News

Thursday, February 26, 2009

SecurityFocus Linux Newsletter #428

SecurityFocus Linux Newsletter #428
----------------------------------------

This issue is sponsored by Sophos Security Threat Report: 2009

Predicting the future in such a rapidly evolving environment is near impossible. One only needs to count the rate at which new malware appears today compared to five years ago to see how quickly the threat has become more serious. Read our security threat report to read about the malware trends we predict will be at the forefront in 2009.

http://dinclinx.com/Redirect.aspx?36;4036;35;189;0;4;259;d0ddf43bf0d4abdd


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Free Market Filtering
2. Don't Blame the Browser
II. LINUX VULNERABILITY SUMMARY
1. Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability
2. SUSE blinux Buffer Overflow Vulnerability
3. Ubuntu xorg-driver-fglrx 'LD_LIBRARY_PATH' Remote Command Execution Vulnerability
4. Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
5. Yaws Multiple Header Request Denial of Service Vulnerability
6. Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
7. Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
8. Adobe Flash Player Unspecified Information Disclosure Vulnerability
9. Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
10. Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
III. LINUX FOCUS LIST SUMMARY
1. CanSecWest 2009 Speakers and Dojo courses (Mar 14-20)
2. DEFCON 17 CFP now open
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Free Market Filtering
By Mark Rasch
The Australian government is considering requiring that Internet service providers in that country install filters which would prevent citizens from accessing tens of thousands of sites that contain "objectionable" material.
http://www.securityfocus.com/columnists/493

2.Don't Blame the Browser
Melih Abdulhayoglu
There was a time when most diseases were fatal for humans. Intense study and research helped doctors manage diseases better, and subsequently even prevent them altogether.
http://www.securityfocus.com/columnists/492


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability
BugTraq ID: 33751
Remote: Yes
Date Published: 2009-02-19
Relevant URL: http://www.securityfocus.com/bid/33751
Summary:
Adobe Acrobat and Reader are prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users.

The issue affects Reader and Acrobat 9, 8.1.3 and prior, and 7.

UPDATE (February 24, 2009): Further reports suggest that this issue affects the vulnerable applications running on Apple Mac OS X and various Linux-based operating systems.

2. SUSE blinux Buffer Overflow Vulnerability
BugTraq ID: 33794
Remote: No
Date Published: 2009-02-17
Relevant URL: http://www.securityfocus.com/bid/33794
Summary:
The SUSE 'blinux' (sbl) package is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

A local attacker can exploit this issue to execute arbitrary code as the affected process, possibly resulting in elevated privileges. Failed exploit attempts are likely to result in denial-of-service conditions.

3. Ubuntu xorg-driver-fglrx 'LD_LIBRARY_PATH' Remote Command Execution Vulnerability
BugTraq ID: 33801
Remote: Yes
Date Published: 2009-02-17
Relevant URL: http://www.securityfocus.com/bid/33801
Summary:
Ubuntu 'xorg-driver-fglrx' is prone to a remote command-execution vulnerability.

An attacker could exploit this issue by enticing an unsuspecting victim to run an application in a directory containing a malicious library file with a specific name. A successful exploit will allow arbitrary code to run within the privileges of the currently logged-in user.

Ubuntu 8.10 is vulnerable.

4. Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities
BugTraq ID: 33827
Remote: Yes
Date Published: 2009-02-19
Relevant URL: http://www.securityfocus.com/bid/33827
Summary:
The 'libpng' library is prone to multiple memory-corruption vulnerabilities because it fails to properly initialize data structures.

Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library.

These issues affect versions prior to 'libpng' 1.0.43 and 1.2.35.

5. Yaws Multiple Header Request Denial of Service Vulnerability
BugTraq ID: 33834
Remote: Yes
Date Published: 2009-02-19
Relevant URL: http://www.securityfocus.com/bid/33834
Summary:
Yaws is prone to a remote denial-of-service vulnerability because it fails to handle infinite header requests.

Successfully exploiting this issue will allow attackers to cause the affected application to consume memory, eventually denying service to legitimate users.

Versions prior to Yaws 1.80 are vulnerable.

6. Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability
BugTraq ID: 33846
Remote: No
Date Published: 2009-02-20
Relevant URL: http://www.securityfocus.com/bid/33846
Summary:
The Linux Kernel is prone to an information-disclosure vulnerability because it fails to properly initialize certain memory before using using it in a user-accessible operation.

Successful exploits will allow attackers to view portions of kernel memory. Information harvested may be used in further attacks.

Versions prior to Linux Kernel 2.6.28.6 are vulnerable.

7. Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
BugTraq ID: 33880
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33880
Summary:
Adobe Flash Player is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will likely crash the application, denying service to legitimate users.

Versions prior to Flash Player 10.0.12.36 are vulnerable.

8. Adobe Flash Player Unspecified Information Disclosure Vulnerability
BugTraq ID: 33889
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33889
Summary:
Adobe Flash Player is prone to an information-disclosure vulnerability.

Successful exploits will allow an attacker to obtain potentially sensitive information that may be used to elevate privileges.

This issue affects Flash Player on Linux-based operating systems only.

9. Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
BugTraq ID: 33890
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33890
Summary:
Adobe Flash Player is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input.

Exploiting this issue allows remote attackers to crash the application and possibly to execute code, but this has not been confirmed.

Versions prior to Flash Player 10.0.22.87 are vulnerable.

10. Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
BugTraq ID: 33906
Remote: No
Date Published: 2009-02-25
Relevant URL: http://www.securityfocus.com/bid/33906
Summary:
The Linux kernel is prone to an origin-validation weakness when dealing with signal handling.

This weakness occurs when a privileged process calls attacker-supplied processes as children. Attackers may exploit this to send arbitrary signals to the privileged parent process.

A local attacker may exploit this issue to kill vulnerable processes, resulting in a denial-of-service condition. In some cases, other attacks may also be possible.

Linux kernel 2.6.28 is vulnerable; other versions may also be affected.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. CanSecWest 2009 Speakers and Dojo courses (Mar 14-20)
http://www.securityfocus.com/archive/91/500979

2. DEFCON 17 CFP now open
http://www.securityfocus.com/archive/91/500978

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Sophos Security Threat Report: 2009

Predicting the future in such a rapidly evolving environment is near impossible. One only needs to count the rate at which new malware appears today compared to five years ago to see how quickly the threat has become more serious. Read our security threat report to read about the malware trends we predict will be at the forefront in 2009.

http://dinclinx.com/Redirect.aspx?36;4036;35;189;0;4;259;d0ddf43bf0d4abdd

No comments:

Blog Archive