News

Thursday, October 23, 2008

SecurityFocus Linux Newsletter #412

SecurityFocus Linux Newsletter #412
----------------------------------------

This issue is sponsored by HP:

Very few applications are bulletproof from hackers. During this 12 minute unscripted video, you.ll sit in a virtual conference room with two of the world's most well-known white hat hackers, Caleb Sima and Billy Hoffman.
During this whiteboard session, they demonstrate just how easy it is to break-into a private corporate network through the web application and own the back-end database. During this video, you will learn just how easy it is to hack into web applications and hear how hackers execute some of their favorite attacks: client side pricing attack, session hijacking, fuzzing and SQL Injection.
https://h30406.www3.hp.com/campaigns/2008/wwcampaign/1-4W4AD/index.php?mcc=DZRV&jumpid=edm_r11374_us/en/large/tsg/w1_Hackers_vid_securityfocus/mcc_DZRV/20081020/


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Clicking to the Past
2. The Vice of Vice Presidential E-Mail
II. LINUX VULNERABILITY SUMMARY
1. Linux Kernel i915 Driver 'drivers/char/drm/i915_dma.c' Memory Corruption Vulnerability
2. Hitachi JP1/File Transmission Server/FTP File Modfication Unauthorized Access Vulnerability
3. F-Secure Multiple Products RPM File Integer Overflow Vulnerability
4. Linux Kernel SCTP Protocol Violation Remote Denial of Service Vulnerability
5. IBM DB2 Universal Database Prior to 9.1 Fixpak 6 Multiple Vulnerabilities
6. GNU Enscript 'src/psgen.c' Stack Based Buffer Overflow Vulnerability
7. Mantis 'string_api.php' Issue Number Information Disclosure Vulnerability
8. 'imlib2' Library Multiple Unspecified Vulnerabilities
III. LINUX FOCUS LIST SUMMARY
1. ANNOUNCE: New iptables(8) firewall script release, many new features
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Clicking to the Past
By Chris Wysopal
When the first details trickled out about a new attack, dubbed .clickjacking. by the researchers who found it, the descriptions made me think of the tricks I used to pull during penetration tests ten years ago to get administrator privileges: Tricking the user into issuing a command on an attacker.s behalf is one of the oldest attack vectors in the book.
http://www.securityfocus.com/columnists/483

2a .The Vice of Vice Presidential E-Mail
By Mark Rasch
Is it a crime to read someone else's e-mail without their consent? Seems like a simple question, but the law is not so clear. In mid-September 2008, a hacker using the handle "Rubico" claim credit for breaking into the Yahoo! e-mail account of Governor Sarah Palin, the Republican Vice Presidential candidate. In a post online, Rubico wrote that he had been following news reports that claimed Palin had been using her personal Yahoo e-mail account for official government business.
In the early 90's, I attended an academic conference in Hawaii. At one presentation, a colleague from the University of California at Berkeley whom I'll refer to as "the supervisor," told a story of young hackers, who he referred to as the Urchins
http://www.securityfocus.com/columnists/482


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Linux Kernel i915 Driver 'drivers/char/drm/i915_dma.c' Memory Corruption Vulnerability
BugTraq ID: 31792
Remote: No
Date Published: 2008-10-16
Relevant URL: http://www.securityfocus.com/bid/31792
Summary:
The Linux kernel is prone to a memory-corruption vulnerability because of insufficient boundary checks in the i915 driver.

Local attackers could exploit this issue to cause denial-of-service conditions, bypass certain security restrictions, and potentially access sensitive information or gain elevated privileges.

This issue affects Linux kernel 2.6.24.6 and prior versions.

2. Hitachi JP1/File Transmission Server/FTP File Modfication Unauthorized Access Vulnerability
BugTraq ID: 31803
Remote: Yes
Date Published: 2008-10-17
Relevant URL: http://www.securityfocus.com/bid/31803
Summary:
Hitachi JP1/File Transmission Server/FTP is prone to a vulnerability that may allow attackers to modify file permissions.

An attacker can exploit this issue to gain unauthorized access to files located on the FTP server. This may lead to other attacks.

3. F-Secure Multiple Products RPM File Integer Overflow Vulnerability
BugTraq ID: 31846
Remote: Yes
Date Published: 2008-10-21
Relevant URL: http://www.securityfocus.com/bid/31846
Summary:
Multiple F-Secure products are prone to an integer-overflow vulnerability because the applications fail to properly handle malformed RPM files.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the vulnerable applications. Failed exploit attempts will likely cause denial-of-service conditions.

4. Linux Kernel SCTP Protocol Violation Remote Denial of Service Vulnerability
BugTraq ID: 31848
Remote: Yes
Date Published: 2008-10-21
Relevant URL: http://www.securityfocus.com/bid/31848
Summary:
The Linux kernel is prone to a remote denial-of-service vulnerability because it fails to handle SCTP protocol violations.

Attackers can exploit this issue to cause a kernel panic, denying service to legitimate users.

Versions prior to Linux kernel 2.6.27 are vulnerable.

5. IBM DB2 Universal Database Prior to 9.1 Fixpak 6 Multiple Vulnerabilities
BugTraq ID: 31856
Remote: Yes
Date Published: 2008-10-21
Relevant URL: http://www.securityfocus.com/bid/31856
Summary:
IBM DB2 Universal Database is prone to multiple vulnerabilities.

Successful exploits may allow attackers to obtain sensitive information or cause a denial-of-service condition.

Versions prior to DB2 9.1 Fixpak 6 are affected.

6. GNU Enscript 'src/psgen.c' Stack Based Buffer Overflow Vulnerability
BugTraq ID: 31858
Remote: Yes
Date Published: 2008-10-22
Relevant URL: http://www.securityfocus.com/bid/31858
Summary:
GNU Enscript is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

GNU Enscript 1.6.1 and 1.6.4 (beta) are vulnerable; other versions may also be affected.

7. Mantis 'string_api.php' Issue Number Information Disclosure Vulnerability
BugTraq ID: 31868
Remote: Yes
Date Published: 2008-10-22
Relevant URL: http://www.securityfocus.com/bid/31868
Summary:
Mantis is prone to an information-disclosure vulnerability because the application fails to protect private information.

Attackers may exploit this issue to retrieve sensitive information that may aid in further attacks.

Versions prior to Mantis 1.1.3 are vulnerable.

8. 'imlib2' Library Multiple Unspecified Vulnerabilities
BugTraq ID: 31880
Remote: Yes
Date Published: 2008-10-21
Relevant URL: http://www.securityfocus.com/bid/31880
Summary:
The 'imlib2' Library is prone to multiple unspecified vulnerabilities.

Very few details are available. We will update this BID as more information emerges.

Theses issues affect versions prior to 'imlib2' 1.4.2.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. ANNOUNCE: New iptables(8) firewall script release, many new features
http://www.securityfocus.com/archive/91/497568

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by HP:

Very few applications are bulletproof from hackers. During this 12 minute unscripted video, you.ll sit in a virtual conference room with two of the world's most well-known white hat hackers, Caleb Sima and Billy Hoffman.
During this whiteboard session, they demonstrate just how easy it is to break-into a private corporate network through the web application and own the back-end database. During this video, you will learn just how easy it is to hack into web applications and hear how hackers execute some of their favorite attacks: client side pricing attack, session hijacking, fuzzing and SQL Injection.
https://h30406.www3.hp.com/campaigns/2008/wwcampaign/1-4W4AD/index.php?mcc=DZRV&jumpid=edm_r11374_us/en/large/tsg/w1_Hackers_vid_securityfocus/mcc_DZRV/20081020/

No comments:

Blog Archive