News

Loading...

Thursday, September 11, 2008

SecurityFocus Linux Newsletter #406

SecurityFocus Linux Newsletter #406
----------------------------------------

This issue is sponsored by Sponsored by Ironkey: The World's Most Secure Flash Drive

You can now initiate and utilize IronKey flash drives on Linux operating systems based on kernel 2.6 and above.
IronKey uses military-grade AES hardware encryption and provides rugged and waterproof protection to safeguard your data.
https://www.iroky.com/forenterprise2


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Get Off My Cloud
2.An Astonishing Collaboration
II. LINUX VULNERABILITY SUMMARY
1. Radiance Insecure Temporary File Creation Vulnerabilities
2. Postfix 'epoll' Linux Event Handler Local Denial of Service Vulnerability
3. ClamAV 'chmunpack.c' Invalid Memory Access Denial Of Service Vulnerability
4. Wireshark 1.0.2 Multiple Vulnerabilities
5. Xastir Insecure Temporary File Creation Vulnerabilities
6. gmanedit Multiple Buffer Overflow Vulnerabilities
7. ClamAV Multiple Unspecified Memory Corruption Vulnerabilities
8. GNU Emacs 'python.el' Code Execution Vulnerability
9. IBM DB2 Universal Database Server 8.2 Prior To Fixpak 17 Multiple Vulnerabilities
10. sSMTP 'from_format()' Uninitialized Memory Information Disclosure Vulnerability
11. Red Hat Enterprise IPA Master Kerberos Password Information Disclosure Vulnerability
12. libxml XML Entity Name Heap Buffer Overflow Vulnerability
13. Linux kernel NFSv4 ACL Buffer Overflow Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. Pandora FMS 1.2 released
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Get Off My Cloud
By Mark Rasch
One of the features of Apple's device that appeals to me is the new MobileMe service, where you can "access and manage your email, contacts, calendar, photos, and files at me.com," according to Apple.
More companies, among them Microsoft and Google, already allow people to store information and use common services online -- or "in the cloud" -- leading analysts to refer to the entire trend as "cloud computing."
http://www.securityfocus.com/columnists/478

2.An Astonishing Collaboration
By Dan Kaminsky
Wow. It's out. It's finally, finally out. Sweet!
http://www.securityfocus.com/columnists/477


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Radiance Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 30953
Remote: No
Date Published: 2008-09-24
Relevant URL: http://www.securityfocus.com/bid/30953
Summary:
Radiance creates temporary files in an insecure manner.

An attacker with local access could potentially exploit these issues to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

Radiance 3R9 is vulnerable; other versions may also be affected.

2. Postfix 'epoll' Linux Event Handler Local Denial of Service Vulnerability
BugTraq ID: 30977
Remote: No
Date Published: 2008-09-02
Relevant URL: http://www.securityfocus.com/bid/30977
Summary:
Postfix is prone to a local denial-of-service vulnerability because of a file-descriptor leak that occurs when it executes non-Postfix commands.

Local attackers can exploit this issue to trigger automatic Postfix shutdowns, denying service to legitimate users.

This issue affects Postfix 2.4 and later for Linux kernel 2.6 platforms.

3. ClamAV 'chmunpack.c' Invalid Memory Access Denial Of Service Vulnerability
BugTraq ID: 30994
Remote: Yes
Date Published: 2008-09-03
Relevant URL: http://www.securityfocus.com/bid/30994
Summary:
ClamAV is prone to a denial-of-service vulnerability because of invalid memory access errors when processing malformed CHM files.

Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

Versions prior to ClamAV 0.94 are vulnerable.

4. Wireshark 1.0.2 Multiple Vulnerabilities
BugTraq ID: 31009
Remote: Yes
Date Published: 2008-09-03
Relevant URL: http://www.securityfocus.com/bid/31009
Summary:
Wireshark is prone to multiple vulnerabilities, including buffer-overflow and denial-of-service issues.

Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may be able to leverage some of these vulnerabilities to execute arbitrary code, but this has not been confirmed.

These issues affect Wireshark 0.9.7 up to and including 1.0.2.

5. Xastir Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 31030
Remote: No
Date Published: 2008-09-05
Relevant URL: http://www.securityfocus.com/bid/31030
Summary:
Xastir creates temporary files in an insecure manner.

An attacker with local access could potentially exploit these issues to perform symlink attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

6. gmanedit Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 31040
Remote: Yes
Date Published: 2008-09-06
Relevant URL: http://www.securityfocus.com/bid/31040
Summary:
Gnome Manual Pages Editor ('gmanedit') is prone to multiple buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied input.

Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service.

These issues affect gmanedit 0.4.1; other versions may also be affected.

7. ClamAV Multiple Unspecified Memory Corruption Vulnerabilities
BugTraq ID: 31051
Remote: Yes
Date Published: 2008-09-06
Relevant URL: http://www.securityfocus.com/bid/31051
Summary:
ClamAV is prone to multiple unspecified memory-corruption vulnerabilities.

Attackers may be able to exploit these issues to exhaust resources or possibly crash the affected application, denying service to legitimate users. Attackers may also be able to obtain sensitive information and run arbitrary code.

Versions prior to ClamAV 0.94 are vulnerable.

8. GNU Emacs 'python.el' Code Execution Vulnerability
BugTraq ID: 31052
Remote: No
Date Published: 2008-09-05
Relevant URL: http://www.securityfocus.com/bid/31052
Summary:
GNU Emacs is prone to a local code-execution vulnerability.

Successful exploits may allow attackers to execute arbitrary code within the context of the user running the affected application.

Versions prior to the following are affected:

GNU Emacs 23.0.60_20080624-22-6
GNU Emacs 22.1-17-17

9. IBM DB2 Universal Database Server 8.2 Prior To Fixpak 17 Multiple Vulnerabilities
BugTraq ID: 31058
Remote: Yes
Date Published: 2008-09-01
Relevant URL: http://www.securityfocus.com/bid/31058
Summary:
IBM DB2 Universal Database Server is prone to multiple vulnerabilities:

- A remote denial-of-service issue related to CONNECT / ATTACH processing.
- An unspecified vulnerability in the DB2FMP process.
- A remote denial-of-service issue in DB2JDS.
- The DB2FMP process executes with system privileges under Windows.

An attacker may exploit these issues to deny service to legitimate users. Other attacks may also be possible.

The CONNECT / ATTACH issue may be related to the issue discussed in BID 27870 (IBM DB2 Universal Database Multiple Vulnerabilities).

Very few details are available regarding these issues. We will update this BID as more information emerges.

These issues affect versions prior to IBM DB2 Universal Database Server 8.2 Fixpak 17.

10. sSMTP 'from_format()' Uninitialized Memory Information Disclosure Vulnerability
BugTraq ID: 31094
Remote: Yes
Date Published: 2008-09-09
Relevant URL: http://www.securityfocus.com/bid/31094
Summary:
sSMTP is prone to an information-disclosure vulnerability.

Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

sSMTP 2.6.2 is vulnerable; other versions may also be affected.

11. Red Hat Enterprise IPA Master Kerberos Password Information Disclosure Vulnerability
BugTraq ID: 31111
Remote: Yes
Date Published: 2008-09-10
Relevant URL: http://www.securityfocus.com/bid/31111
Summary:
Red Hat Enterprise IPA is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain sensitive information that may lead to further attacks.

Red Hat Enterprise IPA version 1 for Red Hat Enterprise Linux 5 Server is vulnerable.

12. libxml XML Entity Name Heap Buffer Overflow Vulnerability
BugTraq ID: 31126
Remote: Yes
Date Published: 2008-09-11
Relevant URL: http://www.securityfocus.com/bid/31126
Summary:
libxml is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary within the context of the application using the libxml library. Failed exploit attempts will result in a denial-of-service vulnerability.

13. Linux kernel NFSv4 ACL Buffer Overflow Vulnerability
BugTraq ID: 31133
Remote: Yes
Date Published: 2008-09-11
Relevant URL: http://www.securityfocus.com/bid/31133
Summary:
The Linux kernel is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code or cause a denial-of-service condition.

Versions prior to Linux kernel 2.6.26.4 are vulnerable.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. Pandora FMS 1.2 released
http://www.securityfocus.com/archive/91/454078

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Sponsored by Ironkey: The World's Most Secure Flash Drive

You can now initiate and utilize IronKey flash drives on Linux operating systems based on kernel 2.6 and above.
IronKey uses military-grade AES hardware encryption and provides rugged and waterproof protection to safeguard your data.
https://www.iroky.com/forenterprise2

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Blog Archive