----------------------------------------
This issue is sponsored by Black Hat USA
Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting.
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.Just Who's Being Exploited?
2.On the Border
II. LINUX VULNERABILITY SUMMARY
1. ClamAV 'libclamav/pe.c' UPACK File Heap Based Buffer Overflow Vulnerability
2. Libpng Library Unknown Chunk Handler Vulnerability
3. ClamAV ARJ File Denial Of Service Vulnerability
4. ClamAV 0.92.1 Multiple Vulnerabilities
5. ClamAV 'libclamav/pe.c' WWPACK File Heap Based Buffer Overflow Vulnerability
6. xine-lib NES Sound Format Demuxer 'demux_nsf.c' Buffer Overflow Vulnerability
7. Mozilla Firefox/SeaMonkey JavaScript Garbage Collector Memory Corruption Vulnerability
8. OpenOffice Multiple Heap Based Buffer Overflow Vulnerabilities
9. ImageMagick Malformed XCF File Heap Overflow Vulnerability
10. ImageMagick Malformed PCX File Heap Overflow Vulnerability
11. Poppler and Xpdf PDF Rendering Library Embedded Font Remote Code Execution Vulnerability
12. IBM DB2 Universal Database JAR File Processing Multiple Denial of Service Vulnerabilities
13. IBM DB2 'NNSTAT' Procedure Arbitrary File Overwrite Vulnerability
14. IBM DB2 Universal Database ADMIN_SP_C and ADMIN_SP_C2 Prodecures Remote Code Execution Vulnerability
15. MoinMoin Multiple ACL Security Bypass Vulnerabilities
16. grsecurity Multiple RBAC Local Security Bypass Vulnerabilities
17. Asterisk IAX2 Packet Amplification Remote Denial of Service Vulnerability
18. VLC Media Player MP4 Demuxer Buffer Overflow Vulnerability
19. VLC Media Player Cinepak Codec Buffer Overflow Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. DEF CON 16 Retro Announcement! Back to Bang!
2. EUSecWest CFP Closes April 14th (conf May 21/22 2008)
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.Just Who's Being Exploited?
By Jamie Reid
Last month's revelation that Tipping Point paid out a prize of $10,000 and a new laptop (MSRP: about $2000) at the CanSecWest conference, for the privilege of being the exclusive licensor of a heretofore unpublished vulnerability in Apple's Safari web browser to researcher, Charles Miller of Independent Security Evaluators, may lend some credence to this adage.
http://www.securityfocus.com/columnists/470
2.On the Border
By Mark Rasch
Recently, I was going through an airport with my shoes, coat, jacket, and belt off as well as with my carry-on bag, briefcase, and laptop all separated for easy inspection. I was heading through security at the Washington D.C., Ronald Reagan National Airport in Arlington, Virginia, or "National" as we locals call it. As I passed through the new magnetometer which gently puffed air all over my body -- which to me seems to be a cross between a glaucoma test and Marilyn Monroe in Gentlemen Prefer Blondes -- a TSA employee absent-mindedly asked if he could "inspect" my laptop computer. While the inspection was cursory, the situation immediately gave me pause: What was in my laptop anyway?
http://www.securityfocus.com/columnists/469
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. ClamAV 'libclamav/pe.c' UPACK File Heap Based Buffer Overflow Vulnerability
BugTraq ID: 28756
Remote: Yes
Date Published: 2008-04-14
Relevant URL: http://www.securityfocus.com/bid/28756
Summary:
ClamAV is prone to a heap-based buffer-overflow vulnerability because it fails to properly verify user-supplied data.
Successful exploits of this vulnerability can allow remote attackers to execute arbitrary machine code in the context of applications using the vulnerable 'libclamav' library. Failed exploit attempts will likely cause denial-of-service conditions.
ClamAV 0.92 and 0.92.1 are vulnerable to this issue; other versions may also be affected.
2. Libpng Library Unknown Chunk Handler Vulnerability
BugTraq ID: 28770
Remote: Yes
Date Published: 2008-04-14
Relevant URL: http://www.securityfocus.com/bid/28770
Summary:
The 'libpng' library is prone to a vulnerability that causes denial-of-service conditions or may allow code to run. The issue occurs because the software fails to properly handle unexpected chunk data in PNG files.
Successfully exploiting this issue allows remote attackers to trigger denial-of-service conditions or to possibly execute arbitrary machine code in the context of applications that use the library.
The following versions are affected:
- libpng 1.0.6 through 1.0.32
- libpng 1.2.0 through 1.2.26
- libpng 1.4.0beta01 through 1.4.0beta19
3. ClamAV ARJ File Denial Of Service Vulnerability
BugTraq ID: 28782
Remote: Yes
Date Published: 2008-04-14
Relevant URL: http://www.securityfocus.com/bid/28782
Summary:
ClamAV is prone to a denial-of-service vulnerability because it fails to handle exceptional conditions.
Attackers can exploit this issue to cause denial-of-service conditions.
Versions prior to ClamAV 0.93 are vulnerable.
4. ClamAV 0.92.1 Multiple Vulnerabilities
BugTraq ID: 28784
Remote: Yes
Date Published: 2008-04-14
Relevant URL: http://www.securityfocus.com/bid/28784
Summary:
ClamAV is prone to multiple vulnerabilities, including buffer-overflow and denial-of-service issues.
Successful exploits allow remote attackers to cause denial-of-service conditions or potentially to execute arbitrary machine code in the context of applications that use the vulnerable library.
Versions prior to ClamAV 0.93 are vulnerable.
5. ClamAV 'libclamav/pe.c' WWPACK File Heap Based Buffer Overflow Vulnerability
BugTraq ID: 28798
Remote: Yes
Date Published: 2008-04-15
Relevant URL: http://www.securityfocus.com/bid/28798
Summary:
ClamAV is prone to a heap-based buffer-overflow vulnerability because it fails to properly verify user-supplied data.
Successful exploits of this vulnerability can allow remote attackers to execute arbitrary machine code in the context of applications using the vulnerable 'libclamav' library. Failed exploit attempts will likely cause denial-of-service conditions.
ClamAV 0.92.1 is vulnerable to this issue; other versions may also be affected.
6. xine-lib NES Sound Format Demuxer 'demux_nsf.c' Buffer Overflow Vulnerability
BugTraq ID: 28816
Remote: Yes
Date Published: 2008-04-17
Relevant URL: http://www.securityfocus.com/bid/28816
Summary:
The 'xine-lib' library is prone to a buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects xine-lib 1.1.12 and prior versions.
7. Mozilla Firefox/SeaMonkey JavaScript Garbage Collector Memory Corruption Vulnerability
BugTraq ID: 28818
Remote: Yes
Date Published: 2008-04-16
Relevant URL: http://www.securityfocus.com/bid/28818
Summary:
The Mozilla Foundation has released a security advisory disclosing a memory-corruption vulnerability that affects Mozilla Firefox, SeaMonkey, and potentially Thunderbird.
The vulnerability stems from an unspecified error in the JavaScript garbage collector.
Attackers may exploit this issue to crash a vulnerable application or potentially execute arbitrary code in the context of the application.
The issue affects Mozilla Firefox 2.0.0.13 and Mozilla SeaMonkey 1.1.9. Note that Mozilla Thunderbird shares the browser engine with Firefox and may also be vulnerable when JavaScript is enabled in emails.
8. OpenOffice Multiple Heap Based Buffer Overflow Vulnerabilities
BugTraq ID: 28819
Remote: Yes
Date Published: 2008-04-17
Relevant URL: http://www.securityfocus.com/bid/28819
Summary:
OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files.
Remote attackers can exploit these issues by enticing victims into opening maliciously crafted ODF, Quattro Pro, EMF, or OLE files.
Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service.
The issues affect OpenOffice 2 prior to 2.4. The OLE and EMF file issues also affect OpenOffice 1.1.
9. ImageMagick Malformed XCF File Heap Overflow Vulnerability
BugTraq ID: 28821
Remote: Yes
Date Published: 2008-04-17
Relevant URL: http://www.securityfocus.com/bid/28821
Summary:
ImageMagick is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input. The vulnerability occurs when handling malformed XCF files.
Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running the application. Failed exploit attempts will result in a denial-of-service condition.
ImageMagick 6.2.8-0 and earlier are vulnerable.
10. ImageMagick Malformed PCX File Heap Overflow Vulnerability
BugTraq ID: 28822
Remote: Yes
Date Published: 2008-04-17
Relevant URL: http://www.securityfocus.com/bid/28822
Summary:
ImageMagick is prone to an heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input. The vulnerability occurs when handling malformed PCX files.
Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running the application. Failed exploit attempts will result in a denial-of-service condition.
ImageMagick 6.2.8-0 and 6.2.4-5 are vulnerable; other versions may also be affected.
11. Poppler and Xpdf PDF Rendering Library Embedded Font Remote Code Execution Vulnerability
BugTraq ID: 28830
Remote: Yes
Date Published: 2008-04-17
Relevant URL: http://www.securityfocus.com/bid/28830
Summary:
The Poppler and Xpdf PDF rendering library is prone to a remote code-execution vulnerability because the software fails to properly validate user-supplied data.
Successfully exploiting this issue allows attackers to execute arbitrary machine code in the context of applications that use the library. Failed exploit attempts likely result in denial-of-service conditions.
12. IBM DB2 Universal Database JAR File Processing Multiple Denial of Service Vulnerabilities
BugTraq ID: 28835
Remote: Yes
Date Published: 2008-04-18
Relevant URL: http://www.securityfocus.com/bid/28835
Summary:
IBM DB2 Universal Database is prone to multiple denial-of-service vulnerabilities.
Successfully exploiting these issues allows authenticated attackers to cause server crashes, denying service to legitimate users.
IBM DB2 Universal Database 8, 9, and 9.5 on Microsoft Windows platforms are affected.
13. IBM DB2 'NNSTAT' Procedure Arbitrary File Overwrite Vulnerability
BugTraq ID: 28836
Remote: No
Date Published: 2008-04-18
Relevant URL: http://www.securityfocus.com/bid/28836
Summary:
IBM DB2 is prone to a vulnerability that lets attackers overwrite arbitrary files.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Successfully exploiting this issue will compromise the application and possibly the underlying computer.
14. IBM DB2 Universal Database ADMIN_SP_C and ADMIN_SP_C2 Prodecures Remote Code Execution Vulnerability
BugTraq ID: 28843
Remote: Yes
Date Published: 2008-04-18
Relevant URL: http://www.securityfocus.com/bid/28843
Summary:
IBM DB2 is prone to a remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code within the context of the affected service. Successfully exploiting this issue may facilitate in the remote compromise of affected computers. Failed exploit attempts will likely crash the affected application.
15. MoinMoin Multiple ACL Security Bypass Vulnerabilities
BugTraq ID: 28869
Remote: Yes
Date Published: 2008-04-21
Relevant URL: http://www.securityfocus.com/bid/28869
Summary:
MoinMoin is prone to multiple security-bypass vulnerabilities because it fails to properly handle Access Control List (ACL) entries.
Successful exploits will allow attackers to bypass certain security restrictions and gain unauthorized access to administrative functionality. This in turn may lead to a compromise of the affected application.
Versions prior to MoinMoin 1.6.3 are affected.
16. grsecurity Multiple RBAC Local Security Bypass Vulnerabilities
BugTraq ID: 28889
Remote: No
Date Published: 2008-04-22
Relevant URL: http://www.securityfocus.com/bid/28889
Summary:
The 'grsecurity' application is prone to multiple local security-bypass vulnerabilities because it fails to properly handle return values to certain functions in the RBAC (Role-Based Access Control) system.
Successful exploits will allow attackers to bypass certain security restrictions.
Versions prior to grsecurity 2.1.11-2.6.24.5 (2008-04-21) and 2.1.11-2.4.36.2 (2008-04-21) are affected.
17. Asterisk IAX2 Packet Amplification Remote Denial of Service Vulnerability
BugTraq ID: 28901
Remote: Yes
Date Published: 2008-04-23
Relevant URL: http://www.securityfocus.com/bid/28901
Summary:
Asterisk is prone to a remote denial-of-service vulnerability caused by a flaw in the IAX2 protocol.
Successful exploits result in packet-amplification attacks. Malicious users can cause Asterisk to send large numbers of UDP datagrams to arbitrary addresses, potentially denying service to both the Asterisk service and networks that may become flooded.
18. VLC Media Player MP4 Demuxer Buffer Overflow Vulnerability
BugTraq ID: 28903
Remote: Yes
Date Published: 2008-04-23
Relevant URL: http://www.securityfocus.com/bid/28903
Summary:
VLC media player is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Versions prior to VLC media player 0.8.6f are vulnerable.
19. VLC Media Player Cinepak Codec Buffer Overflow Vulnerability
BugTraq ID: 28904
Remote: Yes
Date Published: 2008-04-23
Relevant URL: http://www.securityfocus.com/bid/28904
Summary:
VLC media player is prone to a buffer-overflow vulnerability because the Cinepak decoder fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
VLC media player 0.8.6e is vulnerable; other versions may also be affected.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. DEF CON 16 Retro Announcement! Back to Bang!
http://www.securityfocus.com/archive/91/490836
2. EUSecWest CFP Closes April 14th (conf May 21/22 2008)
http://www.securityfocus.com/archive/91/490754
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Black Hat USA
Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting.
No comments:
Post a Comment