----------------------------------------
This Issue is Sponsored by: Techmentor:
TechMentor - Las Vegas - October 15 - 19
Join your fellow systems administrators and IT managers at the Rio Hotel & Casino in Vegas for a week of in-depth technical training. TechMentor will give you the tools and techniques to help you get the most out of your network. Register now!
http://ad.doubleclick.net/clk;135399548;6631910;q?http://techmentorevents.com/
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.Passive Network Analysis
II. LINUX VULNERABILITY SUMMARY
1. Imatix Xitami If-Modified-Since Remote Buffer Overflow Vulnerability
2. Balsa Fetch Command Remote Stack Buffer Overflow Vulnerability
3. Linux Kernel PTrace NULL Pointer Dereference Local Denial Of Service Vulnerability
4. Linux Kernel ALSA snd-page-alloc Local Proc File Information Disclosure Vulnerability
5. OpenSSL SSL_Get_Shared_Ciphers Off-by-One Buffer Overflow Vulnerability
6. Linux Kernel JFFS2 Filesystem Security Bypass Vulnerability
7. Sun Java System Access Manager Multiple Vulnerabilities
8. Pidgin MSN Nudge Messages Remote Denial Of Service Vulnerability
9. rPath rMake Local Privilege Escalation Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.Passive Network Analysis
By Stephen Barish
In sports, it's pretty much accepted wisdom that home teams have the advantage; that's why teams with winning records on the road do so well in the playoffs. But for some reason we rarely think about "the home field advantage" when we look at defending our networks.
http://www.securityfocus.com/infocus/1894
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Imatix Xitami If-Modified-Since Remote Buffer Overflow Vulnerability
BugTraq ID: 25772
Remote: Yes
Date Published: 2007-09-24
Relevant URL: http://www.securityfocus.com/bid/25772
Summary:
Xitami is prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.
Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Xitami 2.5 is vulnerable to this issue; other versions may also be affected.
2. Balsa Fetch Command Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 25777
Remote: Yes
Date Published: 2007-09-24
Relevant URL: http://www.securityfocus.com/bid/25777
Summary:
Balsa is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.
This issue affects the application's IMAP functionality.
An attacker can exploit this issue to execute arbitrary machine code within the context of the user running the application. Failed exploit attempts will result in a denial-of-service vulnerability.
Versions prior to Balsa 2.3.20 are vulnerable.
3. Linux Kernel PTrace NULL Pointer Dereference Local Denial Of Service Vulnerability
BugTraq ID: 25801
Remote: No
Date Published: 2007-09-25
Relevant URL: http://www.securityfocus.com/bid/25801
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.
This issue occurs because of a NULL-pointer dereference in certain 'ptrace' operations.
A local attacker can exploit this issue to crash the affected kernel, denying service to legitimate users.
4. Linux Kernel ALSA snd-page-alloc Local Proc File Information Disclosure Vulnerability
BugTraq ID: 25807
Remote: No
Date Published: 2007-09-25
Relevant URL: http://www.securityfocus.com/bid/25807
Summary:
The Linux kernel is prone to an information-disclosure vulnerability.
Successful exploits will allow attackers to obtain portions of kernel memory. Information harvested may aid in further attacks.
Versions of the Linux kernel prior to 2.6.22.8 are vulnerable.
5. OpenSSL SSL_Get_Shared_Ciphers Off-by-One Buffer Overflow Vulnerability
BugTraq ID: 25831
Remote: Yes
Date Published: 2007-09-27
Relevant URL: http://www.securityfocus.com/bid/25831
Summary:
OpenSSL is prone to an off-by-one buffer-overflow vulnerability because the library fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Successfully exploiting this issue may allow attackers to execute arbitrary machine code in the context of applications that use the affected library, but this has not been confirmed. Failed exploit attempts may crash applications, denying service to legitimate users.
NOTE: This issue was introduced in the fix for the vulnerability described in BID 20249 (OpenSSL SSL_Get_Shared_Ciphers Buffer Overflow Vulnerability).
6. Linux Kernel JFFS2 Filesystem Security Bypass Vulnerability
BugTraq ID: 25838
Remote: No
Date Published: 2007-09-27
Relevant URL: http://www.securityfocus.com/bid/25838
Summary:
The Linux kernel is prone to a security-bypass vulnerability because the software fails to properly store POSIX ACLs in the JFFS2 filesystem.
A local attacker may exploit this issue to bypass ACL security restrictions, which may lead to other attacks.
7. Sun Java System Access Manager Multiple Vulnerabilities
BugTraq ID: 25842
Remote: Yes
Date Published: 2007-09-27
Relevant URL: http://www.securityfocus.com/bid/25842
Summary:
Sun Java System Access Manager is prone to multiple remote vulnerabilities that result from configuration errors.
Exploiting these issues can allow remote attackers to gain unauthorized access to the application or execute arbitrary code in the context of the application.
Sun Java System Access Manager 7.1 is affected by these issues.
8. Pidgin MSN Nudge Messages Remote Denial Of Service Vulnerability
BugTraq ID: 25872
Remote: Yes
Date Published: 2007-10-01
Relevant URL: http://www.securityfocus.com/bid/25872
Summary:
Pidgin is prone to a remote denial-of-service vulnerability because it fails to handle specially crafted messages.
Attackers can exploit this issue to crash the application, denying service to legitimate users.
Versions prior to Pidgin 2.2.1 are vulnerable.
9. rPath rMake Local Privilege Escalation Vulnerability
BugTraq ID: 25899
Remote: No
Date Published: 2007-10-02
Relevant URL: http://www.securityfocus.com/bid/25899
Summary:
rPath rMake is prone to a local privilege-escalation vulnerability that stems from a design error.
An attacker may exploit this vulnerability to execute arbitrary code with superuser privileges. This may facilitate a complete compromise of affected computers.
This vulnerability affects rMake 1.0.11; other versions may also be affected.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: Techmentor:
TechMentor - Las Vegas - October 15 - 19
Join your fellow systems administrators and IT managers at the Rio Hotel & Casino in Vegas for a week of in-depth technical training. TechMentor will give you the tools and techniques to help you get the most out of your network. Register now!
http://ad.doubleclick.net/clk;135399548;6631910;q?http://techmentorevents.com/
No comments:
Post a Comment