----------------------------------------
This issue is Sponsored by Verisign
Learn how to protect your online customers with SSL technology that not only keeps their information safe, but also lets them know your site is secure - Extended Validation (EV) SSL.
This new technology turns the address bar green in high security browsers.
http://ad.doubleclick.net/clk;208565397;30663982;v
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1. Standing on Other's Shoulders
2. Just Encase It's Not a Search
II. LINUX VULNERABILITY SUMMARY
1. 'tog-pegasus' Package for Red Hat Enterprise Linux Security Bypass Vulnerability
2. SuSE YaST2 Backup File Name Local Arbitrary Shell Command Injection Vulnerability
3. Samba Arbitrary Memory Contents Information Disclosure Vulnerability
4. Linux Kernel 'sendmsg()' Local Denial of Service Vulnerability
5. CUPS PNG Filter '_cupsImageReadPNG()' Integer Overflow Vulnerability
6. ClamAV 'cli_check_jpeg_exploit' Function Malformed JPEG File Remote Denial Of Service Vulnerability
7. MailScanner Multiple Insecure Temporary File Creation Vulnerabilities
8. Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
9. Sun Java Web Start and Java Plug-in Multiple Privilege Escalation Vulnerabilities
10. Ubuntu Privacy Remix S/ATA-Disks Security Bypass Vulnerability
11. RSyslog '$AllowedSender' Configuration Directive Security Bypass Vulnerability
12. Linux Kernel 'parisc_show_stack()' Local Denial of Service Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008)
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1.Standing on Other's Shoulders
By Chris Wysopal
"If I have seen a little further it is by standing on the shoulders of Giants," Issac Netwon once wrote to describe how he felt that his scientific work was an extension of the work of those who went before him. In the scientific realm it is dishonorable not to credit those upon whose work you build.
http://www.securityfocus.com/columnists/486
2.Just Encase It's Not a Search
By Mark Rasch
When is a search not really a search? If it's done by computer, according to U.S. government lawyers.
http://www.securityfocus.com/columnists/485
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. 'tog-pegasus' Package for Red Hat Enterprise Linux Security Bypass Vulnerability
BugTraq ID: 32460
Remote: No
Date Published: 2008-11-25
Relevant URL: http://www.securityfocus.com/bid/32460
Summary:
The 'tog-pegasus' package is prone to a security-bypass vulnerability.
Local attackers can exploit this issue to bypass certain security restrictions and send requests to WBEM services.
This issue occurs in the 'tog-pegasus' package built with Red Hat Enterprise Linux 5.
2. SuSE YaST2 Backup File Name Local Arbitrary Shell Command Injection Vulnerability
BugTraq ID: 32464
Remote: No
Date Published: 2008-11-25
Relevant URL: http://www.securityfocus.com/bid/32464
Summary:
SuSE YaST2 Backup is prone to a local command-injection vulnerability because it fails to adequately sanitize user-supplied input data.
Attackers can exploit this issue to execute arbitrary shell commands in the context of the vulnerable application. This may facilitate the complete compromise of affected computers.
3. Samba Arbitrary Memory Contents Information Disclosure Vulnerability
BugTraq ID: 32494
Remote: Yes
Date Published: 2008-11-27
Relevant URL: http://www.securityfocus.com/bid/32494
Summary:
Samba is prone to an information-disclosure vulnerability.
Successful exploits will allow attackers to obtain arbitrary memory contents.
This issue affects Samba 3.0.29 up to and including 3.2.4.
4. Linux Kernel 'sendmsg()' Local Denial of Service Vulnerability
BugTraq ID: 32516
Remote: No
Date Published: 2008-11-28
Relevant URL: http://www.securityfocus.com/bid/32516
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.
Attackers can exploit this issue to create a soft lockup of the vulnerable kernel or to invoke the 'oom-killer' kernel functionality, which may halt unrelated processes. This may result in a denial-of-service condition.
NOTE: This issue was either caused or revealed by the fix for BID 32154 (Linux Kernel '__scm_destroy()' Local Denial of Service Vulnerability).
The Linux kernel 2.6.27 and prior versions are affected.
5. CUPS PNG Filter '_cupsImageReadPNG()' Integer Overflow Vulnerability
BugTraq ID: 32518
Remote: Yes
Date Published: 2008-11-28
Relevant URL: http://www.securityfocus.com/bid/32518
Summary:
CUPS is prone to an integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied PNG image sizes before using them to allocate memory buffers.
Successful exploits may allow attackers to execute arbitrary code with the privileges of a user running the utilities. Failed exploit attempts likely cause denial-of-service conditions.
Versions prior to CUPS 1.3.10 are vulnerable.
6. ClamAV 'cli_check_jpeg_exploit' Function Malformed JPEG File Remote Denial Of Service Vulnerability
BugTraq ID: 32555
Remote: Yes
Date Published: 2008-12-01
Relevant URL: http://www.securityfocus.com/bid/32555
Summary:
ClamAV is prone to a denial-of-service vulnerability.
Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.
Versions prior to ClamAV 0.94.2 are vulnerable.
7. MailScanner Multiple Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 32557
Remote: No
Date Published: 2008-12-01
Relevant URL: http://www.securityfocus.com/bid/32557
Summary:
Multiple MailScanner scripts create temporary files in an insecure manner.
An attacker with local access could perform symbolic-link attacks, overwriting arbitrary files in the context of an affected application.
Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.
MailScanner 4.55.10 and 4.68.8 are vulnerable; other versions may also be affected.
8. Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
BugTraq ID: 32608
Remote: Yes
Date Published: 2008-12-03
Relevant URL: http://www.securityfocus.com/bid/32608
Summary:
Sun Java Runtime Environment and Java Development Kit are prone to multiple security vulnerabilities.
Successful exploits may allow attackers to violate the same-origin policy, obtain sensitive information, bypass security restrictions, run untrusted applets with elevated privileges, and cause denial-of-service conditions. This may result in a compromise of affected computers.
These issues affect versions prior to the following:
JDK and JRE 6 Update 11 or later
JDK and JRE 5.0 Update 17 or later
SDK and JRE 1.4.2_19 or later
SDK and JRE 1.3.1_24 or later
9. Sun Java Web Start and Java Plug-in Multiple Privilege Escalation Vulnerabilities
BugTraq ID: 32620
Remote: Yes
Date Published: 2008-12-03
Relevant URL: http://www.securityfocus.com/bid/32620
Summary:
Sun Java Web Start and Java Plug-in are prone to multiple privilege-escalation vulnerabilities.
Successful exploits may allow attackers to violate the same-origin policy, obtain sensitive information, bypass security, or read, write, and execute arbitrary files in the context of the user running a vulnerable application. This may result in a compromise of the underlying system.
This issue affects the following versions:
JDK and JRE 6 Update 10 and earlier
JDK and JRE 5.0 Update 16 and earlier
SDK and JRE 1.4.2_18 and earlier
SDK and JRE 1.3.1_23 and earlier
10. Ubuntu Privacy Remix S/ATA-Disks Security Bypass Vulnerability
BugTraq ID: 32629
Remote: No
Date Published: 2008-12-04
Relevant URL: http://www.securityfocus.com/bid/32629
Summary:
Ubuntu Privacy Remix (UPR) is prone to a security-bypass vulnerability that may allow attackers to modify the operating system.
Attackers can exploit this issue to mount S-/ATA-Disks onto the affected computer. This will allow attackers to bypass the privacy mechanism used by the live-CD. Successfully exploiting this issue may compromise the privacy of users.
Versions prior to Ubutnu Privacy Remix 8.04 r1 are vulnerable.
11. RSyslog '$AllowedSender' Configuration Directive Security Bypass Vulnerability
BugTraq ID: 32630
Remote: Yes
Date Published: 2008-12-04
Relevant URL: http://www.securityfocus.com/bid/32630
Summary:
RSyslog is prone to a security-bypass vulnerability because of an error in the daemon's ACL (Access Control List) handling.
Attackers can exploit this issue to bypass ACL restrictions that limit which hosts may send messages to the daemon. Successful exploits can result in misleading log entries or denial-of-service conditions. Other attacks may also be possible.
12. Linux Kernel 'parisc_show_stack()' Local Denial of Service Vulnerability
BugTraq ID: 32636
Remote: No
Date Published: 2008-12-04
Relevant URL: http://www.securityfocus.com/bid/32636
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.
Local attackers can exploit this issue to crash the affected computer, denying service to legitimate users.
Versions prior to Linux kernel 2.6.28-rc7 are vulnerable. Note that this issue applies to PA-RISC 32-bit and 64-bit architectures.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. CanSecWest 2009 CFP (March 18-20 2009, Deadline December 8 2008)
http://www.securityfocus.com/archive/91/498639
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by Verisign
Learn how to protect your online customers with SSL technology that not only keeps their information safe, but also lets them know your site is secure - Extended Validation (EV) SSL.
This new technology turns the address bar green in high security browsers.
http://ad.doubleclick.net/clk;208565397;30663982;v
No comments:
Post a Comment