News

Wednesday, May 23, 2007

SecurityFocus Linux Newsletter #338

SecurityFocus Linux Newsletter #338
----------------------------------------

This Issue is Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Cross-Site Scripting Attack"- White Paper
Cross-site scripting vulnerabilities in web apps allow hackers to compromise confidential information, steal cookies and create requests that can be mistaken for those of a valid user!! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/xss.asp?Campaign_ID=70160000000CqBQ


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Your Space, My Space, Everybody's Space
II. LINUX VULNERABILITY SUMMARY
1. Samba MS-RPC Remote Shell Command Execution Vulnerability
2. Samba NDR RPC Request Multiple Heap-Based Buffer Overflow Vulnerabilities
3. Samba SID Names Local Privilege Escalation Vulnerability
4. Linux Kernel 8250 Serial Driver Local Denial of Service Vulnerability
5. Libpng Library Remote Denial of Service Vulnerability
6. Computer Associates BrightStor ARCserve Backup CatiRPC.DLL/RWXDR.DLL Denial Of Service Vulnerability
7. Computer Associates BrightStor ARCserve Backup CALoggerD.EXE Denial Of Service Vulnerability
8. Retired: Libpng Library Grayscale Image CRC Check Remote Denial of Service Vulnerability
9. Sun Brocade Switches Denial Of Service Vulnerability
10. IRCD RatBox Pending Connections Denial Of Service Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. Security Videos
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Your Space, My Space, Everybody's Space
By Mark Rasch
Privacy is about protecting data when somebody wants it for some purpose. It is easy to protect data that nobody wants.
http://www.securityfocus.com/columnists/444


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Samba MS-RPC Remote Shell Command Execution Vulnerability
BugTraq ID: 23972
Remote: Yes
Date Published: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23972
Summary:
Samba is prone to a vulnerability that allows attackers to execute arbitrary shell commands because the software fails to sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary shell commands on an affected computer with the privileges of the application.

This issue affects Samba 3.0.0 to 3.0.25rc3.

2. Samba NDR RPC Request Multiple Heap-Based Buffer Overflow Vulnerabilities
BugTraq ID: 23973
Remote: Yes
Date Published: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23973
Summary:
Samba is prone to multiple remote heap-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker can exploit these issues to execute arbitrary code with superuser privileges, facilitating the complete remote compromise of affected computers. Failed exploit attempts will result in a denial of service.

These issues affect Samba 3.0.25rc3 and prior versions.

3. Samba SID Names Local Privilege Escalation Vulnerability
BugTraq ID: 23974
Remote: No
Date Published: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23974
Summary:
Samba is prone to a local privilege-escalation vulnerability due to a logic error in the 'smbd' daemon's internal security stack.

An attacker can exploit this issue to temporarily perform SMB/CIFS operations with superuser privileges. The attacker may leverage this issue to gain superuser access to the server.

Samba 3.0.23d through 3.0.25pre2 are vulnerable.

4. Linux Kernel 8250 Serial Driver Local Denial of Service Vulnerability
BugTraq ID: 23978
Remote: No
Date Published: 2007-05-14
Relevant URL: http://www.securityfocus.com/bid/23978
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability because the software fails to handle exceptional conditions.

A local attacker can exploit this issue to crash the affected computer, denying service to legitimate users. The attacker may also be able to execute arbitrary code, but this has not been confirmed.

This issue affects kernel versions 2.6 prior to 2.6.20.11.

5. Libpng Library Remote Denial of Service Vulnerability
BugTraq ID: 24000
Remote: Yes
Date Published: 2007-05-15
Relevant URL: http://www.securityfocus.com/bid/24000
Summary:
The 'libpng' library is prone to a remote denial-of-service vulnerability because the library fails to handle malicious PNG files.

Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected library.

This issue affects 'libpng' 1.2.16 and prior versions.

6. Computer Associates BrightStor ARCserve Backup CatiRPC.DLL/RWXDR.DLL Denial Of Service Vulnerability
BugTraq ID: 24015
Remote: Yes
Date Published: 2007-05-16
Relevant URL: http://www.securityfocus.com/bid/24015
Summary:
Computer Associates BrightStor ARCserve Backup is affected by a denial-of-service vulnerability because the application mishandles malformed user-supplied input.

A remote attacker may exploit this issue to cause denial-of-service conditions.

This issue affects ARCserver Backup 11.5.2 SP2; other versions may also be vulnerable.

7. Computer Associates BrightStor ARCserve Backup CALoggerD.EXE Denial Of Service Vulnerability
BugTraq ID: 24017
Remote: Yes
Date Published: 2007-05-16
Relevant URL: http://www.securityfocus.com/bid/24017
Summary:
Computer Associates BrightStor ARCserve Backup is affected by a denial-of-service vulnerability because the application mishandles unexpected user-supplied input.

A remote attacker may exploit this issue to cause denial-of-service conditions.

BrightStor ARCserve Backup 11.5.2.0 is vulnerable; other versions may also be affected.

8. Retired: Libpng Library Grayscale Image CRC Check Remote Denial of Service Vulnerability
BugTraq ID: 24023
Remote: Yes
Date Published: 2007-05-16
Relevant URL: http://www.securityfocus.com/bid/24023
Summary:
The libpng library is prone to a remote denial-of-service vulnerability because the library fails to handle malicious PNG files.

Successful exploits may allow remote attackers to cause denial-of-service conditions on computers running the affected library.

This issue affects libpng-0.90 through libpng-1.2.16.

This BID is being retired because this issue was addressed in BID 24000 (https://srcm.symantec.com/LoadDocument.aspx?guid=f0d8a8b2-d80a-4180-b2b8-bdd00aceb1b6

9. Sun Brocade Switches Denial Of Service Vulnerability
BugTraq ID: 24036
Remote: Yes
Date Published: 2007-05-17
Relevant URL: http://www.securityfocus.com/bid/24036
Summary:
Sun Brocade switches are prone to a denial-of-service vulnerability.

An attacker can exploit this issue to cause affected switches to panic and reboot, resulting in denial-of-service conditions.

This issue affects:

- Switches with FOS 5.2.0b and prior
- Switches without FOS 5.0.5c.

10. IRCD RatBox Pending Connections Denial Of Service Vulnerability
BugTraq ID: 24044
Remote: Yes
Date Published: 2007-05-18
Relevant URL: http://www.securityfocus.com/bid/24044
Summary:
The 'ircd-ratbox' program is prone to a denial-of-service vulnerability.

Attackers can exploit this issue to deny service to legitimate users.

Versions of ircd-ratbox prior to 2.2.6 are vulnerable.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. Security Videos
http://www.securityfocus.com/archive/91/469297

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Cross-Site Scripting Attack"- White Paper
Cross-site scripting vulnerabilities in web apps allow hackers to compromise confidential information, steal cookies and create requests that can be mistaken for those of a valid user!! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/xss.asp?Campaign_ID=70160000000CqBQ

No comments:

Blog Archive