Vyatta - Linux-based Router, Firewall & VPN - Vyatta software and appliances combine the features, performance and reliability of enterprise-class networking gear with the cost-savings and flexibility of linux-based solutions. Vyatta empowers you to replace overpriced proprietary router, firewall and VPN equipment with commercially supported open-source solutions.
Free Vyatta Software & Live Webinars
LinuxSecurity.com Feature Extras:
RFID with Bio-Smart Card in Linux - In this paper, we describe the integration of fingerprint template and RF smart card for clustered network, which is designed on Linux platform and Open source technology to obtain biometrics security. Combination of smart card and biometrics has achieved in two step authentication where smart card authentication is based on a Personal Identification Number (PIN) and the card holder is authenticated using the biometrics template stored in the smart card that is based on the fingerprint verification. The fingerprint verification has to be executed on central host server for security purposes. Protocol designed allows controlling entire parameters of smart security controller like PIN options, Reader delay, real-time clock, alarm option and cardholder access conditions.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian: New samba packages fix multiple vulnerabilities | ||
17th, May, 2007
Various bugs in Samba's NDR parsing can allow a user to send specially crafted MS-RPC requests that will overwrite the heap space with user defined data. advisories/debian/debian-new-samba-packages-fix-multiple-vulnerabilities-42749 |
||
| Debian: New xfree86 packages fix several vulnerabilities | ||
17th, May, 2007
Several vulnerabilities have been discovered in the X Window System, which may lead to privilege escalation. Sean Larsson discovered an integer overflow in the XC-MISC extension, which might lead to denial of service or local privilege escalation. advisories/debian/debian-new-xfree86-packages-fix-several-vulnerabilities-80779 |
||
| Debian: New php5 packages fix several vulnerabilities | ||
19th, May, 2007
Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: advisories/debian/debian-new-php5-packages-fix-several-vulnerabilities-1312 |
||
| Debian: New clamav packages fix denial of service vulnerability | ||
21st, May, 2007
On 25 April, the Debian Security Team released clamav 0.90.1-3etch1, an update to the Clam anti-virus toolkit, to address several vulnerabilities. Unfortunately, there was an error in the updated packages and CVE-2007-2029, a file descriptor leak in the PDF document handler, was not properly fixed in Debian 4.0 (etch) or the Debian testing distribution (lenny). This problem has been fixed in version 0.90.1-3etch2 for Debian 4.0 (etch). advisories/debian/debian-new-clamav-packages-fix-denial-of-service-vulnerability |
||
| Debian: New php4 packages fix privilege escalation | ||
21st, May, 2007
It was discovered that the ftp extension of PHP, a server-side, HTML-embedded scripting language performs insufficient input sanitising, which permits an attacker to execute arbitrary FTP commands. This requires the attacker to already have access to the FTP server. advisories/debian/debian-new-php4-packages-fix-privilege-escalation |
||
| Debian: New gforge-plugin-scmcvs packages fix arbitrary shell command execution | ||
24th, May, 2007
Bernhard R. Link discovered that the CVS browsing interface of Gforge, a collaborative development tool, performs insufficient escaping of URLs, which allows the execution of arbitrary shell commands with the privileges of the www-data user. advisories/debian/debian-new-gforge-plugin-scmcvs-packages-fix-arbitrary-shell-command-execution |
||
| Fedora Core 6 Update: tomcat5-5.5.23-0jpp.2.fc6 | ||
21st, May, 2007
Several security issues were reported to be fixed in releases prior to tomcat5.5.23. Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. advisories/fedora/fedora-core-6-update-tomcat5-5523-0jpp2fc6-19-02-00-128271 |
||
| Fedora Core 6 Update: jakarta-commons-modeler-1.1-8jpp.2.fc6 | ||
21st, May, 2007
Several security issues were reported to be fixed in releases prior to tomcat5.5.23 Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. advisories/fedora/fedora-core-6-update-jakarta-commons-modeler-11-8jpp2fc6-19-02-00-128272 |
||
| Fedora Core 5 Update: samba-3.0.24-6.fc5 | ||
21st, May, 2007
Security bugs where found in samba-3.0.24-6.fc5. This update fixes nmbd segfault in some rare conditions. Also fixes a bug introduced with CVE-2007-2444 in some configurations. fixes CVE-2007-0452 Samba smbd denial of service advisories/fedora/fedora-core-5-update-samba-3024-6fc5-19-03-00-128278 |
||
| Fedora Core 5 Update: php-5.1.6-1.6 | ||
24th, May, 2007
This update fixes a number of security issues in PHP. A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. advisories/fedora/fedora-core-5-update-php-516-16-02-18-00-128317 |
||
| Gentoo: PhpWiki Remote execution of arbitrary code | ||
17th, May, 2007
A vulnerability has been discovered in PhpWiki allowing for the remote execution of arbitrary code. A remote attacker could upload a specially crafted PHP file to the vulnerable server, resulting in the execution of arbitrary PHP code with the privileges of the user running PhpWiki. |
||
| Gentoo: Apache mod_security Rule bypass | ||
17th, May, 2007
A vulnerability has been discovered in mod_security, allowing a remote attacker to bypass rules.A remote attacker could send a specially crafted POST request, possibly bypassing the module ruleset and leading to the execution of arbitrary code in the scope of the web server with the rights of the user running the web server. |
||
| Gentoo: PPTPD Denial of Service attack | ||
20th, May, 2007
PPTPD is a Point-to-Point Tunnelling Protocol Daemon for Linux. A vulnerability has been reported in PPTPD which could lead to a Denial of Service. |
||
| Mandriva: Updated fetchmail packages fix potential APOP vulnerabilities | ||
17th, May, 2007
The APOP functionality in fetchmail's POP3 client implementation was validating the APOP challenge too lightly, accepting random garbage as a POP3 server's APOP challenge, rather than insisting it conform to RFC-822 specifications. Updated packages have been patched to prevent these issues, however it should be noted that the APOP MD5-based authentication scheme should no longer be considered secure. |
||
| Mandriva: Updated squirrelmailpackages fix vulnerabilities | ||
19th, May, 2007
A number of HTML filtering bugs were found in SquirrelMail that could allow an attacker to inject arbitrary JavaScript leading to cross-site scripting attacks by sending an email viewed by a user within SquirrelMail (CVE-2007-1262). |
||
| Mandriva: Updated evolution packages fix APOP weakness | ||
20th, May, 2007
A weakness in the way Evolution processed certain APOP authentication requests was discovered. A remote attacker could potentially obtain certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server. The updated packages have been patched to prevent this issue. |
||
| Mandriva: Updated tetex packages fix vulnerabilities | ||
23rd, May, 2007
Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Tetex 3.x uses an embedded copy of the gd source and may also be affected by this issue. |
||
| Mandriva: Updated samba packages fix multiple | ||
24th, May, 2007
A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server. |
||
| RedHat: Moderate: ipsec-tools security update | ||
17th, May, 2007
Updated ipsec-tools packages that fix a denial of service flaw in racoon are now available for Red Hat Enterprise Linux 5. A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-ipsec-tools-security-update-58063 |
||
| RedHat: Moderate: vixie-cron security update | ||
17th, May, 2007
The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. Raphael Marichez discovered a denial of service bug in the way vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab can prevent vixie-cron from executing certain system cron jobs. advisories/red-hat/redhat-moderate-vixie-cron-security-update-RHSA-2007-0345-01 |
||
| RedHat: Moderate: evolution security update | ||
17th, May, 2007
Updated evolution packages that fix a security bug are now available for Red Hat Enterprise Linux 3 and 4. A flaw was found in the way Evolution processed certain APOP authentication requests. A remote attacker could potentially acquire certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server. advisories/red-hat/redhat-moderate-evolution-security-update-46515 |
||
| RedHat: Moderate: squirrelmail security update | ||
17th, May, 2007
A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5.Several HTML filtering bugs were discovered in SquirrelMail. An attacker could inject arbitrary JavaScript leading to cross-site scripting attacks by sending an e-mail viewed by a user within SquirrelMail. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-squirrelmail-security-update-90811 |
||
| RedHat: Moderate: libpng security update | ||
17th, May, 2007
Updated libpng packages that fix security issues are now available for Red Hat Enterprise Linux.A flaw was found in the handling of malformed images in libpng. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was manipulated. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-libpng-security-update-20383 |
||
| RedHat: Moderate: gimp security update | ||
21st, May, 2007
Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux.Marsu discovered a stack overflow bug in The GIMP RAS file loader. An attacker could create a carefully crafted file that could cause The GIMP to crash or possibly execute arbitrary code if the file was opened by a victim. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-gimp-security-update-RHSA-2007-0343-01 |
||
| RedHat: Important: tomcat security update | ||
21st, May, 2007
Updated tomcat packages that fix multiple security issues are now available for Red Hat Application Server v2.Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-tomcat-security-update-RHSA-2007-0326-01 |
||
| RedHat: Important: tomcat security update | ||
24th, May, 2007
Updated tomcat packages that fix multiple security issues and a bug are now available for Red Hat Developer Suite 3. Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. advisories/red-hat/redhat-important-tomcat-security-update-RHSA-2007-0326-01 |
||
| SuSE: samba security problems | ||
22nd, May, 2007
The Samba server was affected by several security problems which have been fixed. Specially crafted MS-RPC packets could overwrite heap memory and therefore could potentially be exploited to execute code. Authenticated users could leverage specially crafted MS-RPC packets to pass arguments unfiltered to /bin/sh. |
||
| SuSE: php4,php5 security problems | ||
23rd, May, 2007
Numerous numerous vulnerabilities have been fixed in PHP. Most of them were made public during the "Month of PHP Bugs" project by Stefan Esser and we thank Stefan for his reports. The vulnerabilities potentially lead to crashes, information leaks or even execution of malicious code. |
||
| Ubuntu: Quagga vulnerability | ||
17th, May, 2007
It was discovered that Quagga did not correctly verify length information sent from configured peers. Remote malicious peers could send a specially crafted UPDATE message which would cause bgpd to abort, leading to a denial of service. advisories/ubuntu/ubuntu-quagga-vulnerability |
||
| Ubuntu: pptpd regression | ||
21st, May, 2007
USN-459-1 fixed vulnerabilities in pptpd. However, a portion of the fix caused a regression in session establishment under Dapper for certain PPTP clients. This update fixes the problem. We apologize for the inconvenience. advisories/ubuntu/ubuntu-pptpd-regression |
||
| Ubuntu: Samba regression | ||
22nd, May, 2007
USN-460-1 fixed several vulnerabilities in Samba. The upstream changes for CVE-2007-2444 had an unexpected side-effect in Feisty. Paul Griffith and Andrew Hogue discovered that Samba did not fully drop root privileges while translating SIDs. A remote authenticated user could issue SMB operations during a small window of opportunity and gain root privileges. (CVE-2007-2444) advisories/ubuntu/ubuntu-samba-regression-40222 |
||
| Ubuntu: PHP vulnerabilities | ||
22nd, May, 2007
A flaw was discovered in the FTP command handler in PHP. Commands were not correctly filtered for control characters. An attacker could issue arbitrary FTP commands using specially crafted arguments. advisories/ubuntu/ubuntu-php-vulnerabilities-97448 |
||
| Ubuntu: vim vulnerability | ||
22nd, May, 2007
Tomas Golembiovsky discovered that some vim commands were accidentally allowed in modelines. By tricking a user into opening a specially crafted file in vim, an attacker could execute arbitrary code with user privileges. advisories/ubuntu/ubuntu-vim-vulnerability-53077 |
||
