----------------------------------------
This Issue is Sponsored by: SPI Dynamics
ALERT: Web Hacking - Attack Scenarios and Examples- White Paper
Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as SQL Injection, Cross Site Scripting and Parameter Manipulation. Learn step-by-step vulnerability testing methods for your own Web Applications and guidelines for establishing best administration and coding practices.
Download *FREE* white paper from SPI Dynamics for a complete guide to protection!
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=70160000000D0r2
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1. Delete This!
2. Security conferences versus practical knowledge
II. LINUX VULNERABILITY SUMMARY
1. Asterisk Skinny Channel Driver Remote Denial of Service Vulnerability
2. Linux Kernel i965 Chipsets Insecure Batchbuffer Local Privilege Escalation Vulnerability
3. NETGEAR ReadyNAS RAIDiator Remote SSH Backdoor Vulnerability
4. WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
5. Drupal Content Construction Kit Nodereference Module Multiple HTML-injection Vulnerabilities
6. Zoidcom Malformed Packet Denial of Service Vulnerability
7. RndLabs Babo Violent 2 Multiple Vulnerabilities
8. Cisco VPN Client for Windows Multiple Local Privilege Escalation Vulnerabilities
9. Rsync F_Name Off-By-One Buffer Overflow Vulnerability
10. IBM DB2 Universal Database Multiple Unspecified Vulnerabilities
11. Tomboy LD_LIBRARY_PATH Environment Variable Local Privilege Escalation Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Delete This!
By Mark Rasch
A series of legal events means that companies that have no business reason to retain documents or records may be compelled to create and retain such records just so they can become available for discovery.
http://www.securityfocus.com/columnists/450
2. Security conferences versus practical knowledge
By Don Parker
While the training industry as a whole has evolved rather well to suit the needs of their clients, the computer conference - specifically the computer security conference - has declined in relevance to the everyday sys-admin and network security practitioners.
http://www.securityfocus.com/columnists/449
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Asterisk Skinny Channel Driver Remote Denial of Service Vulnerability
BugTraq ID: 25228
Remote: Yes
Date Published: 2007-08-07
Relevant URL: http://www.securityfocus.com/bid/25228
Summary:
Asterisk is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain specially crafted packets.
Exploiting this issue allows remote attackers to cause the application to crash, effectively denying service to legitimate users.
These versions are vulnerable:
Asterisk Open Source prior to 1.4.10
AsteriskNOW pre-release prior to beta7
Asterisk Appliance Developer Kit prior to 0.7.0
Asterisk s800i (Asterisk Appliance) prior to 1.0.3
2. Linux Kernel i965 Chipsets Insecure Batchbuffer Local Privilege Escalation Vulnerability
BugTraq ID: 25263
Remote: No
Date Published: 2007-08-09
Relevant URL: http://www.securityfocus.com/bid/25263
Summary:
The Linux kernel is prone to a local privilege-escalation vulnerability.
Exploiting this issue may allow local attackers to gain elevated privileges, facilitating the complete compromise of affected computers.
Versions of Linux kernel prior to 2.6.22.2 are vulnerable to this issue.
3. NETGEAR ReadyNAS RAIDiator Remote SSH Backdoor Vulnerability
BugTraq ID: 25290
Remote: Yes
Date Published: 2007-08-13
Relevant URL: http://www.securityfocus.com/bid/25290
Summary:
NETGEAR ReadyNAS RAIDiator is prone to a remote SSH-backdoor vulnerability because remote attackers can readily guess the superuser password.
Successfully exploiting this issue allows remote attackers to gain superuser-level access to affected devices.
This issue affects devices with firmware versions 3.01c1-p1 and 3.01c1-p6 installed; other versions may also be affected.
4. WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
BugTraq ID: 25300
Remote: Yes
Date Published: 2007-08-13
Relevant URL: http://www.securityfocus.com/bid/25300
Summary:
WengoPhone is prone to a denial-of-service vulnerability because the application fails to properly handle malformed data.
Successful exploits can allow remote attackers to crash the application, resulting in denial-of-service conditions.
This issue affects WengoPhone 2.1; other versions may also be affected.
5. Drupal Content Construction Kit Nodereference Module Multiple HTML-injection Vulnerabilities
BugTraq ID: 25321
Remote: Yes
Date Published: 2007-08-14
Relevant URL: http://www.securityfocus.com/bid/25321
Summary:
Drupal Content Construction Kit is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before displaying it in dynamically generated content.
An attacker could exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting victim in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
6. Zoidcom Malformed Packet Denial of Service Vulnerability
BugTraq ID: 25326
Remote: Yes
Date Published: 2007-08-14
Relevant URL: http://www.securityfocus.com/bid/25326
Summary:
The Zoidcom network library is prone to a denial of service vulnerability when handling malformed packets.
An attacker could exploit this to crash a network service that is implemented with the library.
7. RndLabs Babo Violent 2 Multiple Vulnerabilities
BugTraq ID: 25329
Remote: Yes
Date Published: 2007-08-14
Relevant URL: http://www.securityfocus.com/bid/25329
Summary:
Babo Violent 2 is prone to four vulnerabilities. These vulnerabilities include a format-string and three denial-of-service issues.
Successful attacks could result in execution of arbitrary code or could crash game servers.
8. Cisco VPN Client for Windows Multiple Local Privilege Escalation Vulnerabilities
BugTraq ID: 25332
Remote: No
Date Published: 2007-08-15
Relevant URL: http://www.securityfocus.com/bid/25332
Summary:
Cisco VPN Client for Windows is prone to multiple local privilege-escalation vulnerabilities.
Successfully exploiting these issues allows attackers with local, interactive access to affected computers to gain SYSTEM-level privileges. This facilitates the complete compromise of affected computers.
Versions prior to 4.8.02.0010 and 5.0.01.0600 of Cisco VPN Client for the Microsoft Windows platform are vulnerable to these issues.
These issues are tracked as Cisco Bug IDs CSCse89550 and CSCsj00785.
9. Rsync F_Name Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 25336
Remote: Yes
Date Published: 2007-08-15
Relevant URL: http://www.securityfocus.com/bid/25336
Summary:
The rsync utility is prone to an off-by-one buffer-overflow vulnerability. This issue is due to a failure of the application to properly bounds-check user-supplied input.
Successfully exploiting this issue may allow arbitrary code-execution in the context of the affected utility.
Rsync version 2.6.9 is affected by this issue; other versions may also be vulnerable.
10. IBM DB2 Universal Database Multiple Unspecified Vulnerabilities
BugTraq ID: 25339
Remote: Yes
Date Published: 2007-08-16
Relevant URL: http://www.securityfocus.com/bid/25339
Summary:
IBM DB2 is prone to multiple vulnerabilities that may allow an attacker to carry out a variety of attacks. It is possible that some of these issues may permit an attacker to completely compromise a vulnerable computer.
These issues affect DB2 9.1 and 8 running on all supported platforms.
11. Tomboy LD_LIBRARY_PATH Environment Variable Local Privilege Escalation Vulnerability
BugTraq ID: 25341
Remote: No
Date Published: 2007-08-16
Relevant URL: http://www.securityfocus.com/bid/25341
Summary:
Tomboy is prone to a local privilege-escalation vulnerability.
Exploiting this issue allows local attacker to execute arbitrary code with the privileges of the user running the affected application.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics
ALERT: Web Hacking - Attack Scenarios and Examples- White Paper
Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as SQL Injection, Cross Site Scripting and Parameter Manipulation. Learn step-by-step vulnerability testing methods for your own Web Applications and guidelines for establishing best administration and coding practices.
Download *FREE* white paper from SPI Dynamics for a complete guide to protection!
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=70160000000D0r2
No comments:
Post a Comment