News

Tuesday, January 20, 2009

SecurityFocus Linux Newsletter #423

SecurityFocus Linux Newsletter #423
----------------------------------------

This issue is sponsored by The Computer Forensics Show

THE COMPUTER FORENSICS SHOW IS THE "DON'T MISS" EVENT OF THE YEAR FOR ALL LITIGATION, ACCOUNTING AND IT PROFESSIONALS
www.computerforensicshow.com

April 27-29, 2009
Washington DC Convention Center
Washington, DC

August 3-5, 2009
San Jose Convention Center
San Jose, CA


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Time to Take the Theoretical Seriously
2.The Drew Verdict Makes Us All Hackers
II. LINUX VULNERABILITY SUMMARY
1. Amarok 'audible.cpp' Audible File Multiple Integer Overflow and Memory Allocation Vulnerabilities
2. Linux Kernel 'sys_remap_file_pages()' Local Privilege Escalation Vulnerability
3. Git gitweb Unspecified Remote Command Execution Vulnerability
4. libmikmod Multiple Sound Channel Media Playback Remote Denial of Service Vulnerability
5. Linux Kernel 'locks_remove_flock()' Local Race Condition Vulnerability
6. libmikmod '.XM' File Remote Denial of Service Vulnerability
7. HP Linux Imaging and Printing System 'hplip.postinst' Local Privilege Escalation Vulnerability
8. Sun Java System Access Manager Information Disclosure Vulnerability
9. Sun Java System Access Manager 'sub-realm' Privilege Escalation Vulnerability
10. Linux Kernel 64 Bit ABI System Call Parameter Privilege Escalation Vulnerability
11. Linux Kernel 'keyctl_join_session_keyring()' Denial of Service Vulnerability
12. Red Hat SquirrelMail Package Session Management Vulnerability
13. Git Snapshot Generation and Pickaxe Search Arbitrary Command Injection Vulnerability
14. MoinMoin 'AttachFile.py' Cross-Site Scripting Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Time to Take the Theoretical Seriously
By Chris Wysopal
Software developers response to "theoretical" research is fundamentally broken. By now, everyone in the security industry knows about the Rogue CA presentation that Alex Sotirov and Jacob Appelbaum gave at 25th Chaos Communications Congress. It was one of the most interesting I saw all last year, and it's a good example of why software companies continue to be vulnerable to attackers
http://www.securityfocus.com/columnists/490

2.The Drew Verdict Makes Us All Hackers
By Mark Rasch
Last month, Lori Drew - the middle-aged Missouri mother who participated in a plan to deceive a 13-year-old girl that ultimately led to the girl's suicide - was convicted by a Los Angeles federal jury of several misdemeanor counts of unauthorized access to MySpace's computers.
http://www.securityfocus.com/columnists/489


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Amarok 'audible.cpp' Audible File Multiple Integer Overflow and Memory Allocation Vulnerabilities
BugTraq ID: 33210
Remote: Yes
Date Published: 2009-01-12
Relevant URL: http://www.securityfocus.com/bid/33210
Summary:
Amarok is prone to multiple integer-overflow and memory-allocation vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.

Successful exploits may allow attackers to execute arbitrary code with the privileges of a user running the application. Failed exploit attempts likely cause denial-of-service conditions.

Versions prior to Amarok 2.0.1.1 are vulnerable.

2. Linux Kernel 'sys_remap_file_pages()' Local Privilege Escalation Vulnerability
BugTraq ID: 33211
Remote: No
Date Published: 2009-01-12
Relevant URL: http://www.securityfocus.com/bid/33211
Summary:
The Linux kernel is prone to a local privilege-escalation vulnerability.

A local attacker can exploit this issue to execute arbitrary code with superuser privileges. A successful exploit will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to Linux kernel 2.6.24.1 are vulnerable.

3. Git gitweb Unspecified Remote Command Execution Vulnerability
BugTraq ID: 33215
Remote: Yes
Date Published: 2009-01-12
Relevant URL: http://www.securityfocus.com/bid/33215
Summary:
Git gitweb is prone to a remote command-execution vulnerability.

An attacker may exploit this issue to execute arbitrary commands within the context of the affected application; this may aid in further attacks.

Git 1.5.2.4 and 1.5.6.6 are vulnerable; other versions may also be affected

4. libmikmod Multiple Sound Channel Media Playback Remote Denial of Service Vulnerability
BugTraq ID: 33235
Remote: Yes
Date Published: 2009-01-13
Relevant URL: http://www.securityfocus.com/bid/33235
Summary:
The 'libmikmod' library is prone to a remote denial-of-service vulnerability because the software fails to perform adequate boundary checks on user-supplied input.

Attackers can exploit this issue by enticing an unsuspecting victim to open multiple specially crafted media files.

Successfully exploiting this issue will cause an affected application to crash, denying service to legitimate users. Attackers may also be able to run arbitrary code, but this has not been confirmed.

This issue affects libmikmod 3.1.9 through 3.2.0; other versions or applications that use the library may also be affected.

5. Linux Kernel 'locks_remove_flock()' Local Race Condition Vulnerability
BugTraq ID: 33237
Remote: No
Date Published: 2009-01-13
Relevant URL: http://www.securityfocus.com/bid/33237
Summary:
The Linux kernel is prone to a local race-condition vulnerability because it fails to properly handle POSIX locks.

A local attacker may exploit this issue to crash the computer or gain elevated privileges.

6. libmikmod '.XM' File Remote Denial of Service Vulnerability
BugTraq ID: 33240
Remote: Yes
Date Published: 2009-01-13
Relevant URL: http://www.securityfocus.com/bid/33240
Summary:
The 'libmikmod' library is prone to a remote denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers can exploit this issue by enticing an unsuspecting victim to open a specially crafted '.XM' file.

Successfully exploiting this issue will cause an affected application to crash, denying service to legitimate users. Attackers may also be able to run arbitrary code, but this has not been confirmed.

This issue affects libmikmod 3.1.9 through 3.2.0; other versions or applications that use the library may also be affected.

7. HP Linux Imaging and Printing System 'hplip.postinst' Local Privilege Escalation Vulnerability
BugTraq ID: 33249
Remote: No
Date Published: 2009-01-13
Relevant URL: http://www.securityfocus.com/bid/33249
Summary:
HP Linux Image and Printing System (HPLIP) is prone to a local privilege-escalation vulnerability because an installation script changes ownership and permission on certain files in users' home directories.

Local attackers can exploit this issue to gain elevated privileges on the affected computer. Successful exploits may completely compromise the computer.

8. Sun Java System Access Manager Information Disclosure Vulnerability
BugTraq ID: 33265
Remote: Yes
Date Published: 2009-01-14
Relevant URL: http://www.securityfocus.com/bid/33265
Summary:
Sun Java System Access Manager is prone to a remote information-disclosure vulnerability.

Attackers can exploit this issue to obtain potentially sensitive information that may aid in further attacks.

9. Sun Java System Access Manager 'sub-realm' Privilege Escalation Vulnerability
BugTraq ID: 33266
Remote: Yes
Date Published: 2009-01-14
Relevant URL: http://www.securityfocus.com/bid/33266
Summary:
Sun Java System Access Manager is prone to a privilege-escalation vulnerability.

Attackers can exploit this issue to elevate their privileges. Successfully exploiting this issue may result in the complete compromise of affected applications.

10. Linux Kernel 64 Bit ABI System Call Parameter Privilege Escalation Vulnerability
BugTraq ID: 33275
Remote: No
Date Published: 2009-01-14
Relevant URL: http://www.securityfocus.com/bid/33275
Summary:
The Linux Kernel is prone to a local privilege-escalation vulnerability.

A local attacker may be able to exploit this issue to read or write to unintended address spaces. This may result in denial-of-service conditions, the disclosure of sensitive information, or privilege escalation.

This issue affects Linux 2.6 on some 64-bit architectures, including s390, PowerPC, SPARC64, and MIPS. Additional architectures may also be affected.

11. Linux Kernel 'keyctl_join_session_keyring()' Denial of Service Vulnerability
BugTraq ID: 33339
Remote: No
Date Published: 2009-01-18
Relevant URL: http://www.securityfocus.com/bid/33339
Summary:
The Linux kernel is prone to a denial-of-service vulnerability because it fails to manage memory in a proper manner.

Attackers can exploit this issue to cause a crash by exhausting memory resources.

This issue affects Linux kernel 2.6.x.

12. Red Hat SquirrelMail Package Session Management Vulnerability
BugTraq ID: 33354
Remote: Yes
Date Published: 2009-01-19
Relevant URL: http://www.securityfocus.com/bid/33354
Summary:
The Red Hat 'squirrelmail' package is prone to an authentication-bypass vulnerability because of a session-handling error introduced by patches provided by Red Hat Security Advisory RHSA-2009:0010.

Attackers can exploit this issue to hijack other users' sessions and obtain sensitive information that can aid in further attacks.

13. Git Snapshot Generation and Pickaxe Search Arbitrary Command Injection Vulnerability
BugTraq ID: 33355
Remote: Yes
Date Published: 2009-01-19
Relevant URL: http://www.securityfocus.com/bid/33355
Summary:
Git is prone to a vulnerability that lets attackers inject arbitrary commands. The issue occurs because the software fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue to execute arbitrary commands in the context of the user running the application.

14. MoinMoin 'AttachFile.py' Cross-Site Scripting Vulnerability
BugTraq ID: 33365
Remote: Yes
Date Published: 2009-01-20
Relevant URL: http://www.securityfocus.com/bid/33365
Summary:
MoinMoin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

Versions prior to MoinMoin 1.8.1 are vulnerable.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by The Computer Forensics Show

THE COMPUTER FORENSICS SHOW IS THE "DON'T MISS" EVENT OF THE YEAR FOR ALL LITIGATION, ACCOUNTING AND IT PROFESSIONALS
www.computerforensicshow.com

April 27-29, 2009
Washington DC Convention Center
Washington, DC

August 3-5, 2009
San Jose Convention Center
San Jose, CA

No comments:

Blog Archive