----------------------------------------
This Issue is Sponsored by: Netgear
Stay connected even when you are out of the office
All you need is a web browser and a PC. NETGEAR's ProSafe SSL VPN Concentrator 25 uses the SSL internet protocol to securely connect up to 25 concurrent remote users to corporate resources and e-mail. No client application needed. Visit the URL below
http://newsletter.industrybrains.com/c?fe;1;632e9;16e5c;2b2;0;da4
------------------------------------------------------------------
I. FRONT AND CENTER
1. FreeBSD Security Event Auditing
II. LINUX VULNERABILITY SUMMARY
1. ELOG Web Logbook ELogD Server Denial Of Service Vulnerability
2. D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
3. PowerDNS Remote Denial of Service and Buffer Overflow Vulnerabilities
4. Sun Java Runtime Environment Information Disclosure Vulnerability
5. LibPNG Graphics Library PNG_SET_SPLT Remote Denial of Service Vulnerability
6. Extremail Remote Unspecified Buffer Overflow Vulnerability.
7. Chetcpasswd Multiple Vulnerabilities
8. Verity Ultraseek Information Disclosure and Request Proxying Vulnerabilities
9. NetGear WG111v2 Wireless Driver Long Beacon Buffer Overflow Vulnerability
10. Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
11. ImageMagick SGI Image File Unspecified Remote Heap Buffer Overflow Vulnerability
12. Computer Associates BrightStor ARCserve Backup Tape Engine Remote Buffer Overflow Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. spambots and dictionary attacks
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. FreeBSD Security Event Auditing
By Federico Biancuzzi
The upcoming release of FreeBSD 6.2 includes the new Security Event Auditing system, that "permits the selective and fine-grained logging of security-relevant system events for the purposes of post-mortem analysis, intrusion detection, and run-time monitoring analysis." Federico Biancuzzi interviewed Robert Watson, founder of the TrustedBSD project, and discussed the advantages and potentialities it brings.
http://www.securityfocus.com/columnists/422
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. ELOG Web Logbook ELogD Server Denial Of Service Vulnerability
BugTraq ID: 21028
Remote: Yes
Date Published: 2006-11-13
Relevant URL: http://www.securityfocus.com/bid/21028
Summary:
ELOG Web Logbook is prone to a remote denial-of-service vulnerability because the application fails to properly handle specific HTTP requests that contain invalid information.
Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected application.
2. D-Link DWL-G132 ASAGU.SYS Wireless Device Driver Stack Buffer Overflow Vulnerability
BugTraq ID: 21032
Remote: Yes
Date Published: 2006-11-13
Relevant URL: http://www.securityfocus.com/bid/21032
Summary:
The D-Link Wireless Device Driver for DWL-G132 devices is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions.
The ASAGU.SYS driver is primarily used on the Microsoft Window operating system. Note, however, that Linux and BSD machines using the 'ndiswrapper' tool should determine if they are using a vulnerable instance of the driver.
Note also that this vulnerability can be exploited only when an attacker is within the range of broadcast of 802.11 wireless connections.
Version 1.0.1.41 of the ASAGU.SYS driver is reported vulnerable; other versions may also be affected.
3. PowerDNS Remote Denial of Service and Buffer Overflow Vulnerabilities
BugTraq ID: 21037
Remote: Yes
Date Published: 2006-11-13
Relevant URL: http://www.securityfocus.com/bid/21037
Summary:
A denial-of-service vulnerability and a buffer-overflow vulnerability affect PowerDNS.
Successfully exploiting the buffer-overflow issue allows remote attackers to execute arbitrary machine code in the context of the PowerDNS Recursor, facililtating a remote compromise of affected computers. Attackers may exploit the denial-of-service vulnerability to crash the PowerDNS Recursor, denying further DNS service to legitimate users.
PowerDNS Recursor versions prior to 3.1.4 are affected by these issues.
4. Sun Java Runtime Environment Information Disclosure Vulnerability
BugTraq ID: 21077
Remote: Yes
Date Published: 2006-11-14
Relevant URL: http://www.securityfocus.com/bid/21077
Summary:
The Sun Java runtime environment is prone to an information-disclosure vulnerability. This issue is due to a design flaw in the affected application.
An attacker can exploit this issue to gain access to sensitive information. This may lead to other attacks.
5. LibPNG Graphics Library PNG_SET_SPLT Remote Denial of Service Vulnerability
BugTraq ID: 21078
Remote: Yes
Date Published: 2006-11-14
Relevant URL: http://www.securityfocus.com/bid/21078
Summary:
LibPNG is reported prone to a denial-of-service vulnerability. The library fails to perform proper bounds-checking of user-supplied input, which leads to an out-of-bounds read error.
Attackers may exploit this vulnerability to crash an application that relies on the affected library.
6. Extremail Remote Unspecified Buffer Overflow Vulnerability.
BugTraq ID: 21084
Remote: Yes
Date Published: 2006-11-15
Relevant URL: http://www.securityfocus.com/bid/21084
Summary:
eXtremail is prone to an unspecified remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker may exploit this issue to execute arbitrary machine code in the context of the user running the application. Failed exploit attempts will likely result in denial-of-service conditions.
This vulnerability is reported in Extremail version 2.1; other versions may also be affected.
7. Chetcpasswd Multiple Vulnerabilities
BugTraq ID: 21102
Remote: Yes
Date Published: 2006-11-15
Relevant URL: http://www.securityfocus.com/bid/21102
Summary:
Chetcpasswd is prone to multiple vulnerabilities. These issues include an information-disclosure vulnerability and an authentication-bypass vulnerability.
An attacker may exploit these issues to gain unauthorized access to the affected computer and gain access to sensitive information.
8. Verity Ultraseek Information Disclosure and Request Proxying Vulnerabilities
BugTraq ID: 21120
Remote: Yes
Date Published: 2006-11-16
Relevant URL: http://www.securityfocus.com/bid/21120
Summary:
Verity Ultraseek is reported prone to a number of vulnerabilities.
Exploiting the vulnerabilities allows remote attackers to proxy attacks to internal networks and computers, to gain unauthorized access to unspecified information through a number of vulnerable scripts, and to retrieve the contents of arbitrary system files.
Verity Ultraseek versions prior to 5.7 are reported vulnerable to these issues.
9. NetGear WG111v2 Wireless Driver Long Beacon Buffer Overflow Vulnerability
BugTraq ID: 21126
Remote: Yes
Date Published: 2006-11-16
Relevant URL: http://www.securityfocus.com/bid/21126
Summary:
NetGear WG111v2 Wireless device is prone to a stack-based buffer-overflow vulnerability because the driver fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of the kernel hosting the vulnerable driver. Failed attempts will likely crash the kernel, resulting in denial-of-service conditions.
The WG111v2.SYS driver is primarily used on the Microsoft Window operating system. Note, however, that Linux and BSD machines using the 'ndiswrapper' tool should determine if they are using a vulnerable instance of the driver.
Note also that this vulnerability can be exploited only when an attacker is within the range of broadcast of 802.11 wireless connections.
Version 5.1213.6.316 of the WG111v2.SYS driver is vulnerable to this issue; Other versions may also be affected
10. Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 21183
Remote: Yes
Date Published: 2006-11-20
Relevant URL: http://www.securityfocus.com/bid/21183
Summary:
Dovecot is prone to an off-by-one buffer-overflow condition due to an error which results in insufficient memory allocation.
An attacker may exploit this issue to trigger denial-of-service conditions. It is conjectured that arbitrary code execution may be possible as well.
Versions 1.0test53 to 1.0.rc14 are vulnerable.
11. ImageMagick SGI Image File Unspecified Remote Heap Buffer Overflow Vulnerability
BugTraq ID: 21185
Remote: Yes
Date Published: 2006-11-20
Relevant URL: http://www.securityfocus.com/bid/21185
Summary:
ImageMagick is prone to a remote heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of applications that use the ImageMagick library.
ImageMagick versions in the 6.x series, up to version 6.2.8, are vulnerable to this issue.
12. Computer Associates BrightStor ARCserve Backup Tape Engine Remote Buffer Overflow Vulnerability
BugTraq ID: 21221
Remote: Yes
Date Published: 2006-11-21
Relevant URL: http://www.securityfocus.com/bid/21221
Summary:
Computer Associates BrightStor ARCserve Backup is affected by a remote buffer-overflow vulnerability. This issue is due to a failure of the application to perform proper bounds checking on data supplied to the application.
A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. A denial-of-service condition may arise as a consequence of failed exploit attempts.
BrightStore ARCserver Backup version 11.5 is vulnerable to this issue; other versions may also be affected.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. spambots and dictionary attacks
http://www.securityfocus.com/archive/91/451920
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: Netgear
Stay connected even when you are out of the office
All you need is a web browser and a PC. NETGEAR's ProSafe SSL VPN Concentrator 25 uses the SSL internet protocol to securely connect up to 25 concurrent remote users to corporate resources and e-mail. No client application needed. Visit the URL below
http://newsletter.industrybrains.com/c?fe;1;632e9;16e5c;2b2;0;da4
No comments:
Post a Comment