----------------------------------------
This Issue is Sponsored by: eEye
Too Many Security Agents Cluttering Your System?
Replace your Firewall, IPS, Anti-Spyware and more with Blink® Professional for less than what you are currently paying in renewals.
Learn more on how you can experience the simplicity of one. One agent. One console. One Policy. One Solution.
Introducing eEye Digital Security's Blink® Professional, the first all-in-one security agent.
http://www.eeye.com/ctrack.asp?ref=SFBlink20061031
------------------------------------------------------------------
I. FRONT AND CENTER
1. Employee Privacy, Employer Policy
II. LINUX VULNERABILITY SUMMARY
1. GraphicsMagick PALM DCM Buffer Overflow Vulnerabilities
2. PostgreSQL Multiple Local Denial of Service Vulnerabilities
3. Smartgate SSL Server Directory Traversal Information Disclosure Vulnerability
4. GNU Screen Multiple Denial of Service Vulnerabilities
5. Mutt Insecure Temporary File Creation Multiple Vulnerabilities
6. Cisco Security Agent Remote Port Scan Denial of Service Vulnerability
7. Axalto Protiva Local Information Disclosure Vulnerability
8. Wireshark Multiple Protocol Dissectors Denial of Service Vulnerabilities
9. Xsupplicant Stack Buffer Overflow Vulnerability
10. OpenPBS Multiple Local and Remote Vulnerabilities
11. Yukihiro Matsumoto Ruby CGI Module MIME Denial Of Service Vulnerability
12. Vilistextum Remote Denial of Service and Buffer Overflow Vulnerabilities
III. LINUX FOCUS LIST SUMMARY
1. Detecting brute force attacks
2. Detecting Brute-Force and Dictionary attacks
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Employee Privacy, Employer Policy
By Kelly Martin
Following the 2006 International Virus Bulletin Conference, Kelly Martin takes a look at the profit motives of the cyber criminals behind modern viruses, targeted trojans, phishing scams and botnet attacks that are stealing millions from organizations and individuals.
http://www.securityfocus.com/columnists/419
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. GraphicsMagick PALM DCM Buffer Overflow Vulnerabilities
BugTraq ID: 20707
Remote: No
Date Published: 2006-10-24
Relevant URL: http://www.securityfocus.com/bid/20707
Summary:
GraphicsMagick is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.
Successful exploits may allow an attacker to execute arbitrary machine code to compromise an affected computer or to cause denial-of-service conditions.
GraphicsMagick 1.1.7 and prior versions are vulnerable.
2. PostgreSQL Multiple Local Denial of Service Vulnerabilities
BugTraq ID: 20717
Remote: No
Date Published: 2006-10-24
Relevant URL: http://www.securityfocus.com/bid/20717
Summary:
PostgreSQL is prone to multiple local denial-of-service vulnerabilities because of various errors in the application when handling user-supplied data.
A local authenticated attacker can exploit these issues to crash the server, effectively denying service to legitimate users.
3. Smartgate SSL Server Directory Traversal Information Disclosure Vulnerability
BugTraq ID: 20722
Remote: Yes
Date Published: 2006-10-24
Relevant URL: http://www.securityfocus.com/bid/20722
Summary:
The Smartgate SSL Server is prone to a remote information-disclosure vulnerability because the application fails to properly sanitize user-supplied input.
Exploiting this issue allows remote, unauthenticated attackers to retrieve the contents of arbitrary files from vulnerable computers with the privileges of the webserver process. Information harvested may aid in further attacks.
4. GNU Screen Multiple Denial of Service Vulnerabilities
BugTraq ID: 20727
Remote: Yes
Date Published: 2006-10-25
Relevant URL: http://www.securityfocus.com/bid/20727
Summary:
GNU Screen is prone to multiple denial-of-service vulnerabilities. A remote attacker may trigger these issues and deny services to legitimate users.
GNU Screen versions prior to 4.0.3 are affected by these vulnerabilities.
5. Mutt Insecure Temporary File Creation Multiple Vulnerabilities
BugTraq ID: 20733
Remote: No
Date Published: 2006-10-25
Relevant URL: http://www.securityfocus.com/bid/20733
Summary:
Mutt creates temporary files in an insecure manner.
Attackers could exploit these issues to perform symlink attacks to overwrite arbitrary files using the privileges of the user running the vulnerable application.
Mutt 1.5.12 and prior versions are vulnerable.
6. Cisco Security Agent Remote Port Scan Denial of Service Vulnerability
BugTraq ID: 20737
Remote: Yes
Date Published: 2006-10-25
Relevant URL: http://www.securityfocus.com/bid/20737
Summary:
Cisco Security Agent (CSA) for Linux is vulnerable to a remote denial-of-service vulnerability because the application fails to properly handle unexpected network traffic.
Successfully exploiting this issue allows remote attackers to cause the affected software to enter into an unresponsive state, denying further service to legitimate users.
This issue does not affect CSA for Windows or Solaris.
7. Axalto Protiva Local Information Disclosure Vulnerability
BugTraq ID: 20755
Remote: No
Date Published: 2006-10-26
Relevant URL: http://www.securityfocus.com/bid/20755
Summary:
Axalto Protiva is prone to a local information-disclosure vulnerability because the application fails to protect sensitive information from unprivileged users.
A user who can gain local, interactive access to affected computers may exploit this issue to access credentials stored by the application. Information harvested by exploiting this issue will aid the attacker in further attacks. By compromising the information store of affected services, the attacker may potentially gain unauthorized access to any computer or device that is configured to use the affected service as an authentication source.
Axalto Protiva 1.1 is vulnerable to this issue; other versions may also be affected.
8. Wireshark Multiple Protocol Dissectors Denial of Service Vulnerabilities
BugTraq ID: 20762
Remote: Yes
Date Published: 2006-10-27
Relevant URL: http://www.securityfocus.com/bid/20762
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.
Exploiting these issues may permit attackers to cause crashes and deny service to legitimate users of the application.
Wireshark versions prior to 0.99.4 are affected.
9. Xsupplicant Stack Buffer Overflow Vulnerability
BugTraq ID: 20775
Remote: Yes
Date Published: 2006-10-27
Relevant URL: http://www.securityfocus.com/bid/20775
Summary:
Xsupplicant is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected application. Failed attempts will likely crash the application, resulting in denial-of-service conditions.
Xsupplicant versions prior to 1.2.8 are reported vulnerable.
10. OpenPBS Multiple Local and Remote Vulnerabilities
BugTraq ID: 20776
Remote: Yes
Date Published: 2006-10-27
Relevant URL: http://www.securityfocus.com/bid/20776
Summary:
OpenPBS is prone to multiple unspecified remote and local vulnerabilities.
Exploiting these issues may allow both local and remote attackers to completely compromise affected computers because portions of the software operate with superuser privileges. Failed exploit attempts may result in denial-of-service conditions.
Very little information is currently available; this BID will be updated as more information is disclosed.
11. Yukihiro Matsumoto Ruby CGI Module MIME Denial Of Service Vulnerability
BugTraq ID: 20777
Remote: Yes
Date Published: 2006-10-28
Relevant URL: http://www.securityfocus.com/bid/20777
Summary:
Ruby is prone to a remote denial-of-service vulnerability because the application's CGI module fails to properly handle specific HTTP requests that contain invalid information.
Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected Ruby CGI Module.
12. Vilistextum Remote Denial of Service and Buffer Overflow Vulnerabilities
BugTraq ID: 20813
Remote: Yes
Date Published: 2006-10-30
Relevant URL: http://www.securityfocus.com/bid/20813
Summary:
Vilistextum is prone to multiple remote vulnerabilities. The first issue is a memory leak; the second issue is an off-by-one buffer overflow.
Exploiting these vulnerabilities may allow remote attackers to execute arbitrary machine-code in the context of the affected application or to crash the application, denying service to users.
Note that a successful exploit requires that unsuspecting victims use the affected utility to process attacker-supplied files.
Vilistextum versions prior to 2.6.9 are vulnerable to these issues.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. Detecting brute force attacks
http://www.securityfocus.com/archive/91/449686
2. Detecting Brute-Force and Dictionary attacks
http://www.securityfocus.com/archive/91/449157
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: eEye
Too Many Security Agents Cluttering Your System?
Replace your Firewall, IPS, Anti-Spyware and more with Blink® Professional for less than what you are currently paying in renewals.
Learn more on how you can experience the simplicity of one. One agent. One console. One Policy. One Solution.
Introducing eEye Digital Security's Blink® Professional, the first all-in-one security agent.
No comments:
Post a Comment