----------------------------------------
This issue is sponsored by Sponsored by IBM® Rational® AppScan
Copy: Failure to properly secure Web applications significantly impacts your ability to protect sensitive client and corporate data. IBM Rational AppScan is an automated scanner that monitors, identifies and helps remediate vulnerabilities.
Download a free trial of AppScan and see how it can help prevent against the threat of attack.
https://www.watchfire.com/securearea/appscan.aspx?id=701700000009T0r
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.An Astonishing Collaboration
2.Bad-Code Blues
II. LINUX VULNERABILITY SUMMARY
1. Links 'only proxies' Unspecified Security Vulnerability
2. HTTrack URI Parsing Remote Buffer Overflow Vulnerability
3. @Mail Multiple Local Information Disclosure Vulnerabilities
4. 'nfs-utils' Package for Red Hat Enterprise Linux 5 TCP Wrappers Security Bypass Vulnerability
5. libxslt RC4 Encryption and Decryption Functions Buffer Overflow Vulnerability
6. OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
7. SAP MaxDB 'dbmsrv' Process 'PATH' Environment Variable Local Privilege Escalation Vulnerability
8. Python Multiple Buffer Overflow Vulnerabilities
9. Ingres Database Multiple Local Vulnerabilities
10. Linux Kernel 'uvc_driver.c ' Format Descriptor Parsing Buffer Overflow Vulnerability
11. XAMPP for Linux 'text' Parameter Multiple Cross-Site Scripting Vulnerabilities
12. JBoss Enterprise Application Platform Information Disclosure Vulnerability
13. Linux Kernel 'snd_seq_oss_synth_make_info()' Information Disclosure Vulnerability
14. DD-WRT Site Survey SSID Script Injection Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. root shell auditing
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.An Astonishing Collaboration
By Dan Kaminsky
Wow. It's out. It's finally, finally out. Sweet!
http://www.securityfocus.com/columnists/477
2.Bad-Code Blues
By Don Parker
The current state of secure software development by corporations both large and small is a mess. We are still cursed with half-baked software, and as a result, a never ending stream of vulnerabilities. Secure coding practices and active quality assurance (QA) efforts are now more mainstream, but that still hasn.t made much of a dent.
http://www.securityfocus.com/columnists/476
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Links 'only proxies' Unspecified Security Vulnerability
BugTraq ID: 30422
Remote: Yes
Date Published: 2008-07-29
Relevant URL: http://www.securityfocus.com/bid/30422
Summary:
Links is prone to an unspecified security vulnerability related to providing URIs to external programs.
Very few details are available regarding this issue. We will update this BID as more information emerges.
2. HTTrack URI Parsing Remote Buffer Overflow Vulnerability
BugTraq ID: 30425
Remote: Yes
Date Published: 2008-07-28
Relevant URL: http://www.securityfocus.com/bid/30425
Summary:
HTTrack is prone to a remote buffer-overflow vulnerability because it fails to perform sufficient boundary checks when parsing long URIs.
Remote attackers can exploit this issue by enticing victims into crawling a malicious URI designed to exploit this issue.
Successful exploits may allow attackers to execute arbitrary code within the context of an affected application. Failed exploit attempts will likely result in a denial of service.
Versions prior to HTTrack 3.42-3 are vulnerable.
3. @Mail Multiple Local Information Disclosure Vulnerabilities
BugTraq ID: 30434
Remote: No
Date Published: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30434
Summary:
@Mail is prone to multiple information-disclosure vulnerabilities because the application fails to properly restrict access to sensitive files.
An unprivileged attacker may exploit these issues to obtain sensitive information.
@Mail 5.41 is vulnerable; other versions may also be affected.
4. 'nfs-utils' Package for Red Hat Enterprise Linux 5 TCP Wrappers Security Bypass Vulnerability
BugTraq ID: 30466
Remote: Yes
Date Published: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30466
Summary:
The 'nfs-utils' package is prone to a security-bypass vulnerability because it was not properly built with TCP Wrappers support.
Remote attackers can exploit this issue to bypass certain security restrictions and gain access to NFS services on vulnerable computers.
This issue occurs in the 'nfs-utils' package built with Red Hat Enterprise Linux 5.
5. libxslt RC4 Encryption and Decryption Functions Buffer Overflow Vulnerability
BugTraq ID: 30467
Remote: Yes
Date Published: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30467
Summary:
The 'libxslt' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.
An attacker may exploit this issue to execute arbitrary code with the privileges of the user running an application that relies on the affected library. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects libxslt 1.1.8 to 1.1.24.
6. OpenSC CardOS M4 Smart Cards Insecure Permissions Vulnerability
BugTraq ID: 30473
Remote: No
Date Published: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30473
Summary:
OpenSC insecurely initializes smart cards and USB crypto tokens based on Seimens CardOS M4.
Attackers can leverage this issue to change the PIN number on a card without having knowledge of the existing PIN or PUK number. Successfully exploiting this issue allows attackers to use the card in further attacks.
NOTE: This issue cannot be leveraged to access an existing PIN number.
This issue occurs in versions prior to OpenSC 0.11.5.
7. SAP MaxDB 'dbmsrv' Process 'PATH' Environment Variable Local Privilege Escalation Vulnerability
BugTraq ID: 30474
Remote: No
Date Published: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30474
Summary:
SAP MaxDB is prone to a local privilege-escalation vulnerability that occurs in the 'dbmsrv' process because the application fails to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to execute arbitrary code with 'sdb:sdba' privileges. Successfully exploiting this issue will compromise the affected application and possibly the underlying computer.
SAP MaxDB 7.6.03.15 on Linux is vulnerable; other versions running on different platforms may also be affected.
8. Python Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 30491
Remote: Yes
Date Published: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30491
Summary:
Python is prone to multiple buffer-overflow vulnerabilities.
Successful exploits may allow attackers to execute arbitrary code in the context of applications using the vulnerable Python modules. This may result in a compromise of the underlying system. Failed attempts may lead to a denial-of-service condition.
These issues affect versions prior to Python 2.5.2-r6.
9. Ingres Database Multiple Local Vulnerabilities
BugTraq ID: 30512
Remote: No
Date Published: 2008-08-01
Relevant URL: http://www.securityfocus.com/bid/30512
Summary:
Ingres Database is prone to multiple local vulnerabilities:
- Multiple local privilege-escalation vulnerabilities
- A vulnerability that may allow attackers to overwrite arbitrary files.
Local attackers can exploit these issues to gain elevated privileges on the affected computer, execute arbitrary code with superuser privileges, and overwrite arbitrary files owned by 'Ingres' user.
10. Linux Kernel 'uvc_driver.c ' Format Descriptor Parsing Buffer Overflow Vulnerability
BugTraq ID: 30514
Remote: No
Date Published: 2008-08-02
Relevant URL: http://www.securityfocus.com/bid/30514
Summary:
The Linux kernel is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.
Local attackers can exploit this issue to execute arbitrary code with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.
Versions prior to Linux kernel 2.6.26.1 are vulnerable.
11. XAMPP for Linux 'text' Parameter Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 30535
Remote: Yes
Date Published: 2008-08-04
Relevant URL: http://www.securityfocus.com/bid/30535
Summary:
XAMPP for Linux is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
XAMPP 1.6.7 for Linux is vulnerable; other versions may also be affected.
12. JBoss Enterprise Application Platform Information Disclosure Vulnerability
BugTraq ID: 30540
Remote: Yes
Date Published: 2008-08-05
Relevant URL: http://www.securityfocus.com/bid/30540
Summary:
JBoss Enterprise Application Platform is prone to a remote information-disclosure vulnerability.
Remote attackers can exploit this issue to obtain potentially sensitive details about deployed web contexts. Information obtained may lead to further attacks.
The issue affects versions prior to JBoss Enterprise Application Platform 4.3.0.CP01 and 4.2.0.CP03.
13. Linux Kernel 'snd_seq_oss_synth_make_info()' Information Disclosure Vulnerability
BugTraq ID: 30559
Remote: No
Date Published: 2008-08-06
Relevant URL: http://www.securityfocus.com/bid/30559
Summary:
The Linux kernel is prone to an information-disclosure vulnerability.
Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.
Versions prior to Linux kernel 2.6.27-rc2 are vulnerable.
14. DD-WRT Site Survey SSID Script Injection Vulnerability
BugTraq ID: 30573
Remote: Yes
Date Published: 2008-08-06
Relevant URL: http://www.securityfocus.com/bid/30573
Summary:
DD-WRT is prone to a script-injection vulnerability because it fails to adequately sanitize user-supplied data to the 'Site Survey' section of the administrative web interface.
Attackers can exploit this issue to execute arbitrary script code in the DD-WRT web interface.
Versions prior to DD-WRT 24-sp1 are vulnerable.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. root shell auditing
http://www.securityfocus.com/archive/91/494849
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Sponsored by IBM® Rational® AppScan
Copy: Failure to properly secure Web applications significantly impacts your ability to protect sensitive client and corporate data. IBM Rational AppScan is an automated scanner that monitors, identifies and helps remediate vulnerabilities.
Download a free trial of AppScan and see how it can help prevent against the threat of attack.
https://www.watchfire.com/securearea/appscan.aspx?id=701700000009T0r
No comments:
Post a Comment