News

Wednesday, February 20, 2008

SecurityFocus Linux Newsletter #377

SecurityFocus Linux Newsletter #377
----------------------------------------

This issue is Sponsored by: HP

HP Application Security Webinar: Achieving PCI 6.6 Compliance - Are Your Web Applications Secure Enough?
In June 2008, the major credit card vendors will require compliance with requirement 6 of the PCI DSS, "Ensure that all web facing applications are protected against known attacks." Join HP Software and the former SPI Dynamics for this free webinar to learn how you can easily satisfy this requirement and build a powerful web application security program at the same time. During this event, you will receive the tools and knowledge to ensure your web applications comply with PCI requirements and block hackers.
https://h30406.www3.hp.com/campaigns/2008/events/sw-02-26-08/index.php?mcc=DAYA


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Tweaking Social Security to Combat Fraud
2. Skills for the Future

II. LINUX VULNERABILITY SUMMARY
1. ClamAV Heap Corruption and Integer Overflow Vulnerabilities
2. Endian Firewall Multiple Cross-Site Scripting Vulnerabilities
3. MPlayer 'stream_cddb.c' Remote Buffer Overflow Vulnerability
4. MPlayer 'url.c' Remote Heap Based Buffer Overflow Vulnerability
5. OpenLDAP MODRDN Remote Denial of Service Vulnerability
6. Linux Kernel Prior to 2.6.24.1 '/proc' Local Memory Access Vulnerability
7. Multiple Horde Products Security Bypass Vulnerability
8. Kerio MailServer Multiple Unspecified Vulnerabilities
9. IBM DB2 Universal Database 9.1 Multiple Vulnerabilities
10. MoinMoin Multiple Cross Site Scripting Vulnerabilities
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Tweaking Social Security to Combat Fraud
By Tim Mullen
Americans lost over 45 billion dollars in identity-related fraud in 2007. Reports are so commonplace that we've actually become de-sensitized to them. "200,000 victims reported..." "500,000 victims reported..." Even figures into the millions don't seem to faze us anymore. And that is a Bad Thing.

http://www.securityfocus.com/columnists/465

2.Skills for the Future
By Don Parker
A lot of the emails sent to me ask a basic question: Just how does one break into computer security or what skills should you learn to get that first security job. Lately though, I have been receiving many more queries on specifically how one can leverage an existing skill set to become an information-technology security analyst.

http://www.securityfocus.com/columnists/464


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. ClamAV Heap Corruption and Integer Overflow Vulnerabilities
BugTraq ID: 27751
Remote: Yes
Date Published: 2008-02-12
Relevant URL: http://www.securityfocus.com/bid/27751
Summary:
ClamAV is prone to a heap-corruption vulnerability and an integer-overflow vulnerability.

Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of the affected application. This facilitates the remote compromise of affected computers. Failed exploit attempts likely result in application crashes.

Versions prior to ClamAV 0.92.1 are affected by these issues.

2. Endian Firewall Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 27758
Remote: Yes
Date Published: 2008-02-12
Relevant URL: http://www.securityfocus.com/bid/27758
Summary:
Endian Firewall is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data.

Attackers can leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help attackers steal cookie-based authentication credentials and launch other attacks.

Endian Firewall 2.1.2 is vulnerable to these issues; other versions may also be affected.

3. MPlayer 'stream_cddb.c' Remote Buffer Overflow Vulnerability
BugTraq ID: 27765
Remote: Yes
Date Published: 2008-02-12
Relevant URL: http://www.securityfocus.com/bid/27765
Summary:
MPlayer is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

MPlayer 1.0 rc2 is vulnerable; other versions may also be affected.

4. MPlayer 'url.c' Remote Heap Based Buffer Overflow Vulnerability
BugTraq ID: 27766
Remote: Yes
Date Published: 2008-02-12
Relevant URL: http://www.securityfocus.com/bid/27766
Summary:
MPlayer is prone to a remote heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

MPlayer 1.0 rc2 is vulnerable; other versions may also be affected.

5. OpenLDAP MODRDN Remote Denial of Service Vulnerability
BugTraq ID: 27778
Remote: Yes
Date Published: 2008-02-13
Relevant URL: http://www.securityfocus.com/bid/27778
Summary:
OpenLDAP is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to deny service to legitimate users.

OpenLDAP 2.3.39 is vulnerable to this issue; other versions may also be affected.

This issue is related to one described in BID 26245 (OpenLDAP Multiple Remote Denial of Service Vulnerabilities), identified by CVE-2007-6698.

6. Linux Kernel Prior to 2.6.24.1 '/proc' Local Memory Access Vulnerability
BugTraq ID: 27798
Remote: No
Date Published: 2008-02-14
Relevant URL: http://www.securityfocus.com/bid/27798
Summary:
The Linux kernel is prone to a local memory access vulnerability that affects vserver-enabled kernels.

Attackers can exploit this issue via symbolic-link attacks to access resources in other vservers.

This issue affects versions prior to Linux Kernel 2.6.24.1.

7. Multiple Horde Products Security Bypass Vulnerability
BugTraq ID: 27844
Remote: Yes
Date Published: 2008-02-18
Relevant URL: http://www.securityfocus.com/bid/27844
Summary:
Horde products are prone to a security-bypass vulnerability.

Attackers can use this issue to bypass certain security restrictions and edit arbitrary contacts in shared and personal address books. This may aid in further attacks.

This issue affects Horde Groupware 1.0.3, Horde Groupware Webmail Edition 1.0.4, and Turba Contact Manager 2.1.6; other versions may also be vulnerable.

8. Kerio MailServer Multiple Unspecified Vulnerabilities
BugTraq ID: 27868
Remote: Yes
Date Published: 2008-02-19
Relevant URL: http://www.securityfocus.com/bid/27868
Summary:
Kerio MailServer is prone to multiple unspecified vulnerabilities.

Attackers can exploit these issues to cause denial-of-service conditions or potentially execute arbitrary code in the context of the application; other attacks are also possible.

Very few details are currently available regarding these issues. We will update this BID as more information emerges.

Versions prior to Kerio MailServer 6.5.0 are vulnerable.

9. IBM DB2 Universal Database 9.1 Multiple Vulnerabilities
BugTraq ID: 27870
Remote: Yes
Date Published: 2008-02-15
Relevant URL: http://www.securityfocus.com/bid/27870
Summary:
IBM DB2 Universal Database is prone to multiple vulnerabilities, including denial-of-service issues and multiple issues with unspecified impact.

Successfully exploiting these issues may allow attackers to cause denial-of-service conditions and carry out other attacks.

Very few details are currently available regarding these issues. We will update this BID as more information emerges.

These issues affect IBM DB2 Universal Database 9.1 versions prior to Fixpak 4a.

10. MoinMoin Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 27904
Remote: Yes
Date Published: 2008-02-20
Relevant URL: http://www.securityfocus.com/bid/27904
Summary:
MoinMoin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.

These issues affect the following versions:

MoinMoin 1.5.8 and prior versions
MoinMoin 1.6.x prior to 1.6.1.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: HP

HP Application Security Webinar: Achieving PCI 6.6 Compliance - Are Your Web Applications Secure Enough?
In June 2008, the major credit card vendors will require compliance with requirement 6 of the PCI DSS, "Ensure that all web facing applications are protected against known attacks." Join HP Software and the former SPI Dynamics for this free webinar to learn how you can easily satisfy this requirement and build a powerful web application security program at the same time. During this event, you will receive the tools and knowledge to ensure your web applications comply with PCI requirements and block hackers.
https://h30406.www3.hp.com/campaigns/2008/events/sw-02-26-08/index.php?mcc=DAYA

No comments:

Blog Archive