News

Saturday, December 27, 2008

SecurityFocus Linux Newsletter #419

SecurityFocus Linux Newsletter #419
----------------------------------------

This issue is sponsored by Purewire

NEW! White Paper:
"Hackers Announce Open Season on Web 2.0 Users and Browsers"

Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's.
Download this white paper now to mitigate your online security risks.
http://www.purewire.com/lp/sec


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Time to Exclude Bad ISPs
2.Standing on Other's Shoulders
II. LINUX VULNERABILITY SUMMARY
1. GpsDrive Multiple Insecure Temporary File Creation Vulnerabilities
2. Adobe Flash Player Unspecified Remote Security Vulnerability
3. libvirt Local Security Bypass Vulnerability
4. Courier-Authlib Non-Latin Character Handling Postgres SQL Injection Vulnerability
5. PHP 'mbstring' Extension Buffer Overflow Vulnerability
6. Git gitweb 'diff.external' Local Privilege Escalation Vulnerability
7. Linux Kernel 'qdisc_run()' Local Denial of Service Vulnerability
8. Linux Kernel 'ib700wdt.c' Buffer Underflow Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Time to Exclude Bad ISPs
By Oliver Day
In recent months, three questionable Internet service providers - EstDomains, Atrivo, and McColo - were effectively taken offline resulting in noticeable drops of malware and spam.
http://www.securityfocus.com/columnists/487

2. Standing on Other's Shoulders
By Chris Wysopal
"If I have seen a little further it is by standing on the shoulders of Giants," Issac Netwon once wrote to describe how he felt that his scientific work was an extension of the work of those who went before him. In the scientific realm it is dishonorable not to credit those upon whose work you build.
http://www.securityfocus.com/columnists/486


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. GpsDrive Multiple Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 32887
Remote: No
Date Published: 2008-12-17
Relevant URL: http://www.securityfocus.com/bid/32887
Summary:
GpsDrive create temporary files in an insecure manner.

An attacker with local access could perform symbolic-link attacks, overwriting arbitrary files in the context of an affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

GpsDrive 2.10~pre4-6.dfsg-1 is vulnerable; other versions may also be affected.

2. Adobe Flash Player Unspecified Remote Security Vulnerability
BugTraq ID: 32896
Remote: Yes
Date Published: 2008-12-17
Relevant URL: http://www.securityfocus.com/bid/32896
Summary:
Adobe Flash Player is prone to an unspecified security vulnerability.

Remote attackers may exploit this vulnerability to compromise an affected computer.

No further technical details are currently available. We will update this BID as more information emerges.

This issue affects Flash Player on Linux platforms.

Versions prior to Flash Player 10.0.15.3 and 9.0.152.0 are vulnerable.

3. libvirt Local Security Bypass Vulnerability
BugTraq ID: 32905
Remote: No
Date Published: 2008-12-18
Relevant URL: http://www.securityfocus.com/bid/32905
Summary:
libvirt is prone to a local security-bypass vulnerability.

Successful exploitation of this issue may give attackers access to privileged operations.

This issue affects libvirt versions 0.3.2 through 0.5.1.

4. Courier-Authlib Non-Latin Character Handling Postgres SQL Injection Vulnerability
BugTraq ID: 32926
Remote: Yes
Date Published: 2008-12-19
Relevant URL: http://www.securityfocus.com/bid/32926
Summary:
Courier-Authlib is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Versions prior to Courier-Authlib 0.62.0 are vulnerable.

5. PHP 'mbstring' Extension Buffer Overflow Vulnerability
BugTraq ID: 32948
Remote: Yes
Date Published: 2008-12-21
Relevant URL: http://www.securityfocus.com/bid/32948
Summary:
PHP is prone to a buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. The issue affects the 'mbstring' extension included in the standard distribution.

An attacker can exploit this issue to execute arbitrary machine code in the context of the affected webserver. Failed exploit attempts will likely crash the webserver, denying service to legitimate users.

PHP versions 4.3.0 up to and including 5.2.6 are vulnerable.

6. Git gitweb 'diff.external' Local Privilege Escalation Vulnerability
BugTraq ID: 32967
Remote: No
Date Published: 2008-12-22
Relevant URL: http://www.securityfocus.com/bid/32967
Summary:
Git gitweb is prone to a local privilege-escalation vulnerability.

A local attacker may exploit this issue to gain elevated privileges.

Versions prior to Git 1.5.4.7, 1.5.5.6, 1.5.6.6 and 1.6.0.6 are vulnerable.

7. Linux Kernel 'qdisc_run()' Local Denial of Service Vulnerability
BugTraq ID: 32985
Remote: No
Date Published: 2008-12-23
Relevant URL: http://www.securityfocus.com/bid/32985
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

Local attackers can exploit this issue to cause a soft lockup, denying service to legitimate users.

Versions prior to Linux kernel 2.6.25 are vulnerable.

8. Linux Kernel 'ib700wdt.c' Buffer Underflow Vulnerability
BugTraq ID: 33003
Remote: No
Date Published: 2008-12-17
Relevant URL: http://www.securityfocus.com/bid/33003
Summary:
The Linux kernel is prone to a buffer-underflow vulnerability because it fails to perform adequate boundary-checks on user-supplied data.

A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges or crash the affected computer, denying service to legitimate users.

Versions prior to Linux kernel 2.6.28-rc1 are vulnerable.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Purewire

NEW! White Paper:
"Hackers Announce Open Season on Web 2.0 Users and Browsers"

Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's.
Download this white paper now to mitigate your online security risks.
http://www.purewire.com/lp/sec

No comments:

Blog Archive