----------------------------------------
This Issue is Sponsored by: Black Hat
Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting.
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1. Security conferences versus practical knowledge
2. Achtung! New German Laws on Cybercrime
II. LINUX VULNERABILITY SUMMARY
1. Mozilla Firefox 2.0.0.4 Multiple Remote Vulnerabilities
2. Asterisk IAX2 Channel Driver IAX2_Write Function Remote Stack Buffer Overflow Vulnerability
3. Asterisk Multiple Remote Denial of Service Vulnerabilities
4. Samsung Linux Printer Driver SetUID Script Local Privilege Escalation Vulnerability
5. Red Hat Cluster Suite DLM Remote Denial Of Service Vulnerability
6. ESET NOD32 Antivirus Multiple Remote Vulnerabilities
7. RSBAC User Management Crypto API Authentication Bypass Vulnerability
8. Multiple Norman Virus Control Products LZH Multiple Buffer-Overflow Vulnerabilities
9. Norman Virus Control DOC OLE File Parsing Denial Of Service Vulnerability
10. Linux Kernel Random.C Device Reseed Weakness
11. ISC BIND 9 Remote Cache Poisoning Vulnerability
12. Kerio MailServer Attachment Filter Unspecified Vulnerability
13. NVClock Local Privilege Escalation Vulnerability
14. Sun Java Runtime Environment Network Access Restriction Security Bypass Vulnerability
15. ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
16. Libvorbis Denial Of Service And Memory Corruption Vulnerabilities
17. Drupal Multiple Cross-Site Scripting Vulnerabilities
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Security conferences versus practical knowledge
By Don Parker
While the training industry as a whole has evolved rather well to suit the needs of their clients, the computer conference - specifically the computer security conference - has declined in relevance to the everyday sys-admin and network security practitioners.
http://www.securityfocus.com/columnists/449
2. Achtung! New German Laws on Cybercrime
By Federico Biancuzzi
Germany is passing some new laws regarding cybercrime that might affect security professionals. Federico Biancuzzi interviewed Marco Gercke, one of the experts that was invited to the parliamentary hearing, to learn more about this delicate subject. They discussed what is covered by the new laws, which areas remain in the dark, and how they might affect vulnerability disclosure and the use of common tools, such as nmap.
http://www.securityfocus.com/columnists/448
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Mozilla Firefox 2.0.0.4 Multiple Remote Vulnerabilities
BugTraq ID: 24946
Remote: Yes
Date Published: 2007-07-18
Relevant URL: http://www.securityfocus.com/bid/24946
Summary:
The Mozilla Foundation has released four security advisories specifying multiple vulnerabilities in Firefox 2.0.0.4.
These vulnerabilities allow attackers to:
- Execute arbitrary code
- Execute code with chrome privileges
- Perform cross-site scripting attacks
- Crash Firefox in a myriad of ways, with evidence of memory corruption.
Other attacks may also be possible.
2. Asterisk IAX2 Channel Driver IAX2_Write Function Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 24949
Remote: Yes
Date Published: 2007-07-18
Relevant URL: http://www.securityfocus.com/bid/24949
Summary:
Asterisk is prone to a remote stack-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Successful exploits may allow an attacker to execute arbitrary machine code to compromise an affected computer or to cause a denial-of-service condition.
3. Asterisk Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 24950
Remote: Yes
Date Published: 2007-07-18
Relevant URL: http://www.securityfocus.com/bid/24950
Summary:
Asterisk is prone to multiple remote denial-of-service vulnerabilities.
Exploiting these issues allows remote attackers to cause the application to crash, effectively denying service to legitimate users.
4. Samsung Linux Printer Driver SetUID Script Local Privilege Escalation Vulnerability
BugTraq ID: 24953
Remote: No
Date Published: 2007-07-18
Relevant URL: http://www.securityfocus.com/bid/24953
Summary:
Samsung Linux Printer Driver is prone to a local privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.
5. Red Hat Cluster Suite DLM Remote Denial Of Service Vulnerability
BugTraq ID: 24968
Remote: Yes
Date Published: 2007-07-19
Relevant URL: http://www.securityfocus.com/bid/24968
Summary:
Red Hat Cluster Suite is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause denial-of-service conditions.
NOTE: This issue was originally reported in the Ubuntu distribution of the software, but other distributions may also be affected.
6. ESET NOD32 Antivirus Multiple Remote Vulnerabilities
BugTraq ID: 24988
Remote: Yes
Date Published: 2007-07-20
Relevant URL: http://www.securityfocus.com/bid/24988
Summary:
ESET NOD32 Antivirus is prone to multiple remote vulnerabilities. These issues include a heap-memory-corruption vulnerability and multiple denial-of-service vulnerabilities.
An attacker can exploit these issues to execute arbitrary code with administrative privileges or cause the affected application to crash.
These issues affect versions prior to ESET NOD32 2.2289.
7. RSBAC User Management Crypto API Authentication Bypass Vulnerability
BugTraq ID: 25001
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25001
Summary:
RSBAC (Rule Set Based Access Control) is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized access to an affected system.
This issue affects RSBAC 1.3.3 and 1.3.4 running on Linux Kernel 2.6.20 and prior versions.
8. Multiple Norman Virus Control Products LZH Multiple Buffer-Overflow Vulnerabilities
BugTraq ID: 25003
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25003
Summary:
Multiple Norman Virus Control products are prone is prone to multiple buffer-overflow vulnerabilities because the applications fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit these issues to execute arbitrary code with administrative privileges. Successfully exploiting these issues will result in the complete compromise of affected computers. Failed exploit attempts will result in denial-of-service conditions.
9. Norman Virus Control DOC OLE File Parsing Denial Of Service Vulnerability
BugTraq ID: 25014
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25014
Summary:
Norman Virus Control is prone to a denial-of-service vulnerability because the application fails to handle specially crafted files.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
10. Linux Kernel Random.C Device Reseed Weakness
BugTraq ID: 25029
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25029
Summary:
The Linux kernel is prone to a weakness related to reseeding in the random device driver.
Linux kernel versions prior to 2.4.34.6 are vulnerable to this issue.
'Random.c' uses incorrect data to reseed the random number generator.
The impact of a successful exploit depends on how the application uses the random number generator.
11. ISC BIND 9 Remote Cache Poisoning Vulnerability
BugTraq ID: 25037
Remote: Yes
Date Published: 2007-07-24
Relevant URL: http://www.securityfocus.com/bid/25037
Summary:
BIND 9 is prone to a remote cache-poisoning vulnerability because of a weakness in its random number generator.
An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks.
Versions up to BIND 9.4.1 are vulnerable to this issue.
12. Kerio MailServer Attachment Filter Unspecified Vulnerability
BugTraq ID: 25038
Remote: Yes
Date Published: 2007-07-24
Relevant URL: http://www.securityfocus.com/bid/25038
Summary:
Kerio MailServer is prone to an unspecified vulnerability due to an error in the attachment filter.
Very few details are currently available regarding this issue. We will update this BID as more information emerges.
Versions prior to Kerio MailServer 6.4.1 are considered vulnerable.
13. NVClock Local Privilege Escalation Vulnerability
BugTraq ID: 25052
Remote: No
Date Published: 2007-07-24
Relevant URL: http://www.securityfocus.com/bid/25052
Summary:
NVClock is prone to a privilege-escalation vulnerability.
An attacker can exploit this issue to gain unauthorized access to local resources or gain escalated privileges on affected computers. Presumably, this utility runs with superuser privileges.
NVClock 0.7 is reported vulnerable; other versions may be affected as well.
14. Sun Java Runtime Environment Network Access Restriction Security Bypass Vulnerability
BugTraq ID: 25054
Remote: Yes
Date Published: 2007-07-25
Relevant URL: http://www.securityfocus.com/bid/25054
Summary:
The Sun Java Runtime Environment is prone to a security-bypass vulnerability.
Successfully exploiting this issue will allow an attacker to connect to services on a remote user's computer without proper authorization. This may lead to other attacks.
15. ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
BugTraq ID: 25076
Remote: Yes
Date Published: 2007-07-26
Relevant URL: http://www.securityfocus.com/bid/25076
Summary:
ISC's BIND 9 is prone to a security-bypass vulnerability.
An attacker can exploit this issue to query cached content from a DNS server or make recursive queries to a DNS server, thus obtaining sensitive information.
Versions up to BIND 9.4.1 are vulnerable to this issue.
16. Libvorbis Denial Of Service And Memory Corruption Vulnerabilities
BugTraq ID: 25082
Remote: Yes
Date Published: 2007-07-26
Relevant URL: http://www.securityfocus.com/bid/25082
Summary:
Applications that use the libvorbis library are prone to multiple remote vulnerabilities, including a denial-of-service issue and multiple memory-corruption issues.
An attacker can exploit these issues to execute arbitrary code within the context of the application or cause the affected application to crash.
These issues affect libvorbis 1.1.2; other versions of the library may also be affected.
17. Drupal Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 25097
Remote: Yes
Date Published: 2007-07-27
Relevant URL: http://www.securityfocus.com/bid/25097
Summary:
Drupal is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to 4.7.7 and prior to 5.2 are vulnerable to these issues.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: Black Hat
Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting.
No comments:
Post a Comment