News

Friday, January 05, 2007

SecurityFocus Linux Newsletter #318

SecurityFocus Linux Newsletter #318
----------------------------------------

This Issue is Sponsored by: Watchfire

Privilege Escalation vulnerabilities in web applications have existed since the earliest days of web applications, yet since testing for them is such a complicated and tedious manual task, they are often overlooked in web application assessments. This paper will examine Privilege Escalation issues in web applications, including highlighting horizontal and vertical examples, and how to automate the challenging process of testing for them. Download it today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fGg

------------------------------------------------------------------
I. FRONT AND CENTER
1. Wireless Forensics: Part One - Tapping the Air
II. LINUX VULNERABILITY SUMMARY
1. W3M SSL Certificate Format String Vulnerability
2. DB Hub Remote Denial of Service Vulnerability
3. OpenSER SMS Handling module Remote Buffer Overflow Vulnerability
4. QuickCam VC Device Driver for Linux QCAMVC_Video_Init Function Buffer Overflow Vulnerability
5. Linux Kernel Unspecified Remote Vulnerability
6. Linux Kernel EFLAGS Local Denial of Service Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Wireless Forensics: Part One - Tapping the Air
By Raul Siles, GSE
This two-part series looks at the issues associated with collecting and analyzing network traffic from wireless networks in an accurate and comprehensive way; a discipline known as wireless forensics. Part one of this article focuses on the technical details and challenges for traffic acquisition, and provides design requirements and best practices for wireless forensics tools.

http://www.securityfocus.com/infocus/1884


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. W3M SSL Certificate Format String Vulnerability
BugTraq ID: 21735
Remote: Yes
Date Published: 2006-12-25
Relevant URL: http://www.securityfocus.com/bid/21735
Summary:
W3M is prone to a format string vulnerability. This issue can occur when the browser processes SSL certificates that include format specifiers.

A successful exploit could result in execution of arbitrary code in the context of the user running the browser.

The vulnerability was reported to affect version 0.5.1. Prior versions could also be affected.

2. DB Hub Remote Denial of Service Vulnerability
BugTraq ID: 21791
Remote: Yes
Date Published: 2006-12-27
Relevant URL: http://www.securityfocus.com/bid/21791
Summary:
A remote denial-of-service vulnerability affects the DB Hub application. This issue is due to a memory-corruption flaw when it attempts to process specially-crafted network traffic.

An attacker may exploit this issue to crash affected applications, denying service to legitimate users.

DB Hub version 0.3 is vulnerable to this issue; other versions may also be affected.

3. OpenSER SMS Handling module Remote Buffer Overflow Vulnerability
BugTraq ID: 21800
Remote: Yes
Date Published: 2006-12-28
Relevant URL: http://www.securityfocus.com/bid/21800
Summary:
The OpenSER SMS module is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service.

Versions 1.1.0 and prior are vulnerable to this issue.

4. QuickCam VC Device Driver for Linux QCAMVC_Video_Init Function Buffer Overflow Vulnerability
BugTraq ID: 21815
Remote: Yes
Date Published: 2006-12-29
Relevant URL: http://www.securityfocus.com/bid/21815
Summary:
QuickCam VC device driver for Linux is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

Exploiting this issue allows attackers to execute arbitrary machine code in the context of the affected server application. Failed exploit attempts will likely crash the application, resulting in denial-of-service conditions.

Versions 1.0.9 and prior are reported vulnerable.

5. Linux Kernel Unspecified Remote Vulnerability
BugTraq ID: 21835
Remote: Yes
Date Published: 2007-12-29
Relevant URL: http://www.securityfocus.com/bid/21835
Summary:
The Linux kernel is prone to an unspecified vulnerability.

Versions prior to 2.4.34 are vulnerable to this issue.

6. Linux Kernel EFLAGS Local Denial of Service Vulnerability
BugTraq ID: 21851
Remote: No
Date Published: 2007-01-02
Relevant URL: http://www.securityfocus.com/bid/21851
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

A local attacker can exploit this issue to crash processes belonging to other users.

Versions prior to 2.6.18 are vulnerable to this issue.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: Watchfire

Privilege Escalation vulnerabilities in web applications have existed since the earliest days of web applications, yet since testing for them is such a complicated and tedious manual task, they are often overlooked in web application assessments. This paper will examine Privilege Escalation issues in web applications, including highlighting horizontal and vertical examples, and how to automate the challenging process of testing for them. Download it today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fGg

No comments:

Blog Archive