News

Wednesday, November 26, 2008

SecurityFocus Linux Newsletter #416

SecurityFocus Linux Newsletter #416
----------------------------------------

This issue is Sponsored by Absolute Software

Securing Laptops in the Field . Live Webinar
Minimize laptop theft and data loss by managing laptops outside the network. In this Dec. 9 webinar, IT asset management specialist at Farmers Insurance explains how he remotely audits end-user hardware and wipes out data on lost or stolen computers.

http://www.absolute.com/public/landing/CIO1208/default.asp?ref=SF1108-CIOwebinar


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Just Encase It's Not a Search
2.Microsoft's Stance on Piracy Affects Us All
II. LINUX VULNERABILITY SUMMARY
1. libxml2 'xmlSAX2Characters()' Integer Overflow Vulnerability
2. libxml2 'xmlBufferResize()' Remote Denial of Service Vulnerability
3. No-IP Dynamic Update Client for Linux Remote Buffer Overflow Vulnerability
4. Mozilla Firefox/Thunderbird/Seamokey Arbitrary Image Cross Domain Security Bypass Vulnerability
5. Mozilla Thunderbird and SeaMonkey 'mailnews' Information Disclosure Vulnerability
6. Verlihub Trigger Remote Command Execution Vulnerability
7. hf Local Privilege Escalation Vulnerability
8. 'tog-pegasus' Package for Red Hat Enterprise Linux Security Bypass Vulnerability
9. SuSE YaST2 Backup File Name Local Arbitrary Shell Command Injection Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008)
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Just Encase It's Not a Search
By Mark Rasch
When is a search not really a search? If it.s done by computer, according to U.S. government lawyers.
http://www.securityfocus.com/columnists/485

2.Microsoft's Stance on Piracy Affects Us All
By Oliver Day
For the last few years, Microsoft has wrestled with their stance on piracy. Pirated operating systems are just like legitimate operating systems in terms of their exposure to vulnerabilities: Users must install patches or they will be compromised.
http://www.securityfocus.com/columnists/484


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. libxml2 'xmlSAX2Characters()' Integer Overflow Vulnerability
BugTraq ID: 32326
Remote: Yes
Date Published: 2008-11-17
Relevant URL: http://www.securityfocus.com/bid/32326
Summary:
The 'libxml2' library is prone to an integer-overflow vulnerability because it fails to properly verify user-supplied data when handling XML files.

Successful exploits of this vulnerability allow remote attackers to execute arbitrary machine code in the context of an affected application. Failed exploits may crash the application.

This issue affects libxml2-2.7.2; other versions may also be affected.

2. libxml2 'xmlBufferResize()' Remote Denial of Service Vulnerability
BugTraq ID: 32331
Remote: Yes
Date Published: 2008-11-17
Relevant URL: http://www.securityfocus.com/bid/32331
Summary:
The 'libxml2' library is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to cause the affected application using the library to fall into an infinite loop, denying service to legitimate users.

This issue affects libxml2-2.7.2; other versions may also be affected.

3. No-IP Dynamic Update Client for Linux Remote Buffer Overflow Vulnerability
BugTraq ID: 32344
Remote: Yes
Date Published: 2008-11-18
Relevant URL: http://www.securityfocus.com/bid/32344
Summary:
No-IP Dynamic Update Client (DUC) is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check input messages.

An attacker can exploit this issue by enticing an unsuspecting user into connecting to a malicious server. Successful attacks will allow arbitrary code to run within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

DUC 2.1.7 for Linux is vulnerable; other versions may also be affected.

4. Mozilla Firefox/Thunderbird/Seamokey Arbitrary Image Cross Domain Security Bypass Vulnerability
BugTraq ID: 32351
Remote: Yes
Date Published: 2008-11-18
Relevant URL: http://www.securityfocus.com/bid/32351
Summary:
Mozilla Firefox, Thunderbird, and Seamonkey are prone to a cross-domain security-bypass vulnerability that can allow an attacker to bypass the same-origin policy.

The attacker can exploit this issue to access arbitrary images from other domains.

Versions prior to Firefox 2.0.0.18 are vulnerable.

NOTE: This issue was previously included in BID 32281 'Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities', but has been given its own record to better document the issue.

5. Mozilla Thunderbird and SeaMonkey 'mailnews' Information Disclosure Vulnerability
BugTraq ID: 32363
Remote: Yes
Date Published: 2008-11-19
Relevant URL: http://www.securityfocus.com/bid/32363
Summary:
Mozilla Thunderbird and SeaMonkey are prone to an information-disclosure vulnerability because they allow JavaScript to access certain DOM properties.

An attacker can exploit the issue to obtain sensitive 'mailnews' information such as the computer account name. Information harvested may aid in further attacks.

Versions prior to Mozilla Thunderbird 2.0.0.18 and SeaMonkey 1.1.13 are vulnerable.

6. Verlihub Trigger Remote Command Execution Vulnerability
BugTraq ID: 32420
Remote: Yes
Date Published: 2008-11-21
Relevant URL: http://www.securityfocus.com/bid/32420
Summary:
Verlihub is prone to a remote command-execution vulnerability because it fails to sufficiently validate user input.

Successfully exploiting this issue would allow an attacker to execute arbitrary commands on an affected computer in the context of the affected application.

Verlihub 0.9.8d RC2 is vulnerable; other versions may also be affected.

7. hf Local Privilege Escalation Vulnerability
BugTraq ID: 32421
Remote: No
Date Published: 2008-11-22
Relevant URL: http://www.securityfocus.com/bid/32421
Summary:
The 'hf' package is prone to a local privilege-escalation vulnerability.

A local attacker may exploit this issue to gain elevated privileges.

This issue affects hf 0.7.3 and 0.8; other versions may also be vulnerable.

8. 'tog-pegasus' Package for Red Hat Enterprise Linux Security Bypass Vulnerability
BugTraq ID: 32460
Remote: No
Date Published: 2008-11-25
Relevant URL: http://www.securityfocus.com/bid/32460
Summary:
The 'tog-pegasus' package is prone to a security-bypass vulnerability.

Local attackers can exploit this issue to bypass certain security restrictions and send requests to WBEM services.

This issue occurs in the 'tog-pegasus' package built with Red Hat Enterprise Linux 5.

9. SuSE YaST2 Backup File Name Local Arbitrary Shell Command Injection Vulnerability
BugTraq ID: 32464
Remote: No
Date Published: 2008-11-25
Relevant URL: http://www.securityfocus.com/bid/32464
Summary:
SuSE YaST2 Backup is prone to a local command-injection vulnerability because it fails to adequately sanitize user-supplied input data.

Attackers can exploit this issue to execute arbitrary shell commands in the context of the vulnerable application. This may facilitate the complete compromise of affected computers.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008)
http://www.securityfocus.com/archive/91/498639

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by Absolute Software

Securing Laptops in the Field . Live Webinar
Minimize laptop theft and data loss by managing laptops outside the network. In this Dec. 9 webinar, IT asset management specialist at Farmers Insurance explains how he remotely audits end-user hardware and wipes out data on lost or stolen computers.

http://www.absolute.com/public/landing/CIO1208/default.asp?ref=SF1108-CIOwebinar

No comments:

Blog Archive