----------------------------------------
This issue is Sponsored by: SPI Dynamics
ALERT: Ajax Security Dangers- How Hackers are attacking Ajax Web Apps
While Ajax can greatly improve the usability of a Web application, it can also create several opportunities for possible attack if the application is not designed with security in mind. Download this SPI Dynamics white paper.
https://download.spidynamics.com/1/ad/AJAX.asp?Campaign_ID=70160000000D4Kl
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.Don't blame the IDS
2.E-mail privacy to disappear?
II. LINUX VULNERABILITY SUMMARY
1. BitchX E_HOSTNAME Function Insecure Temporary File Creation Vulnerability
2. Linux Kernel IEEE80211 HDRLen Remote Denial Of Service Vulnerability
3. PCRE Regular Expression Library Multiple Security Vulnerabilities
4. Perl Unicode Regular Expression Buffer Overflow Vulnerability
5. Plone Multiple Modules Script Execution Vulnerabilities
6. Xpdf Multiple Remote Stream.CC Vulnerabilities
7. CoolKey PK11IPC1 Insecure Temporary File Creation Vulnerability
8. Mcstrans Mcstrans.C Local Denial of Service Vulnerability
9. GForge Insecure Temporary File Creation Vulnerability
10. TorK Multiple Privoxy Insecure Default Configuration Vulnerabilities
11. Conga ricci Connection Limit Remote Denial Of Service Vulnerability
12. PHP 5.2.4 and Prior Versions Multiple Vulnerabilities
13. Ruby Multiple Libraries SSL Multiple Insecure Certificate Validation Weaknesses
14. Linux Kernel CIFS Transport.C Remote Buffer Overflow Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. How secure is the openSUSE Build Service?
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.Don't blame the IDS
By Don Parker
Some years ago, I remember reading a press release from the Gartner Group. It was about intrusion detection systems (IDS) offering little return for the monetary investment in them and furthermore, that this very same security technology would be obsolete by the year 2005. A rather bold statement and an even bolder prediction on their part.
http://www.securityfocus.com/columnists/457
2.E-mail privacy to disappear?
By Mark Rasch
On October 8, 2007, the United States Court of Appeals for the Sixth Circuit in Cincinnati granted the government's request for a full-panel hearing in United States v. Warshak case centering on the right of privacy for stored electronic communications. At issue is whether the procedure whereby the government can subpoena stored copies of your e-mail -- similar to the way they could simply subpoena any physical mail sitting on your desk -- is unconstitutionally broad.
http://www.securityfocus.com/columnists/456
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. BitchX E_HOSTNAME Function Insecure Temporary File Creation Vulnerability
BugTraq ID: 26326
Remote: No
Date Published: 2007-11-05
Relevant URL: http://www.securityfocus.com/bid/26326
Summary:
BitchX is prone to a security vulnerability because it creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symlink attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to overwrite or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
This issue affects BitchX 1.1; other versions may also be vulnerable.
2. Linux Kernel IEEE80211 HDRLen Remote Denial Of Service Vulnerability
BugTraq ID: 26337
Remote: Yes
Date Published: 2007-11-05
Relevant URL: http://www.securityfocus.com/bid/26337
Summary:
The Linux kernel ieee80211 driver is prone to a remote denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to crash a victim computer, effectively denying service.
Versions prior to Linux kernel 2.6.22.11 are vulnerable.
3. PCRE Regular Expression Library Multiple Security Vulnerabilities
BugTraq ID: 26346
Remote: Yes
Date Published: 2007-11-05
Relevant URL: http://www.securityfocus.com/bid/26346
Summary:
PCRE regular-expression library is prone to multiple security vulnerabilities.
Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or launch other attacks in the context of the application using the affected library.
4. Perl Unicode Regular Expression Buffer Overflow Vulnerability
BugTraq ID: 26350
Remote: Yes
Date Published: 2007-11-05
Relevant URL: http://www.securityfocus.com/bid/26350
Summary:
Perl is prone to a buffer-overflow vulnerability because it fails to sufficiently bounds-check user-supplied input.
Successfully exploiting this issue allows attackers to execute arbitrary machine code in the context of Perl applications using regular expressions in a vulnerable manner. This facilitates the remote compromise of affected computers.
Perl 5.8 is vulnerable to this issue; other versions may also be affected.
5. Plone Multiple Modules Script Execution Vulnerabilities
BugTraq ID: 26354
Remote: Yes
Date Published: 2007-11-06
Relevant URL: http://www.securityfocus.com/bid/26354
Summary:
Plone is affected by multiple script-execution vulnerabilities.
Exploiting these issues may allow remote attackers to execute arbitrary Python code in the context of the application. This may facilitate remote unauthorized access to an affected computer.
These versions are affected:
Plone 2.5.4 and prior versions of the 2.5 branch
Plone 3.0.2 and prior versions of the 3.0 branch
6. Xpdf Multiple Remote Stream.CC Vulnerabilities
BugTraq ID: 26367
Remote: Yes
Date Published: 2007-11-07
Relevant URL: http://www.securityfocus.com/bid/26367
Summary:
Xpdf is prone to multiple remote vulnerabilities because of flaws in various functions in the 'Stream.cc' source file.
Attackers exploit these issues by coercing users to view specially crafted PDF files with the affected application.
Successfully exploiting these issues allows attackers to execute arbitrary machine code in the context of the vulnerable application. This facilitates the remote compromise of affected computers.
Xpdf 3.02pl1 is vulnerable to these issues; other versions may also be affected.
7. CoolKey PK11IPC1 Insecure Temporary File Creation Vulnerability
BugTraq ID: 26369
Remote: No
Date Published: 2007-11-07
Relevant URL: http://www.securityfocus.com/bid/26369
Summary:
CoolKey creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks to alter the permissions of an arbitrary attacker-specified file, such as '/etc/shadow'. This could facilitate a complete compromise of the affected computer.
8. Mcstrans Mcstrans.C Local Denial of Service Vulnerability
BugTraq ID: 26371
Remote: No
Date Published: 2007-11-07
Relevant URL: http://www.securityfocus.com/bid/26371
Summary:
Mcstrans is prone to a local denial-of-service vulnerability because it fails to adequately check user-supplied data.
Successfully exploiting this issue allows local attackers to deny service to legitimate users.
9. GForge Insecure Temporary File Creation Vulnerability
BugTraq ID: 26373
Remote: No
Date Published: 2007-11-07
Relevant URL: http://www.securityfocus.com/bid/26373
Summary:
GForge creates temporary files in an insecure way.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. This may result in denial-of-service conditions; other attacks are also possible.
10. TorK Multiple Privoxy Insecure Default Configuration Vulnerabilities
BugTraq ID: 26386
Remote: Yes
Date Published: 2007-11-08
Relevant URL: http://www.securityfocus.com/bid/26386
Summary:
TorK is prone to multiple insecure-configuration vulnerabilities because of several default configuration options used by the Privoxy web proxy server.
Attackers can exploit these issues to bypass proxy filter rules or modify user-defined configuration values.
These issues affect versions prior to TorK 0.22.
11. Conga ricci Connection Limit Remote Denial Of Service Vulnerability
BugTraq ID: 26393
Remote: Yes
Date Published: 2007-11-09
Relevant URL: http://www.securityfocus.com/bid/26393
Summary:
Conga 'ricci' is prone to a denial-of-service vulnerabilit because the daemon limits the number of connection requests.
An attacker can exploit this issue to deny service to legitimate users.
12. PHP 5.2.4 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 26403
Remote: Yes
Date Published: 2007-11-08
Relevant URL: http://www.securityfocus.com/bid/26403
Summary:
PHP 5.2.4 and prior versions are prone to multiple security vulnerabilities. Successful exploits could allow an attacker to bypass security restrictions, cause a denial-of-service condition, and potentially execute code.
13. Ruby Multiple Libraries SSL Multiple Insecure Certificate Validation Weaknesses
BugTraq ID: 26421
Remote: Yes
Date Published: 2007-11-13
Relevant URL: http://www.securityfocus.com/bid/26421
Summary:
Ruby is prone to multiple weaknesses related to its validation of certificates. The problem is that multiple libraries fail to properly perform validity checks on X.509 certificates.
Successfully exploiting these issues may allow attackers to perform man-in-the-middle attacks against applications that insecurely use an affected library. Other attacks may also be possible.
NOTE: These issues are related to a weakness covered by BID 25847 (Ruby Net::HTTP SSL Insecure Certificate Validation Weakness).
14. Linux Kernel CIFS Transport.C Remote Buffer Overflow Vulnerability
BugTraq ID: 26438
Remote: Yes
Date Published: 2007-11-14
Relevant URL: http://www.securityfocus.com/bid/26438
Summary:
The Linux kernel is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with kernel-level privileges or cause the affected kernel to crash, denying service to legitimate users.
This issue affects version 2.6.23.1; previous versions may also be affected.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. How secure is the openSUSE Build Service?
http://www.securityfocus.com/archive/91/483116
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: SPI Dynamics
ALERT: Ajax Security Dangers- How Hackers are attacking Ajax Web Apps
While Ajax can greatly improve the usability of a Web application, it can also create several opportunities for possible attack if the application is not designed with security in mind. Download this SPI Dynamics white paper.
https://download.spidynamics.com/1/ad/AJAX.asp?Campaign_ID=70160000000D4Kl
No comments:
Post a Comment