----------------------------------------
This issue is Sponsored by: CSI
CSI 2007, November 3-9 in Washington, DC, is the only conference that delivers a business-focused overview of enterprise security.
It will convene 2,000+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques.
Register now for savings on conference fees and/or free exhibits admission.
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.Rebinding attacks unbound
2.Aspect-Oriented Programming and Security
II. LINUX VULNERABILITY SUMMARY
1. Red Hat Linux Kernel Stack Unwinder Local Denial Of Service Vulnerability
2. Linux Kernel eHCA Driver Physical Address Space Information Disclosure Vulnerability
3. 3proxy FTP Proxy Double Free Memory Corruption Vulnerability
4. Sun Java Runtime Environment Virtual Machine Remote Privilege Escalation Vulnerability
5. Gnome-Screensaver With Compiz Lock Bypass Vulnerability
6. XEN Xenmon.py Xenbaked Insecure Temporary File Creation Vulnerability
7. JustSystem Ichitaro JSTARO4.OCX and TJSVDA.DLL Multiple Buffer Overflow Vulnerabilities
8. Trend Micro AntiVirus Engine Tmxpflt.SYS Local Buffer Overflow Vulnerability
9. RealNetworks RealPlayer File Parsing Routines Multiple Vulnerabilities
10. vobcopy vobcopy.bla Insecure Temporary File Creation Vulnerability
11. Liferea Feedlist.OPML Local Information Disclosure Vulnerability
12. CUPS IPP Tag Handling Remote Buffer Overflow Vulnerability
13. McAfee E-Business Server Authentication Packet Handling Integer Overflow Vulnerability
14. Mono System.Math BigInteger Buffer Overflow Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. Linux Hardening
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.Rebinding attacks unbound
By Federico Biancuzzi
DNS rebinding was discovered in 1996 and affected the Java Virtual Machine (VM). Recently a group of researchers at Stanford found out that this vulnerability is still present in browsers and that the common solution, known as DNS pinning, is not effective anymore.
http://www.securityfocus.com/columnists/455
2.Aspect-Oriented Programming
By Rohit Sethi
Aspect-oriented programming (AOP) is a paradigm that is quickly gaining traction in the development world. At least partially spurred by the popularity of the Java Spring framework [1], people are beginning to understand the substantial benefits that AOP brings to development.
http://www.securityfocus.com/infocus/1895
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Red Hat Linux Kernel Stack Unwinder Local Denial Of Service Vulnerability
BugTraq ID: 26158
Remote: No
Date Published: 2007-10-22
Relevant URL: http://www.securityfocus.com/bid/26158
Summary:
The Red Hat Linux kernel is prone to a local denial-of-service vulnerability.
A local attacker can exploit this issue to crash the affected kernel, denying service to legitimate users.
2. Linux Kernel eHCA Driver Physical Address Space Information Disclosure Vulnerability
BugTraq ID: 26161
Remote: No
Date Published: 2007-10-22
Relevant URL: http://www.securityfocus.com/bid/26161
Summary:
The Linux kernel is prone to an information-disclosure vulnerability.
Successful exploits will allow attackers to obtain a portion of the physical address space. Information harvested may aid in further attacks.
3. 3proxy FTP Proxy Double Free Memory Corruption Vulnerability
BugTraq ID: 26180
Remote: Yes
Date Published: 2007-10-23
Relevant URL: http://www.securityfocus.com/bid/26180
Summary:
3proxy is prone to a double-free memory-corruption vulnerability.
Attackers may be able to exploit this issue to cause denial-of-service conditions.
This issue affects 3proxy 0.5.3i; other versions may also be vulnerable.
4. Sun Java Runtime Environment Virtual Machine Remote Privilege Escalation Vulnerability
BugTraq ID: 26185
Remote: Yes
Date Published: 2007-10-23
Relevant URL: http://www.securityfocus.com/bid/26185
Summary:
The Sun Java Runtime Environment is prone to a remote privilege-escalation vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the user who invoked the Java applet. Successfully exploiting this issue may result in the remote compromise of affected computers.
5. Gnome-Screensaver With Compiz Lock Bypass Vulnerability
BugTraq ID: 26188
Remote: No
Date Published: 2007-10-23
Relevant URL: http://www.securityfocus.com/bid/26188
Summary:
Gnome-screensaver is prone to a vulnerability that allows an attacker who has physical console access to bypass the user's locked screen.
This issue affects gnome-screensaver released with Ubuntu 7.10; fixes from Ubuntu are available; other versions may also be affected.
6. XEN Xenmon.py Xenbaked Insecure Temporary File Creation Vulnerability
BugTraq ID: 26190
Remote: No
Date Published: 2007-10-23
Relevant URL: http://www.securityfocus.com/bid/26190
Summary:
Xen is prone to a security vulnerability because it creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
This issue affects Xen 3.0; other versions may also be vulnerable.
7. JustSystem Ichitaro JSTARO4.OCX and TJSVDA.DLL Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 26206
Remote: Yes
Date Published: 2007-10-25
Relevant URL: http://www.securityfocus.com/bid/26206
Summary:
JustSystem Ichitaro is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.
Successful exploits may allow attackers to execute arbitrary code in the context of a vulnerable application; failed attempts will likely cause denial-of-service conditions.
These issues affect these versions:
Ichitaro 11, 12, 13, 2004, 2005, 2006, 2007
Ichitaro for Linux
Ichitaro Lite2
Punch
Ichitaro viewer
Other versions may also be affected.
8. Trend Micro AntiVirus Engine Tmxpflt.SYS Local Buffer Overflow Vulnerability
BugTraq ID: 26209
Remote: No
Date Published: 2007-10-25
Relevant URL: http://www.securityfocus.com/bid/26209
Summary:
Trend Micro AntiVirus engine is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.
Successful exploits may allow an attacker to execute arbitrary machine code with SYSTEM-level privileges and completely compromise affected computers. Failed exploit attempts could crash the computer, denying service to legitimate users.
Applications that incorporate 'Tmxpflt.sys' 8.320.1004 and 8.500.0.1002 from the AntiVirus engine are vulnerable, including Trend Micro PC-cillin Internet Security 2007, ServerProtect, and OfficeScan.
9. RealNetworks RealPlayer File Parsing Routines Multiple Vulnerabilities
BugTraq ID: 26214
Remote: Yes
Date Published: 2007-10-25
Relevant URL: http://www.securityfocus.com/bid/26214
Summary:
RealNetworks RealPlayer is prone to multiple memory-corruption vulnerabilities that arise when the application processes specially crafted files.
Successfully exploiting these issues will allow remote attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will cause a denial-of-service condition.
10. vobcopy vobcopy.bla Insecure Temporary File Creation Vulnerability
BugTraq ID: 26233
Remote: No
Date Published: 2007-10-29
Relevant URL: http://www.securityfocus.com/bid/26233
Summary:
The 'vobcopy' tool creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
11. Liferea Feedlist.OPML Local Information Disclosure Vulnerability
BugTraq ID: 26254
Remote: No
Date Published: 2007-10-30
Relevant URL: http://www.securityfocus.com/bid/26254
Summary:
Liferea is prone to a local information-disclosure vulnerability because the application fails to set file permissions correctly on a backup file.
Attackers can leverage this issue to obtain sensitive information used to construct valid login credentials.
This issue affects versions prior to Liferea 1.4.6.
12. CUPS IPP Tag Handling Remote Buffer Overflow Vulnerability
BugTraq ID: 26268
Remote: Yes
Date Published: 2007-10-31
Relevant URL: http://www.securityfocus.com/bid/26268
Summary:
CUPS is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service.
CUPS 1.3.3 is reported vulnerable; other versions may be affected as well.
13. McAfee E-Business Server Authentication Packet Handling Integer Overflow Vulnerability
BugTraq ID: 26269
Remote: Yes
Date Published: 2007-10-31
Relevant URL: http://www.securityfocus.com/bid/26269
Summary:
The application is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun.
Successfully exploiting this issue may allow attackers to execute arbitrary code within the context of the affected application. This is turn may result in a complete compromise of the affected system. Failed exploit attempts will result in a denial of service.
The issue affects McAfee E-Business Server 8.1.1 for Linux and 8.5.2 for Solaris. Versions for Windows are not affected.
14. Mono System.Math BigInteger Buffer Overflow Vulnerability
BugTraq ID: 26279
Remote: Yes
Date Published: 2007-10-31
Relevant URL: http://www.securityfocus.com/bid/26279
Summary:
Mono is prone to a buffer-overflow vulnerability because the application fails to adequately perform boundary checks on user-supplied data.
Successfully exploiting this issue could allow attackers to execute arbitrary code in the context of the user running an affected application. Failed exploit attempts will likely result in a denial-of-service condition.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. Linux Hardening
http://www.securityfocus.com/archive/91/482082
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: CSI
CSI 2007, November 3-9 in Washington, DC, is the only conference that delivers a business-focused overview of enterprise security.
It will convene 2,000+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques.
Register now for savings on conference fees and/or free exhibits admission.
No comments:
Post a Comment