----------------------------------------
This Issue is Sponsored by: EMC
Register for live VMWare Management Webcast by EMC
Learn best practices for leveraging and optimizing a VMware infrastructure with EMC ControlCenter.
http://newsletter.industrybrains.com/c?fe;1;6dfcc;1a084;3c3;0;da4
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1. Virtualized rootkits - Part 1
2. Delete This!
II. LINUX VULNERABILITY SUMMARY
1. NETGEAR ReadyNAS RAIDiator Remote SSH Backdoor Vulnerability
2. WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
3. Drupal Content Construction Kit Nodereference Module Multiple HTML-injection Vulnerabilities
4. Zoidcom Malformed Packet Denial of Service Vulnerability
5. RndLabs Babo Violent 2 Multiple Vulnerabilities
6. Cisco VPN Client for Windows Multiple Local Privilege Escalation Vulnerabilities
7. Rsync F_Name Off-By-One Buffer Overflow Vulnerability
8. IBM DB2 Universal Database Multiple Unspecified Vulnerabilities
9. Sun Java Runtime Environment Font Parsing Remote Privilege Escalation Vulnerability
10. Tomboy LD_LIBRARY_PATH Environment Variable Local Privilege Escalation Vulnerability
11. Linux Kernel Random Number Generator Local Denial of Service and Privilege Escalation Vulnerability
12. Toribash Multiple Vulnerabilities
13. Gentoo Linux NVIDIA Drivers Local Denial of Service Vulnerability
14. Gentoo Linux NVIDIA Drivers Local Denial of Service Vulnerability
15. Sysstat Insecure Temporary File Creation Vulnerability
16. Linux Kernel Parent Process Death Signal Local Security Bypass Weakness
17. Asterisk SIP Dialog History Resource Exhaustion Remote Denial of Service Vulnerability
18. IBM Lotus Notes NTMulti.EXE Local Privilege Escalation Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Virtualized rootkits - Part 1
By Federico Biancuzzi
There has been a lot of buzz around the topic of virtualized rootkits. Joanna Rutkowska has been working on a new version of Blue-Pill, her proof of concept invisible rootkit, while a team made by three prominent security experts (Thomas Ptacek, Nate Lawson, Peter Ferrie) challenged her that there is not an "invisible" rootkit, and that they were going to present at BlackHat conference various techniques to detect Blue-Pill. Federico Biancuzzi interviewed both sides to learn more. Part 1 of 2
http://www.securityfocus.com/columnists/451
2. Delete This!
By Mark Rasch
A series of legal events means that companies that have no business reason to retain documents or records may be compelled to create and retain such records just so they can become available for discovery.
http://www.securityfocus.com/columnists/450
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. NETGEAR ReadyNAS RAIDiator Remote SSH Backdoor Vulnerability
BugTraq ID: 25290
Remote: Yes
Date Published: 2007-08-13
Relevant URL: http://www.securityfocus.com/bid/25290
Summary:
NETGEAR ReadyNAS RAIDiator is prone to a remote SSH-backdoor vulnerability because remote attackers can readily guess the superuser password.
Successfully exploiting this issue allows remote attackers to gain superuser-level access to affected devices.
This issue affects devices with firmware versions 3.01c1-p1 and 3.01c1-p6 installed; other versions may also be affected.
2. WengoPhone SIP Soft Phone Malformed Packet Denial of Service Vulnerability
BugTraq ID: 25300
Remote: Yes
Date Published: 2007-08-13
Relevant URL: http://www.securityfocus.com/bid/25300
Summary:
WengoPhone is prone to a denial-of-service vulnerability because the application fails to properly handle malformed data.
Successful exploits can allow remote attackers to crash the application, resulting in denial-of-service conditions.
This issue affects WengoPhone 2.1; other versions may also be affected.
3. Drupal Content Construction Kit Nodereference Module Multiple HTML-injection Vulnerabilities
BugTraq ID: 25321
Remote: Yes
Date Published: 2007-08-14
Relevant URL: http://www.securityfocus.com/bid/25321
Summary:
Drupal Content Construction Kit is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before displaying it in dynamically generated content.
An attacker could exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting victim in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
4. Zoidcom Malformed Packet Denial of Service Vulnerability
BugTraq ID: 25326
Remote: Yes
Date Published: 2007-08-14
Relevant URL: http://www.securityfocus.com/bid/25326
Summary:
The Zoidcom network library is prone to a denial of service vulnerability when handling malformed packets.
An attacker could exploit this to crash a network service that is implemented with the library.
5. RndLabs Babo Violent 2 Multiple Vulnerabilities
BugTraq ID: 25329
Remote: Yes
Date Published: 2007-08-14
Relevant URL: http://www.securityfocus.com/bid/25329
Summary:
Babo Violent 2 is prone to four vulnerabilities. These vulnerabilities include a format-string and three denial-of-service issues.
Successful attacks could result in execution of arbitrary code or could crash game servers.
6. Cisco VPN Client for Windows Multiple Local Privilege Escalation Vulnerabilities
BugTraq ID: 25332
Remote: No
Date Published: 2007-08-15
Relevant URL: http://www.securityfocus.com/bid/25332
Summary:
Cisco VPN Client for Windows is prone to multiple local privilege-escalation vulnerabilities.
Successfully exploiting these issues allows attackers with local, interactive access to affected computers to gain SYSTEM-level privileges. This facilitates the complete compromise of affected computers.
Versions prior to 4.8.02.0010 and 5.0.01.0600 of Cisco VPN Client for the Microsoft Windows platform are vulnerable to these issues.
These issues are tracked as Cisco Bug IDs CSCse89550 and CSCsj00785.
7. Rsync F_Name Off-By-One Buffer Overflow Vulnerability
BugTraq ID: 25336
Remote: Yes
Date Published: 2007-08-15
Relevant URL: http://www.securityfocus.com/bid/25336
Summary:
The rsync utility is prone to an off-by-one buffer-overflow vulnerability. This issue is due to a failure of the application to properly bounds-check user-supplied input.
Successfully exploiting this issue may allow arbitrary code-execution in the context of the affected utility.
Rsync version 2.6.9 is affected by this issue; other versions may also be vulnerable.
8. IBM DB2 Universal Database Multiple Unspecified Vulnerabilities
BugTraq ID: 25339
Remote: Yes
Date Published: 2007-08-16
Relevant URL: http://www.securityfocus.com/bid/25339
Summary:
IBM DB2 is prone to multiple vulnerabilities that may allow an attacker to carry out a variety of attacks. It is possible that some of these issues may permit an attacker to completely compromise a vulnerable computer.
These issues affect DB2 9.1 and 8 running on all supported platforms.
9. Sun Java Runtime Environment Font Parsing Remote Privilege Escalation Vulnerability
BugTraq ID: 25340
Remote: Yes
Date Published: 2007-08-15
Relevant URL: http://www.securityfocus.com/bid/25340
Summary:
The Sun Java Runtime Environment is prone to a remote privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the user who invoked the Java applet. Successfully exploiting this issue may result in the remote compromise of affected computers.
10. Tomboy LD_LIBRARY_PATH Environment Variable Local Privilege Escalation Vulnerability
BugTraq ID: 25341
Remote: No
Date Published: 2007-08-16
Relevant URL: http://www.securityfocus.com/bid/25341
Summary:
Tomboy is prone to a local privilege-escalation vulnerability.
Exploiting this issue allows local attacker to execute arbitrary code with the privileges of the user running the affected application.
11. Linux Kernel Random Number Generator Local Denial of Service and Privilege Escalation Vulnerability
BugTraq ID: 25348
Remote: No
Date Published: 2007-08-17
Relevant URL: http://www.securityfocus.com/bid/25348
Summary:
The Linux kernel is prone to a local vulnerability that may result in a denial-of-service or privilege-escalation. This issue is due to a stack-based overflow in kernel memory.
Successfully exploiting this issue allows local attackers to trigger kernel crashes, denying service to legitimate users. In certain circumstances, attackers may also gain elevated privileges. The attacker may require partial administrative access via granular assignments of superuser privileges.
Linux kernel versions prior to 2.6.22.3 are affected by this issue.
12. Toribash Multiple Vulnerabilities
BugTraq ID: 25359
Remote: Yes
Date Published: 2007-08-18
Relevant URL: http://www.securityfocus.com/bid/25359
Summary:
Toribash is prone to multiple remote code execution and denial of service vulnerabilities that affect game servers and clients. A total of seven vulnerabilties were reported.
These vulnerabilities may be exploited to execute arbitrary code in the content of the game server and game client or deny service to both servers and clients.
13. Gentoo Linux NVIDIA Drivers Local Denial of Service Vulnerability
BugTraq ID: 25360
Remote: No
Date Published: 2007-08-19
Relevant URL: http://www.securityfocus.com/bid/25360
Summary:
Gentoo Linux NVIDIA drivers are prone to a denial-of-service vulnerability.
Exploiting this issue allows local attackers to cause the application to crash or possibly cause hardware damage to a graphics card.
14. Gentoo Linux NVIDIA Drivers Local Denial of Service Vulnerability
BugTraq ID: 25363
Remote: No
Date Published: 2007-08-19
Relevant URL: http://www.securityfocus.com/bid/25363
Summary:
Gentoo Linux NVIDIA drivers are prone to a denial-of-service vulnerability.
Exploiting this issue allows local attackers to cause the application to crash or possibly cause hardware damage to a graphics card.
15. Sysstat Insecure Temporary File Creation Vulnerability
BugTraq ID: 25380
Remote: No
Date Published: 2007-08-21
Relevant URL: http://www.securityfocus.com/bid/25380
Summary:
Sysstat creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of applications utilizing the affected library.
Successfully mounting a symbolic link attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
Sysstat 7.1.6 is reported to be vulnerable. Other versions may be affected as well.
16. Linux Kernel Parent Process Death Signal Local Security Bypass Weakness
BugTraq ID: 25387
Remote: No
Date Published: 2007-08-21
Relevant URL: http://www.securityfocus.com/bid/25387
Summary:
The Linux kernel is prone to a security-bypass weakness when dealing with signal handling.
This issue is due to a lack of proper access-validation when the parent process attempts to deliver its death signal to the child that registered it via 'prctl'.
A local attacker may exploit this issue to bypass certain security restrictions, which may lead to other attacks.
Linux kernel versions prior to 2.6.22.4 are vulnerable.
17. Asterisk SIP Dialog History Resource Exhaustion Remote Denial of Service Vulnerability
BugTraq ID: 25392
Remote: Yes
Date Published: 2007-08-21
Relevant URL: http://www.securityfocus.com/bid/25392
Summary:
Asterisk is prone to a remote denial-of-service vulnerability.
Successfully exploiting this issue allows remote attackers to consume all system resources, denying service to legitimate users.
18. IBM Lotus Notes NTMulti.EXE Local Privilege Escalation Vulnerability
BugTraq ID: 25401
Remote: No
Date Published: 2007-08-22
Relevant URL: http://www.securityfocus.com/bid/25401
Summary:
IBM Lotus Notes is prone to a local privilege-escalation vulnerability because it fails to assigned proper file permissions during installation.
Attackers can exploit this issue to run arbitrary applications with SYSTEM-level privileges. Successful attacks will completely compromise affected computers.
NOTE: This issue may be related to the one covered under BID 20612. This has not been confirmed. This BID will be updated as further information becomes available.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: EMC
Register for live VMWare Management Webcast by EMC
Learn best practices for leveraging and optimizing a VMware infrastructure with EMC ControlCenter.
http://newsletter.industrybrains.com/c?fe;1;6dfcc;1a084;3c3;0;da4
No comments:
Post a Comment