-5-update-samba-3024-5fc5-16-37-00-128189 |
||
| Fedora Core 6 Update: samba-3.0.24-5.fc6 | ||
14th, May, 2007
This release of Samba fixes some Serious security bugs CVE-2007-2444, CVE-2007-2446, and CVE-2007-2447 advisories/fedora/fedora-core-6-update-samba-3024-5fc6-16-37-00-128192 |
||
| Gentoo: PostgreSQL Privilege escalation | ||
10th, May, 2007
An error involving insecure search_path settings in the SECURITY DEFINER functions has been reported in PostgreSQL. This error contains a vulnerability that could result in SQL privilege escalation. |
||
| Gentoo: ImageMagick Multiple buffer overflows | ||
10th, May, 2007
iDefense Labs has discovered multiple integer overflows in ImageMagick in the functions ReadDCMImage() and ReadXWDImage(), that are used to process DCM and XWD files. It can allow for the execution of arbitrary code. |
||
| Gentoo: XScreenSaver Privilege escalation | ||
13th, May, 2007
XScreenSaver allows local users to bypass authentication under certain configurations. XScreenSaver incorrectly handles the results of the getpwuid() function in drivers/lock.c when using directory servers during a network outage. |
||
| Gentoo: ImageMagick Multiple buffer overflows | ||
14th, May, 2007
Multiple integer overflows have been discovered in ImageMagick allowing for the execution of arbitrary code. iDefense Labs has discovered integer overflows in ImageMagick in the functions ReadDCMImage() and ReadXWDImage(), that are used to process DCM and XWD files. |
||
| Gentoo: Samba Multiple vulnerabilities | ||
15th, May, 2007
Samba contains multiple vulnerabilities potentially resulting in the execution of arbitrary code with root privileges. A remote attacker could exploit these vulnerabilities to gain root privileges via various vectors. |
||
| Gentoo: PhpWiki Remote execution of arbitrary code | ||
17th, May, 2007
A vulnerability has been discovered in PhpWiki allowing for the remote execution of arbitrary code. A remote attacker could upload a specially crafted PHP file to the vulnerable server, resulting in the execution of arbitrary PHP code with the privileges of the user running PhpWiki. |
||
| Gentoo: Apache mod_security Rule bypass | ||
17th, May, 2007
A vulnerability has been discovered in mod_security, allowing a remote attacker to bypass rules.A remote attacker could send a specially crafted POST request, possibly bypassing the module ruleset and leading to the execution of arbitrary code in the scope of the web server with the rights of the user running the web server. |
||
| Mandriva: Updated php packages fix multiple vulnerabilities | ||
10th, May, 2007
A heap buffer overflow flaw was found in the xmlrpc extension for PHP. A script that implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the apache user. This flaw does not, however, affect PHP applications using the pure-PHP XML_RPC class provided via PEAR. |
||
| Mandriva: Updated php packages fix multiple vulnerabilities | ||
10th, May, 2007
A heap buffer overflow flaw was found in the xmlrpc extension for PHP. A script that implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the apache user. This flaw does not, however, affect PHP applications using the pure-PHP XML_RPC class provided via PEAR |
||
| Mandriva: Updated samba packages fix multiple vulnerabilities | ||
14th, May, 2007
A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server |
||
| RedHat: Important: php security update | ||
10th, May, 2007
Updated PHP packages that fix several security issues are now available for Red Hat Application Stack.This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-php-security-update-98171 |
||
| RedHat: Moderate: freeradius security update | ||
10th, May, 2007
Updated freeradius packages that fix a memory leak flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. A remote attacker could send a specially crafted authentication request which could cause FreeRADIUS to leak a small amount of memory. If enough of these requests are sent, the FreeRADIUS daemon would consume a vast quantity of system memory leading to a possible denial of service. advisories/red-hat/redhat-moderate-freeradius-security-update-56896 |
||
| RedHat: Critical: samba security update | ||
14th, May, 2007
Updated samba packages that fix several security flaws are now available.Various bugs were found in NDR parsing, used to decode MS-RPC requests in Samba. A remote attacker could have sent carefully crafted requests causing a heap overflow, which may have led to the ability to execute arbitrary code on the server. This update has been rated as having critical security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-critical-samba-security-update-RHSA-2007-1013-01 |
||
| RedHat: Important: tomcat security update | ||
14th, May, 2007
Updated tomcat packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-tomcat-security-update-RHSA-2007-0326-01 |
||
| RedHat: Moderate: bluez-utils security update | ||
14th, May, 2007
Updated bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. A flaw was found in the Bluetooth HID daemon (hidd). A remote attacker would have been able to inject keyboard and mouse events via a Bluetooth connection without any authorization. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-bluez-utils-security-update-RHSA-2007-0065-01 |
||
| RedHat: Important: kernel security and bug fix update | ||
16th, May, 2007
Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available.One of the flaws is in the handling of IPv6 type 0 routing headers that allowed remote users to cause a denial of service that led to a network amplification between two routers. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-kernel-security-and-bug-fix-update-30637 |
||
| RedHat: Moderate: ipsec-tools security update | ||
17th, May, 2007
Updated ipsec-tools packages that fix a denial of service flaw in racoon are now available for Red Hat Enterprise Linux 5. A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-ipsec-tools-security-update-58063 |
||
| RedHat: Moderate: vixie-cron security update | ||
17th, May, 2007
The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. Raphael Marichez discovered a denial of service bug in the way vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab can prevent vixie-cron from executing certain system cron jobs. advisories/red-hat/redhat-moderate-vixie-cron-security-update-RHSA-2007-0345-01 |
||
| RedHat: Moderate: evolution security update | ||
17th, May, 2007
Updated evolution packages that fix a security bug are now available for Red Hat Enterprise Linux 3 and 4. A flaw was found in the way Evolution processed certain APOP authentication requests. A remote attacker could potentially acquire certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server. advisories/red-hat/redhat-moderate-evolution-security-update-46515 |
||
| RedHat: Moderate: squirrelmail security update | ||
17th, May, 2007
A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5.Several HTML filtering bugs were discovered in SquirrelMail. An attacker could inject arbitrary JavaScript leading to cross-site scripting attacks by sending an e-mail viewed by a user within SquirrelMail. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-squirrelmail-security-update-90811 |
||
| Slackware: samba | ||
15th, May, 2007
New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, and current to fix security issues. The security fixes local SID/Name translation bug can result in user privilege elevation, multiple heap overflows allow remote code execution, and Unescaped user input parameters are passed as arguments to /bin/sh allowing for remote command execution. Vulnerabilities and Exposures (CVE) database: |
||
| Slackware: libpng | ||
16th, May, 2007
New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445 |
||
| SuSE: Linux kernel (SUSE-SA:2007:030) | ||
10th, May, 2007
This kernel update is for SUSE Linux 9.3 which fixes the some security problems. The ftdi_sio driver allowed local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. This requires this driver to be loaded, which only happens if such a device is plugged in. |
||
| Ubuntu: pptpd vulnerability | ||
14th, May, 2007
A flaw was discovered in the PPTP tunnel server. Remote attackers could send a specially crafted packet and disrupt established PPTP tunnels, leading to a denial of service. advisories/ubuntu/ubuntu-pptpd-vulnerability |
||
| Ubuntu: Samba vulnerabilities | ||
15th, May, 2007
Paul Griffith and Andrew Hogue discovered that Samba did not fully drop root privileges while translating SIDs. A remote authenticated user could issue SMB operations during a small window of opportunity and gain root privileges. advisories/ubuntu/ubuntu-samba-vulnerabilities |
||
