Get the LinuxSecurity news you want faster with RSS
Powered By
Linux Advisory Watch: March 14th, 2008
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas
This week, advisories were released for libnet-dns-perl, moin, lighttpd, kernel, sarg, drakconf, pulseaudit, tomboy, evolution, thunderbird, mailman, cups, and python. The distributors include Debian, Gentoo, Mandriva, SuSE, and Ubuntu.
Linux+DVD
Magazine Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of Open
Source software. The majority of our readers is between 15 and 40 years old.
They are interested in current news from the Linux world, upcoming projects
etc.
In each issue you can find information concerning typical use of Linux: safety,
databases, multimedia, scientific tools, entertainment, programming, e-mail,
news and desktop environments.
LinuxSecurity.com
Feature Extras:
Open Source Tool of March: ZoneMinder - For January and February, we chose some of the staples of open source security (GnuPG and Nmap) as the tool of the month. And deservedly so; both have just celebrated their ten-year anniversary in the open source realm, a rare feat for any open source project, much less one founded on security.
But for the month of March, we wanted to move ahead and change gears. This month's Open Source Tool is no newbie for sure, but we bet that most of you reading haven't heard of it. While most Linux security tools deal with digital security, this month's tool is one of the few to cross that divide;
Welcome to Zone Minder, the Open Source Tool for March...
Having a great defense involves proper detection and recognition of an attack. In our security world we have great IDS tools to properly recognize when we are being attacked as well as firewalls to prevent such attacks from happening. However, certain attacks are not blindly thrown at you - a good attacker knows that a certain amount of reconnaissance and knowledge about your defenses greatly increases the chances of a successful attack. How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is...
Thank you for reading the LinuxSecurity.com
weekly security newsletter. The purpose of this document is to provide our readers
with a quick summary of each week's most relevant Linux security headline.
EnGarde Secure Community v3.0.18 Now Available! (Dec 4)
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.18 (Version 3.0, Release 18). This release includes the brand new Health Center, new packages for FWKNP and PSAD, updated packages and bug fixes, some feature enhancements to Guardian Digital WebTool and the SELinux policy, as well as other new features.
In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database and e-mail security, integrated intrusion detection and SELinux policies and more.
Debian: New moin packages fix several vulnerabilities (Mar 9)
Several remote vulnerabilities have been discovered in MoinMoin, a Python clone of WikiWiki. The Common Vulnerabilities and Exposures project identifies the following problems
Debian: New lighttpd packages fix CGI source disclosure (Mar 6)
It was discovered that lighttpd, a fast webserver with minimal memory footprint, would display the source to CGI scripts if their execution failed in some circumstances.
Debian: New Linux kernel 2.4.27 packages fix several issues (Mar 6)
The package versions referenced in the initial DSA-1503 advisory introduced a regression that can cause hangs on systems that make use of the ext2 filesystem. The regression has been resolved in the package versions referenced by this updated advisory.
This drakconf update fixes a bug where some icons were hidden when translations contained certain meta characters. It also fixes a few translation errors, and enables visiting the Mandriva Tour from the Mandriva Control Center.
Mandriva: Updated pulseaudio packages fix denial of service (Mar 9)
Luigi Auriemma found a few programming errors in Pulseaudio, that can be used to crash the Pulseaudio daemon, by authenticated and unauthenticated users. The updated packages fix these issues.
A flaw in how tomboy handles LD_LIBRARY_PATH was discovered where by appending paths to LD_LIBRARY_PATH the program would also search the current directory for shared libraries. In directories containing network data, those libraries could be injected into the application. The updated packages have been patched to correct this issue.
Ulf Harnhammar of Secunia Research discovered a format string flaw in how Evolution displayed encrypted mail content. If a user were to open a carefully crafted email message, arbitrary code could be executed with the permissions of the user running Evolution. The updated packages have been patched to correct this issue.
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.12. This update provides the latest Thunderbird to correct these issues.
Multiple cross-site scripting (XSS) vulnerabilities were found in Mailman prior to version 2.1.10b1, which allow remote attackers to inject arbitrary web script or HTML via editing templates and the list's info attribute in the web administrator interface. The updated packages have been patched to correct these issues.
The current security update of cups fixes a double-free bug in the function process_browse_data() that can lead to a remote denial-of-service by crash- ing cupsd or possibly to a remote code execution (CVE-2008-0882). The bug can only be exploited if cupsd listens to 631/udp by crafted UDP Browse packets.
Piotr Engelking discovered that strxfrm in Python was not correctly calculating the size of the destination buffer. This could lead to small information leaks, which might be used by attackers to gain additional knowledge about the state of a running Python script. (CVE-2007-2052) A flaw was discovered in the Python imageop module. If a script using the module could be tricked into processing a specially crafted set of arguments, a remote attacker could execute arbitrary code, or cause the application to crash. (CVE-2007-4965)
USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem. We apologize for the inconvenience.
