----------------------------------------
This issue is sponsored by HP:
Download a FREE trial of HP WebInspect
Application attacks are growing more prevalent. New attacks are in the news each day. Now it's time for you to assess your applications and start detecting and removing vulnerabilities.
HP can help, with a full suite of application security solutions. Get started today with a complimentary trial download that uses an HP test application. Thoroughly analyze today's complex web applications in a runtime environment with fast scanning capabilities, broad assessment coverage and accurate web application scanning results.
Download WebInspect now:
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1.The Vice of Vice Presidential E-Mail
2.Blaming the Good Samaritan
II. LINUX VULNERABILITY SUMMARY
1. Lighttpd URI Rewrite/Redirect Information Disclosure Vulnerability
2. Lighttpd 'mod_userdir' Case Sensitive Comparison Security Bypass Vulnerability
3. D-Bus 'dbus_signature_validate()' Type Signature Denial of Service Vulnerability
4. PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
5. Condor Prior to 7.0.5 Multiple Security Vulnerabilities
6. Linux Kernel SCTP INIT-ACK AUTH Extension Remote Denial of Service Vulnerability
7. Drupal Multiple Modules Security Bypass Vulnerabilities
8. HP System Management Homepage (SMH) for Linux and Windows Cross Site Scripting Vulnerability
9. Computer Associates ARCserve Backup Multiple Remote Vulnerabilities
10. CUPS 'HP-GL/2' Filter Remote Code Execution Vulnerability
11. CUPS Multiple Heap Based Buffer Overflow Vulnerabilities
12. Ruby 'resolv.rb' Predictable Transaction ID and Source Port DNS Spoofing Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.The Vice of Vice Presidential E-Mail
By Mark Rasch
Seems like a simple question, but the law is not so clear. In mid-September 2008, a hacker using the handle "Rubico" claim credit for breaking into the Yahoo! e-mail account of Governor Sarah Palin, the Republican Vice Presidential candidate. In a post online, Rubico wrote that he had been following news reports that claimed Palin had been using her personal Yahoo e-mail account for official government business.
http://www.securityfocus.com/columnists/482
2.Blaming the Good Samaritan
By Houston Carr
In the early 90's, I attended an academic conference in Hawaii. At one presentation, a colleague from the University of California at Berkeley whom I'll refer to as "the supervisor," told a story of young hackers, who he referred to as the Urchins
http://www.securityfocus.com/columnists/481
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Lighttpd URI Rewrite/Redirect Information Disclosure Vulnerability
BugTraq ID: 31599
Remote: Yes
Date Published: 2008-10-06
Relevant URL: http://www.securityfocus.com/bid/31599
Summary:
Lighttpd is prone to an information-disclosure vulnerability because it performs redirect operations on URIs before decoding them.
Attackers can exploit this issue to bypass expected filters or rewrite rules and may gain unauthorized access to certain resources. Other attacks may also be possible.
Versions prior to Lighttpd 1.4.20 are vulnerable.
2. Lighttpd 'mod_userdir' Case Sensitive Comparison Security Bypass Vulnerability
BugTraq ID: 31600
Remote: Yes
Date Published: 2008-10-06
Relevant URL: http://www.securityfocus.com/bid/31600
Summary:
The 'lighttpd' program is prone to a security-bypass vulnerability that occurs in the 'mod_userdir' module.
Attackers can exploit this issue to bypass certain security restrictions and obtain sensitive information. This may lead to other attacks.
Versions prior to 'lighttpd' 1.4.20 are vulnerable.
3. D-Bus 'dbus_signature_validate()' Type Signature Denial of Service Vulnerability
BugTraq ID: 31602
Remote: No
Date Published: 2008-10-06
Relevant URL: http://www.securityfocus.com/bid/31602
Summary:
D-Bus is prone to a local denial-of-service vulnerability because it fails to handle malformed signatures contained in messages.
Local attackers can exploit this issue to crash an application that uses the affected library, denying service to legitimate users.
This issue affects D-BUS 1.2.1; other versions may also be affected.
4. PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
BugTraq ID: 31612
Remote: Yes
Date Published: 2008-10-07
Relevant URL: http://www.securityfocus.com/bid/31612
Summary:
PHP is prone to a denial-of-service vulnerability because the application fails to handle certain file requests.
Attackers can exploit this issue to crash the affected application, denying service to legitimate users.
PHP 4.4 prior to 4.4.9 and PHP 5.2 through 5.2.6 are vulnerable.
5. Condor Prior to 7.0.5 Multiple Security Vulnerabilities
BugTraq ID: 31621
Remote: Yes
Date Published: 2008-10-07
Relevant URL: http://www.securityfocus.com/bid/31621
Summary:
Condor is prone to multiple vulnerabilities, including:
- A privilege-escalation issue related to job submission
- A stack-based buffer-overflow vulnerability in 'cron-schedd'
- A denial-of-service vulnerability in 'cron-schedd'
- An access-validation vulnerability
These issues affect versions prior to Condor 7.0.5.
6. Linux Kernel SCTP INIT-ACK AUTH Extension Remote Denial of Service Vulnerability
BugTraq ID: 31634
Remote: Yes
Date Published: 2008-10-08
Relevant URL: http://www.securityfocus.com/bid/31634
Summary:
The Linux kernel is prone to a remote denial-of-service vulnerability because it fails to handle mismatched SCTP AUTH extension settings between peers.
Attackers can exploit this issue to cause a kernel panic, denying service to legitimate users.
Versions prior to Linux kernel 2.6.27-rc6-git6 are vulnerable.
7. Drupal Multiple Modules Security Bypass Vulnerabilities
BugTraq ID: 31660
Remote: Yes
Date Published: 2008-10-08
Relevant URL: http://www.securityfocus.com/bid/31660
Summary:
Multiple Drupal Modules are prone to security-bypass vulnerabilities that may allow attackers to gain access to administrative or sensitive areas of the application without the appropriate privileges.
These issues affect versions prior to the following:
Live module 6.x-1.0
AJAX Picture Preview module 6.x-1.2
Admin:hover module 6.x-1.x-dev before 2008-Oct-08
Banner Rotor Module 6.x-1.3
Creative Commons Lite 6.x-1.1
Keyboard shortcut utilty 6.x-1.1
LiveJournal CrossPoster 6.x-1.4
Taxonomy import/export via XML 6.x-1.2
User Referral 6.x-1.x-dev before 2008-Oct-08
8. HP System Management Homepage (SMH) for Linux and Windows Cross Site Scripting Vulnerability
BugTraq ID: 31663
Remote: Yes
Date Published: 2008-10-09
Relevant URL: http://www.securityfocus.com/bid/31663
Summary:
HP System Management Homepage (SMH) is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input.
Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected site. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
Versions prior to SMH 2.1.15.210 for Linux and Windows are vulnerable.
9. Computer Associates ARCserve Backup Multiple Remote Vulnerabilities
BugTraq ID: 31684
Remote: Yes
Date Published: 2008-10-09
Relevant URL: http://www.securityfocus.com/bid/31684
Summary:
Computer Associates ARCserve Backup is prone to multiple remote vulnerabilities.
Successful exploits allow remote attackers to cause denial-of-service conditions or to execute arbitrary commands in the context of the affected application. This may result in a complete compromise of affected computers.
The following applications are affected:
CA BrightStor ARCserve Backup r11.1, r11.5, r12.0 for Windows
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
10. CUPS 'HP-GL/2' Filter Remote Code Execution Vulnerability
BugTraq ID: 31688
Remote: Yes
Date Published: 2008-10-09
Relevant URL: http://www.securityfocus.com/bid/31688
Summary:
CUPS is prone to a remote code-execution vulnerability caused by an error in the 'HP-GL/2 filter.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Note that local users may also exploit this vulnerability to elevate privileges.
Successful remote exploits may require printer sharing to be enabled on the vulnerable system.
The issue affects versions prior to CUPS 1.3.9.
NOTE: This issue was previously discussed in BID 31681 (Apple Mac OS X 2008-007 Multiple Security Vulnerabilities), but has been assigned its own record to better document the vulnerability.
11. CUPS Multiple Heap Based Buffer Overflow Vulnerabilities
BugTraq ID: 31690
Remote: Yes
Date Published: 2008-10-09
Relevant URL: http://www.securityfocus.com/bid/31690
Summary:
CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before using it to allocate memory buffers.
Remote attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Note that local attackers may also exploit these vulnerabilities to elevate privileges.
Successful remote exploits may require printer sharing to be enabled on the vulnerable system.
These issues affect versions prior to CUPS 1.3.9.
12. Ruby 'resolv.rb' Predictable Transaction ID and Source Port DNS Spoofing Vulnerability
BugTraq ID: 31699
Remote: Yes
Date Published: 2008-10-10
Relevant URL: http://www.securityfocus.com/bid/31699
Summary:
Ruby is prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries.
Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks.
The following versions of Ruby are affected:
1.8.5 and prior
1.8.6-p286 and prior
1.8.7-p71 and prior
1.9 r18423 and prior
III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is sponsored by HP:
Download a FREE trial of HP WebInspect
Application attacks are growing more prevalent. New attacks are in the news each day. Now it's time for you to assess your applications and start detecting and removing vulnerabilities.
HP can help, with a full suite of application security solutions. Get started today with a complimentary trial download that uses an HP test application. Thoroughly analyze today's complex web applications in a runtime environment with fast scanning capabilities, broad assessment coverage and accurate web application scanning results.
Download WebInspect now:
No comments:
Post a Comment