----------------------------------------
This issue is sponsored by bMighty
Linux: The Impact of Service & Support
Review the practices & priorities of 354 business-technology professionals such as: using open source, Windows & Linux. A $99 value for FREE.
www.bMighty.com
http://www.bmighty.com/drivers/linux.jhtml?cid=LSM-sfL
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.Integrating More Intelligence into Your IDS, Part 1
2.Let's Go Crazy
II. LINUX VULNERABILITY SUMMARY
1. Sun Java SE Multiple Security Vulnerabilities
2. Adobe Acrobat Reader 'acroread' Insecure Temporary File Creation Vulnerability
3. Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
4. Linux Kiss Server Multiple Format String Vulnerabilities
5. Lighttpd 'mod_cgi' Information Disclosure Vulnerability
6. Gnome Evolution Encrypted Message Format String Vulnerability
7. Numara FootPrints HTML Injection and Remote Command Execution Vulnerabilities
8. Joomla! Prior to 1.0.15 RC4 Multiple Remote Vulnerabilities
9. Sun Java Runtime Environment Image Parsing Heap Buffer Overflow Vulnerability
10. SynCE 'vdccm' Daemon Remote Unspecified Denial Of Service Vulnerability
11. MoinMoin GUI Editor Multiple Cross Site Scripting Vulnerabilities
12. MoinMoin Macro Code Information Disclosure Vulnerability
13. Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
14. SAP MaxDB 'vserver' Component Remote Heap Memory Corruption Vulnerability
15. SAP MaxDB sdbstarter Environment Variable Local Privilege Escalation Vulnerability
16. ManageEngine ServiceDesk Plus 'SolutionSearch.do' Cross-Site Scripting Vulnerability
17. Lighttpd mod_userdir Information Disclosure Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.Integrating More Intelligence into Your IDS, Part 1
By Don Parker and Ryan Wegner
The more an intrusion detection system (IDS) knows about the network it is trying to protect, the better it will be able to protect the network. This is the fundamental principle behind target-based intrusion detection, where an IDS knows about the hosts on the network.
http://www.securityfocus.com/infocus/1898
2.Let's Go Crazy
By Mark Rasch
On February 7, 2007 Stephanie Lenz of Gallatzin, Pennsylvania posted an innocuous video of her 18-month-old son Holden pushing a baby toy while dancing to a barely recognizable song in the background.
http://www.securityfocus.com/columnists/467
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Sun Java SE Multiple Security Vulnerabilities
BugTraq ID: 28083
Remote: Yes
Date Published: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28083
Summary:
Sun has released advisories addressing multiple vulnerabilities affecting the following software:
JDK and JRE 6 Update 5
JDK and JRE 5.0 Update 15
SDK and JRE 1.4.2_17
SDK and JRE 1.3.1_22
2. Adobe Acrobat Reader 'acroread' Insecure Temporary File Creation Vulnerability
BugTraq ID: 28091
Remote: No
Date Published: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28091
Summary:
The 'acroread' script of the Adobe Acrobat Reader package creates temporary files in an insecure manner.
An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
This issue affects Adobe Reader 8.1.2 for Unix; other versions may also be vulnerable.
3. Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
BugTraq ID: 28092
Remote: No
Date Published: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28092
Summary:
Dovecot is prone to a vulnerability that can result in unauthorized access to arbitrary data.
This occurs when the 'mail_extra_groups' setting is enabled.
Attackers can leverage this issue to write or delete certain files or to harvest data that may aid in further attacks.
Dovecot 0.99.10.6 through 1.0.10 are vulnerable.
4. Linux Kiss Server Multiple Format String Vulnerabilities
BugTraq ID: 28099
Remote: Yes
Date Published: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28099
Summary:
Linux Kiss Server is prone to multiple format-string vulnerabilities because the application fails to adequately sanitize user-supplied input before passing it as the format-specifier to a formatted-printing function.
A remote attacker may execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in a denial of service.
These issues affect Linux Kiss Server 1.2; other versions may also be vulnerable.
5. Lighttpd 'mod_cgi' Information Disclosure Vulnerability
BugTraq ID: 28100
Remote: Yes
Date Published: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28100
Summary:
The 'lighttpd' program is prone to a vulnerability that in certain circumstances may allow attackers to access source code because the application fails to properly handle exceptional conditions.
Attackers can exploit this vulnerability to obtain potentially sensitive information that may aid in further attacks.
This issue affects lighttpd 1.4.18; other versions may also be vulnerable.
6. Gnome Evolution Encrypted Message Format String Vulnerability
BugTraq ID: 28102
Remote: Yes
Date Published: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28102
Summary:
Gnome Evolution is prone to a format-string vulnerability.
This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format-specifier argument of a formatted-printing function when processing encrypted email massages.
Successfully exploiting this issue may allow remote attackers to execute arbitrary machine code in the context of the application. Failed exploit attempts will likely result in a denial of service.
Gnome Evolution 2.12.3 is vulnerable to this issue; other versions may also be affected.
7. Numara FootPrints HTML Injection and Remote Command Execution Vulnerabilities
BugTraq ID: 28103
Remote: Yes
Date Published: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28103
Summary:
Numara FootPrints is prone to an HTML-injection vulnerability and a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input.
Attackers can exploit these issues to execute arbitrary commands within the context of the webserver, execute arbitrary HTML or JavaScript code within the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user. Other attacks are also possible.
Numara FootPrints 8.1 for Linux is vulnerable; other versions running on different platforms may also be affected.
8. Joomla! Prior to 1.0.15 RC4 Multiple Remote Vulnerabilities
BugTraq ID: 28111
Remote: Yes
Date Published: 2008-03-05
Relevant URL: http://www.securityfocus.com/bid/28111
Summary:
Joomla! is prone to multiple remote vulnerabilities, including:
- Multiple cross-site request-forgery vulnerabilities
- A cross-site scripting vulnerability
- Multiple privilege-escalation vulnerabilities
Attackers can exploit these issues to compromise the affected application, execute arbitrary code within the context of the webserver process, or steal cookie-based authentication credentials; other attacks are also possible.
These issues affect versions prior to Joomla 1.0.15 RC4.
9. Sun Java Runtime Environment Image Parsing Heap Buffer Overflow Vulnerability
BugTraq ID: 28125
Remote: Yes
Date Published: 2008-03-06
Relevant URL: http://www.securityfocus.com/bid/28125
Summary:
Sun Java Runtime Environment is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application.
This issue affects the following products and versions:
JDK and JRE 6 prior to Update 5
JDK and JRE 5.0 prior to Update 15
SDK and JRE prior to 1.4.2_17
SDK and JRE prior to 1.3.1_22
This vulnerability was previously covered in BID 28083 (Sun Java SE Multiple Security Vulnerabilities), but has been given its own record to better document the issue.
10. SynCE 'vdccm' Daemon Remote Unspecified Denial Of Service Vulnerability
BugTraq ID: 28141
Remote: Yes
Date Published: 2008-03-07
Relevant URL: http://www.securityfocus.com/bid/28141
Summary:
SynCE 'vdccm' Daemon is prone to a denial-of-service vulnerability.
Remote attackers can exploit this issue to deny service to legitimate users.
This issue affects versions prior to SynCE 'vdccm' Daemon 0.10.1.
11. MoinMoin GUI Editor Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 28173
Remote: Yes
Date Published: 2008-03-10
Relevant URL: http://www.securityfocus.com/bid/28173
Summary:
MoinMoin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other attacks.
12. MoinMoin Macro Code Information Disclosure Vulnerability
BugTraq ID: 28177
Remote: Yes
Date Published: 2008-03-10
Relevant URL: http://www.securityfocus.com/bid/28177
Summary:
MoinMoin is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain potentially sensitive information that may aid in further attacks.
13. Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
BugTraq ID: 28181
Remote: Yes
Date Published: 2008-03-10
Relevant URL: http://www.securityfocus.com/bid/28181
Summary:
Dovecot is prone to a security-bypass vulnerability because the application fails to adequately sanitize user-supplied input.
An attacker may exploit this issue to gain unauthorized access the affected application. Successful exploits will compromise the application.
Versions prior to Dovecot 1.0.13 and 1.1.rc3 are vulnerable. The vendor states that this issue affects only password databases that have blocking enabled.
NOTE: Reports indicate that this issue can be exploited only on versions after Dovecot 1.0.10, which introduced the 'skip_password_check' field.
14. SAP MaxDB 'vserver' Component Remote Heap Memory Corruption Vulnerability
BugTraq ID: 28183
Remote: Yes
Date Published: 2008-03-10
Relevant URL: http://www.securityfocus.com/bid/28183
Summary:
SAP MaxDB is prone to a heap-based memory-corruption vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Successfully exploiting this issue will compromise the affected application and possibly the underlying computer.
This issue affects MaxDB 7.6.0.37 running on the Linux operating system. Other versions running on different platforms may also be affected.
15. SAP MaxDB sdbstarter Environment Variable Local Privilege Escalation Vulnerability
BugTraq ID: 28185
Remote: No
Date Published: 2008-03-10
Relevant URL: http://www.securityfocus.com/bid/28185
Summary:
SAP MaxDB is prone to a local privilege-escalation vulnerability.
Exploiting this issue allows local attackers to execute arbitrary code with superuser privileges. This will lead to the complete compromise of an affected computer.
This issue affects MaxDB 7.6.0.37 on both Linux and Solaris platforms. Other UNIX variants are most likely affected. Microsoft Windows versions are not vulnerable to this issue.
16. ManageEngine ServiceDesk Plus 'SolutionSearch.do' Cross-Site Scripting Vulnerability
BugTraq ID: 28191
Remote: Yes
Date Published: 2008-03-11
Relevant URL: http://www.securityfocus.com/bid/28191
Summary:
ManageEngine ServiceDesk Plus is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Microsoft Windows is vulnerable; other versions may be affected as well.
17. Lighttpd mod_userdir Information Disclosure Vulnerability
BugTraq ID: 28226
Remote: Yes
Date Published: 2008-03-12
Relevant URL: http://www.securityfocus.com/bid/28226
Summary:
The 'lighttpd' program is prone to a vulnerability that may allow attackers to access sensitive information code because the application fails to properly handle exceptional conditions.
Attackers can exploit this vulnerability to obtain potentially sensitive information that may aid in further attacks.
This issue affects lighttpd 1.4.18; other versions may also be vulnerable.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is sponsored by bMighty
Linux: The Impact of Service & Support
Review the practices & priorities of 354 business-technology professionals such as: using open source, Windows & Linux. A $99 value for FREE.
www.bMighty.com
http://www.bmighty.com/drivers/linux.jhtml?cid=LSM-sfL
No comments:
Post a Comment