----------------------------------------
This Issue is Sponsored by: SPI Dynamics
ALERT: Learn to Think Like a Hacker - Simulate a Hacker Breaking into Your Web Apps
The speed with which Web Applications are developed make them prime targets for attackers, often these applications were developed so quickly that they are not coded properly or subjected to any security testing. Hackers know this and use it as their weapon. Download this *FREE* test guide from SPI Dynamics to check for Web application vulnerabilities.
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=70160000000CysD
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1. Security conferences versus practical knowledge
2. Achtung! New German Laws on Cybercrime
II. LINUX VULNERABILITY SUMMARY
1. RSBAC User Management Crypto API Authentication Bypass Vulnerability
2. Multiple Norman Virus Control Products LZH Multiple Buffer-Overflow Vulnerabilities
3. Norman Virus Control DOC OLE File Parsing Denial Of Service Vulnerability
4. Linux Kernel Random.C Device Reseed Weakness
5. ISC BIND 9 Remote Cache Poisoning Vulnerability
6. Kerio MailServer Attachment Filter Unspecified Vulnerability
7. NVClock Local Privilege Escalation Vulnerability
8. Multiple Browser URI Handlers Command Injection Vulnerabilities
9. Sun Java Runtime Environment Network Access Restriction Security Bypass Vulnerability
10. ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
11. Libvorbis Denial Of Service And Memory Corruption Vulnerabilities
12. Vim HelpTags Command Remote Format String Vulnerability
13. Drupal Multiple Cross-Site Scripting Vulnerabilities
14. Fail2ban Remote Denial of Service Vulnerability
15. KDE KPDF/KWord/XPDF StreamPredictor Function Stack Buffer Overflow Vulnerability
16. Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
17. Trolltech Qt QTextEdit Multiple Format String Vulnerabilities
18. Atheros Wireless Drivers Denial of Service Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Security conferences versus practical knowledge
By Don Parker
While the training industry as a whole has evolved rather well to suit the needs of their clients, the computer conference - specifically the computer security conference - has declined in relevance to the everyday sys-admin and network security practitioners.
http://www.securityfocus.com/columnists/449
2. Achtung! New German Laws on Cybercrime
By Federico Biancuzzi
Germany is passing some new laws regarding cybercrime that might affect security professionals. Federico Biancuzzi interviewed Marco Gercke, one of the experts that was invited to the parliamentary hearing, to learn more about this delicate subject. They discussed what is covered by the new laws, which areas remain in the dark, and how they might affect vulnerability disclosure and the use of common tools, such as nmap.
http://www.securityfocus.com/columnists/448
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. RSBAC User Management Crypto API Authentication Bypass Vulnerability
BugTraq ID: 25001
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25001
Summary:
RSBAC (Rule Set Based Access Control) is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized access to an affected system.
This issue affects RSBAC 1.3.3 and 1.3.4 running on Linux Kernel 2.6.20 and prior versions.
2. Multiple Norman Virus Control Products LZH Multiple Buffer-Overflow Vulnerabilities
BugTraq ID: 25003
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25003
Summary:
Multiple Norman Virus Control products are prone is prone to multiple buffer-overflow vulnerabilities because the applications fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit these issues to execute arbitrary code with administrative privileges. Successfully exploiting these issues will result in the complete compromise of affected computers. Failed exploit attempts will result in denial-of-service conditions.
3. Norman Virus Control DOC OLE File Parsing Denial Of Service Vulnerability
BugTraq ID: 25014
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25014
Summary:
Norman Virus Control is prone to a denial-of-service vulnerability because the application fails to handle specially crafted files.
An attacker can exploit this issue to crash the affected application, denying service to legitimate users.
4. Linux Kernel Random.C Device Reseed Weakness
BugTraq ID: 25029
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25029
Summary:
The Linux kernel is prone to a weakness related to reseeding in the random device driver.
Linux kernel versions prior to 2.4.34.6 are vulnerable to this issue.
'Random.c' uses incorrect data to reseed the random number generator.
The impact of a successful exploit depends on how the application uses the random number generator.
5. ISC BIND 9 Remote Cache Poisoning Vulnerability
BugTraq ID: 25037
Remote: Yes
Date Published: 2007-07-24
Relevant URL: http://www.securityfocus.com/bid/25037
Summary:
BIND 9 is prone to a remote cache-poisoning vulnerability because of a weakness in its random number generator.
An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks.
Versions up to BIND 9.4.1 are vulnerable to this issue.
6. Kerio MailServer Attachment Filter Unspecified Vulnerability
BugTraq ID: 25038
Remote: Yes
Date Published: 2007-07-24
Relevant URL: http://www.securityfocus.com/bid/25038
Summary:
Kerio MailServer is prone to an unspecified vulnerability due to an error in the attachment filter.
Very few details are currently available regarding this issue. We will update this BID as more information emerges.
Versions prior to Kerio MailServer 6.4.1 are considered vulnerable.
7. NVClock Local Privilege Escalation Vulnerability
BugTraq ID: 25052
Remote: No
Date Published: 2007-07-24
Relevant URL: http://www.securityfocus.com/bid/25052
Summary:
NVClock is prone to a privilege-escalation vulnerability.
An attacker can exploit this issue to gain unauthorized access to local resources or gain escalated privileges on affected computers. Presumably, this utility runs with superuser privileges.
NVClock 0.7 is reported vulnerable; other versions may be affected as well.
8. Multiple Browser URI Handlers Command Injection Vulnerabilities
BugTraq ID: 25053
Remote: Yes
Date Published: 2007-07-25
Relevant URL: http://www.securityfocus.com/bid/25053
Summary:
Multiple browsers are prone to vulnerabilities that let attackers inject commands through various protocol handlers.
Exploiting these issues allows remote attackers to pass and execute arbitrary commands and arguments through processes such as 'cmd.exe' by employing various URI handlers.
An attacker can exploit these issues to carry out various attacks by executing arbitrary commands on a vulnerable computer.
Exploiting these issues would permit remote attackers to influence command options that can be called through protocol handlers and to execute commands with the privileges of a user running the application. Successful attacks may result in a variety of consequences, including remote unauthorized access.
Mozilla Firefox 2.0.0.5, 3.0a6 and Netscape Navigator 9 are reported vulnerable to these issues. Other versions of these browsers and other vendors' browsers may also be affected.
9. Sun Java Runtime Environment Network Access Restriction Security Bypass Vulnerability
BugTraq ID: 25054
Remote: Yes
Date Published: 2007-07-25
Relevant URL: http://www.securityfocus.com/bid/25054
Summary:
The Sun Java Runtime Environment is prone to a security-bypass vulnerability.
Successfully exploiting this issue will allow an attacker to connect to services on a remote user's computer without proper authorization. This may lead to other attacks.
10. ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
BugTraq ID: 25076
Remote: Yes
Date Published: 2007-07-26
Relevant URL: http://www.securityfocus.com/bid/25076
Summary:
ISC's BIND 9 is prone to a security-bypass vulnerability.
An attacker can exploit this issue to query cached content from a DNS server or make recursive queries to a DNS server, thus obtaining sensitive information.
Versions up to BIND 9.4.1 are vulnerable to this issue.
11. Libvorbis Denial Of Service And Memory Corruption Vulnerabilities
BugTraq ID: 25082
Remote: Yes
Date Published: 2007-07-26
Relevant URL: http://www.securityfocus.com/bid/25082
Summary:
Applications that use the libvorbis library are prone to multiple remote vulnerabilities, including a denial-of-service issue and multiple memory-corruption issues.
An attacker can exploit these issues to execute arbitrary code within the context of the application or cause the affected application to crash.
These issues affect libvorbis 1.1.2; other versions of the library may also be affected.
12. Vim HelpTags Command Remote Format String Vulnerability
BugTraq ID: 25095
Remote: Yes
Date Published: 2007-07-27
Relevant URL: http://www.securityfocus.com/bid/25095
Summary:
Vim is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.
A remote attacker may execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts may cause denial-of-service conditions.
Vim 6.4 and 7.1 are vulnerable; other versions may also be affected.
13. Drupal Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 25097
Remote: Yes
Date Published: 2007-07-27
Relevant URL: http://www.securityfocus.com/bid/25097
Summary:
Drupal is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to Drupal 4.7.7 and prior to Drupal 5.2 are vulnerable to these issues.
14. Fail2ban Remote Denial of Service Vulnerability
BugTraq ID: 25117
Remote: Yes
Date Published: 2007-07-28
Relevant URL: http://www.securityfocus.com/bid/25117
Summary:
Fail2ban is prone to a remote denial-of-service vulnerability because the application fails to properly ensure the validity of authentication-failure messages.
Successfully exploiting this issue allows remote attackers to add arbitrary IP addresses to the block list used by the application. This allows attackers to deny further network access to arbitrary IP addresses, denying service to legitimate users.
Fail2ban 0.8.0 and prior versions are vulnerable to this issue.
15. KDE KPDF/KWord/XPDF StreamPredictor Function Stack Buffer Overflow Vulnerability
BugTraq ID: 25124
Remote: Yes
Date Published: 2007-07-30
Relevant URL: http://www.securityfocus.com/bid/25124
Summary:
KDE kpdf, kword, and xpdf are prone to a stack-based buffer-overflow vulnerability because the applications fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application or cause the affected application to crash, denying service to legitimate users.
16. Mozilla Firefox/Thunderbird/SeaMonkey Chrome-Loaded About:Blank Script Execution Vulnerability
BugTraq ID: 25142
Remote: Yes
Date Published: 2007-07-31
Relevant URL: http://www.securityfocus.com/bid/25142
Summary:
Mozilla Firefox, Thunderbird, and SeaMonkey are prone to a vulnerability that allows JavaScript to execute with unintended privileges.
A malicious site may be able to cause the execution of a script with Chrome privileges. Attackers could exploit this issue to execute hostile script code with privileges that exceed those that were intended. Certain Firefox extensions may not intend 'about:blank' to execute script code with Chrome privileges.
NOTE: This issue was introduced by the fix for MFSA 2007-20.
17. Trolltech Qt QTextEdit Multiple Format String Vulnerabilities
BugTraq ID: 25154
Remote: Yes
Date Published: 2007-07-31
Relevant URL: http://www.securityfocus.com/bid/25154
Summary:
Trolltech Qt is prone to multiple format-string vulnerabilities because it fails to securely display error messages.
Exploiting these issues can allow remote attackers to execute arbitrary code in the context of the application using the application framework or to cause denial-of-service conditions.
This issue affects Qt 3 only. KDE and other application using the affected application framework are inherently affected.
18. Atheros Wireless Drivers Denial of Service Vulnerability
BugTraq ID: 25160
Remote: Yes
Date Published: 2007-08-01
Relevant URL: http://www.securityfocus.com/bid/25160
Summary:
Atheros wireless drivers are prone to a denial-of-service vulnerability because they fail to properly handle malformed wireless frames.
Remote attackers may exploit this issue to cause denial-of-service conditions.
Atheros drivers are also used by OEM (Original Equipment Manufacturer) wireless adapters. Therefore, various brands of wireless adapters using the Atheros chipset are affected by this vulnerability.
This issue is reported to affect drivers for the Windows operating system. Note that Linux, UNIX, and BSD computers may be vulnerable if using the NDISWrapper or similar technology to load an affected driver.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics
ALERT: Learn to Think Like a Hacker - Simulate a Hacker Breaking into Your Web Apps
The speed with which Web Applications are developed make them prime targets for attackers, often these applications were developed so quickly that they are not coded properly or subjected to any security testing. Hackers know this and use it as their weapon. Download this *FREE* test guide from SPI Dynamics to check for Web application vulnerabilities.
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=70160000000CysD
No comments:
Post a Comment