News

Wednesday, September 17, 2008

SecurityFocus Linux Newsletter #407

SecurityFocus Linux Newsletter #407
----------------------------------------

This issue is sponsored by Sponsored by Ironkey: The World's Most Secure Flash Drive

You can now initiate and utilize IronKey flash drives on Linux operating systems based on kernel 2.6 and above.
IronKey uses military-grade AES hardware encryption and provides rugged and waterproof protection to safeguard your data.
https://www.ironkey.com/forenterprise2


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.SATAN'S Helper
2.Get Off My Cloud
II. LINUX VULNERABILITY SUMMARY
1. Radiance Insecure Temporary File Creation Vulnerabilities
2. sSMTP 'from_format()' Uninitialized Memory Information Disclosure Vulnerability
3. Red Hat Enterprise IPA Master Kerberos Password Information Disclosure Vulnerability
4. libxml XML Entity Name Heap Buffer Overflow Vulnerability
5. Linux kernel NFSv4 ACL Buffer Overflow Vulnerability
6. Linux Kernel s390 ptrace Denial Of Service Vulnerability
7. Python 'move-faqwiz.sh' Insecure Temporary File Creation Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. Pandora FMS 1.2 released
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.SATAN's Helper
By Federico Biancuzzi
SecurityFocus contributor Federico Biancuzzi chatted up Venema to talk about software security, how to improve the code quality, what solutions we might have to fight spam successfully, the principle of least privilege, and the philosophy behind the design of Postfix.
Venema is currently a researcher at IBM's T.J. Watson Research Center
http://www.securityfocus.com/columnists/479

2.Get Off My Cloud
By Mark Rasch
One of the features of Apple's device that appeals to me is the new MobileMe service, where you can "access and manage your email, contacts, calendar, photos, and files at me.com," according to Apple.
More companies, among them Microsoft and Google, already allow people to store information and use common services online -- or "in the cloud" -- leading analysts to refer to the entire trend as "cloud computing."
http://www.securityfocus.com/columnists/478


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Radiance Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 30953
Remote: No
Date Published: 2008-09-24
Relevant URL: http://www.securityfocus.com/bid/30953
Summary:
Radiance creates temporary files in an insecure manner.

An attacker with local access could potentially exploit these issues to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

Radiance 3R9 is vulnerable; other versions may also be affected.

2. sSMTP 'from_format()' Uninitialized Memory Information Disclosure Vulnerability
BugTraq ID: 31094
Remote: Yes
Date Published: 2008-09-09
Relevant URL: http://www.securityfocus.com/bid/31094
Summary:
sSMTP is prone to an information-disclosure vulnerability.

Remote attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

sSMTP 2.6.2 is vulnerable; other versions may also be affected.

3. Red Hat Enterprise IPA Master Kerberos Password Information Disclosure Vulnerability
BugTraq ID: 31111
Remote: Yes
Date Published: 2008-09-10
Relevant URL: http://www.securityfocus.com/bid/31111
Summary:
Red Hat Enterprise IPA is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain sensitive information that may lead to further attacks.

Red Hat Enterprise IPA version 1 for Red Hat Enterprise Linux 5 Server is vulnerable.

4. libxml XML Entity Name Heap Buffer Overflow Vulnerability
BugTraq ID: 31126
Remote: Yes
Date Published: 2008-09-11
Relevant URL: http://www.securityfocus.com/bid/31126
Summary:
The 'libxml' library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service vulnerability.

5. Linux kernel NFSv4 ACL Buffer Overflow Vulnerability
BugTraq ID: 31133
Remote: Yes
Date Published: 2008-09-11
Relevant URL: http://www.securityfocus.com/bid/31133
Summary:
The Linux kernel is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code or cause a denial-of-service condition.

Versions prior to Linux kernel 2.6.26.4 are vulnerable.

6. Linux Kernel s390 ptrace Denial Of Service Vulnerability
BugTraq ID: 31177
Remote: No
Date Published: 2008-09-10
Relevant URL: http://www.securityfocus.com/bid/31177
Summary:
The Linux kernel is prone to a denial-of-service vulnerability when process traces are performed on 32-bit computers.

Local attackers can leverage the issue to crash the kernel and deny service to legitimate users.

The vulnerability affects versions prior to 2.6.27-rc6 for the s390 architecture.

7. Python 'move-faqwiz.sh' Insecure Temporary File Creation Vulnerability
BugTraq ID: 31184
Remote: No
Date Published: 2008-09-15
Relevant URL: http://www.securityfocus.com/bid/31184
Summary:
Python creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

Python 2.3.4 is vulnerable; other versions may also be affected.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. Pandora FMS 1.2 released
http://www.securityfocus.com/archive/91/454078

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Sponsored by Ironkey: The World's Most Secure Flash Drive

You can now initiate and utilize IronKey flash drives on Linux operating systems based on kernel 2.6 and above.
IronKey uses military-grade AES hardware encryption and provides rugged and waterproof protection to safeguard your data.
https://www.ironkey.com/forenterprise2

No comments:

Blog Archive