News

Wednesday, March 18, 2009

SecurityFocus Linux Newsletter #431

SecurityFocus Linux Newsletter #431
----------------------------------------

This issue is sponsored by Tripwire

Configuration Assessment: Choosing the Right Solution
Configuration assessment lets businesses proactively secure their IT infrastructure and achieve compliance with important industry standards and regulations. Learn why configuration assessment is so important, why organizations find it difficult to control system configurations, and what types of configuration assessment solutions are available.

http://dinclinx.com/Redirect.aspx?36;3065;32;189;0;3;259;458f725ab218caf9


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Contracting For Secure Code
2. Free Market Filtering
II. LINUX VULNERABILITY SUMMARY
1. IBM Director CIM Server Consumer Name Remote Denial of Service Vulnerability
2. Mahara Multiple Cross Site Scripting Vulnerabilities
3. IBM Director CIM Server Privilege Escalation Vulnerability
4. openSUSE Linux gtk2 Package Search Path Remote Command Execution Vulnerability
5. PostgreSQL Low Cost Function Information Disclosure Vulnerability
6. Asterisk Pedantic Mode SIP Channel Driver INVITE Header Remote Denial of Service Vulnerability
7. Sun xVM VirtualBox Local Privilege Escalation Vulnerability
8. Linux Kernel '/proc/net/rt_cache' Remote Denial of Service Vulnerability
9. Wesnoth 'simple_wml.cpp' Remote Denial of Service Vulnerability
10. Autonomy KeyView Module 'wp6sr.dll' Buffer Overflow Vulnerability
11. Mandriva perl-MDK-Common Unspecified Privilege Escalation Vulnerability
12. PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
13. DASH '.profile' Local Privilege Escalation Vulnerability
14. GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
15. JDKChat Malformed Command Remote Integer Overflow Vulnerability
16. Evolution Data Server 'ntlm_challenge()' Memory Contents Information Disclosure Vulnerability
17. Bricolage Unspecified SQL Injection Vulnerability
18. WeeChat IRC Message Remote Denial Of Service Vulnerability
19. system-config-printer Package Romanian Translation Insecure Configuration Weakness
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Contracting For Secure Code
By Chris Wysopal
Forcing suppliers to attest to the security of provided software is gaining adherents: Just ask Kaspersky Lab.
http://www.securityfocus.com/columnists/494

2. Free Market Filtering
By Mark Rasch
The Australian government is considering requiring that Internet service providers in that country install filters which would prevent citizens from accessing tens of thousands of sites that contain "objectionable" material.
http://www.securityfocus.com/columnists/493


II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. IBM Director CIM Server Consumer Name Remote Denial of Service Vulnerability
BugTraq ID: 34061
Remote: Yes
Date Published: 2009-03-10
Relevant URL: http://www.securityfocus.com/bid/34061
Summary:
The CIM Server of IBM Director is prone to a remote denial-of-service vulnerability because the application fails to properly handle specially crafted requests.

Successfully exploiting this issue allows remote attackers to trigger crashes, which would deny further service to legitimate users.

This issue affects versions prior to IBM Director 5.20.3 Service Update 2.

2. Mahara Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 34064
Remote: Yes
Date Published: 2009-03-10
Relevant URL: http://www.securityfocus.com/bid/34064
Summary:
Mahara is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data.

Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials; other attacks are also possible.

Versions prior to Mahara 1.0.10 and 1.1.2 are vulnerable.

3. IBM Director CIM Server Privilege Escalation Vulnerability
BugTraq ID: 34065
Remote: No
Date Published: 2009-03-10
Relevant URL: http://www.securityfocus.com/bid/34065
Summary:
IBM Director is prone to a privilege-escalation vulnerability that affects the CIM server.

Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of the CIM server process.

Versions prior to IBM Director 5.20.3 Service Update 2 are affected.

4. openSUSE Linux gtk2 Package Search Path Remote Command Execution Vulnerability
BugTraq ID: 34068
Remote: Yes
Date Published: 2009-03-10
Relevant URL: http://www.securityfocus.com/bid/34068
Summary:
The openSUSE gtk2 package is prone to a remote command-execution vulnerability.

An attacker could exploit this issue by enticing an unsuspecting victim to run a vulnerable application in a directory containing a malicious module file with a specific name. A successful exploit will allow arbitrary commands to run with the privileges of the currently logged-in user.

openSUSE 11.0 and 11.1 are vulnerable.

5. PostgreSQL Low Cost Function Information Disclosure Vulnerability
BugTraq ID: 34069
Remote: No
Date Published: 2009-03-10
Relevant URL: http://www.securityfocus.com/bid/34069
Summary:
PostgreSQL is prone to an information-disclosure vulnerability.

Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

PostgreSQL 8.3.6 is vulnerable; other versions may also be affected.

6. Asterisk Pedantic Mode SIP Channel Driver INVITE Header Remote Denial of Service Vulnerability
BugTraq ID: 34070
Remote: Yes
Date Published: 2009-03-10
Relevant URL: http://www.securityfocus.com/bid/34070
Summary:
Asterisk is prone to a remote denial-of-service vulnerability because it fails to adequately validate INVITE headers in pedantic mode.

Successful exploits can crash the SIP channel driver, resulting in denial-of-service conditions for legitimate users.

7. Sun xVM VirtualBox Local Privilege Escalation Vulnerability
BugTraq ID: 34080
Remote: No
Date Published: 2009-03-10
Relevant URL: http://www.securityfocus.com/bid/34080
Summary:
Sun xVM VirtualBox is prone to a local privilege-escalation vulnerability.

An attacker can exploit this vulnerability to run arbitrary code with superuser privileges.

The following versions for the Linux platform are vulnerable:

Sun xVM VirtualBox 2.0
Sun xVM VirtualBox 2.1

8. Linux Kernel '/proc/net/rt_cache' Remote Denial of Service Vulnerability
BugTraq ID: 34084
Remote: Yes
Date Published: 2009-03-11
Relevant URL: http://www.securityfocus.com/bid/34084
Summary:
The Linux kernel is prone to a remote denial-of-service vulnerability because it fails to properly flush the '/proc/net/rt_cache' file under some conditions.

Attackers can exploit this issue to cause the kernel to fail to respond to network traffic, denying service to legitimate users.

Versions prior to Linux kernel 2.6.25 are vulnerable.

9. Wesnoth 'simple_wml.cpp' Remote Denial of Service Vulnerability
BugTraq ID: 34085
Remote: Yes
Date Published: 2009-03-11
Relevant URL: http://www.securityfocus.com/bid/34085
Summary:
Wesnoth is prone to a remote denial-of-service vulnerability.

Exploiting this issue may allow attackers to cause the application to crash, denying service to legitimate users.

Wesnoth 1.4.7 is vulnerable; other versions may also be affected.

10. Autonomy KeyView Module 'wp6sr.dll' Buffer Overflow Vulnerability
BugTraq ID: 34086
Remote: Yes
Date Published: 2009-03-17
Relevant URL: http://www.securityfocus.com/bid/34086
Summary:
Autonomy KeyView module is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.

Exploiting this issue will allow an attacker to corrupt memory and to cause denial-of-service conditions or potentially to execute arbitrary code in the context of the application using the module.

Multiple products using the KeyView module are affected.

11. Mandriva perl-MDK-Common Unspecified Privilege Escalation Vulnerability
BugTraq ID: 34089
Remote: No
Date Published: 2009-03-11
Relevant URL: http://www.securityfocus.com/bid/34089
Summary:
Mandriva perl-MDK-Common is prone to an unspecified privilege-escalation vulnerability because the software fails to properly validate user-supplied input.

An attacker may exploit this issue to gain elevated privileges.

12. PostgreSQL Conversion Encoding Remote Denial of Service Vulnerability
BugTraq ID: 34090
Remote: Yes
Date Published: 2009-03-11
Relevant URL: http://www.securityfocus.com/bid/34090
Summary:
PostgreSQL is prone to a remote denial-of-service vulnerability.

Exploiting this issue may allow attackers to terminate connections to the PostgreSQL server, denying service to legitimate users.

13. DASH '.profile' Local Privilege Escalation Vulnerability
BugTraq ID: 34092
Remote: No
Date Published: 2009-03-11
Relevant URL: http://www.securityfocus.com/bid/34092
Summary:
DASH is prone to a vulnerability that may allow local attackers to run code with elevated privileges.

Successful exploits will allow an attacker to run code within the context of the user running the affected application. This may allow the attacker to gain root-level privileges, resulting in a complete compromise of an affected computer.

14. GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities
BugTraq ID: 34100
Remote: Yes
Date Published: 2009-03-12
Relevant URL: http://www.securityfocus.com/bid/34100
Summary:
The GNOME glib library is prone to multiple integer-overflow vulnerabilities related to encoding and decoding Base64 data.

Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library.

The following are vulnerable:

GNOME glib 2.11
GNOME glib 2.12
GStreamer gst-plugins-base prior to 0.10.23
GNOME libsoup prior to 2.2.0
GNOME libsoup prior to 2.24
Evolution Data Server prior to 2.24.5

Additional applications and versions may also be affected.

15. JDKChat Malformed Command Remote Integer Overflow Vulnerability
BugTraq ID: 34102
Remote: Yes
Date Published: 2009-03-12
Relevant URL: http://www.securityfocus.com/bid/34102
Summary:
JDKChat is prone to a remote integer-overflow vulnerability.

A remote attacker may exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely crash the application, denying service to legitimate users.

JDKChat 1.5 is vulnerable; other versions may also be affected.

16. Evolution Data Server 'ntlm_challenge()' Memory Contents Information Disclosure Vulnerability
BugTraq ID: 34109
Remote: Yes
Date Published: 2009-03-12
Relevant URL: http://www.securityfocus.com/bid/34109
Summary:
Evolution Data Server is prone to an information-disclosure vulnerability.

Successful exploits will allow attackers to obtain the contents of a portion of memory or crash the application.

This issue affects Evolution Data Server 2.45.5; other versions may also be affected.

17. Bricolage Unspecified SQL Injection Vulnerability
BugTraq ID: 34110
Remote: Yes
Date Published: 2009-03-12
Relevant URL: http://www.securityfocus.com/bid/34110
Summary:
Bricolage is prone to an unspecified SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Versions prior to Bricolage 1.10.7 are vulnerable.

18. WeeChat IRC Message Remote Denial Of Service Vulnerability
BugTraq ID: 34148
Remote: Yes
Date Published: 2009-03-17
Relevant URL: http://www.securityfocus.com/bid/34148
Summary:
WeeChat is prone to a remote denial-of-service vulnerability.

An attacker may exploit this issue crash the application, resulting in a denial-of-service condition.

Versions prior to WeeChat 0.2.6.1 are vulnerable.

19. system-config-printer Package Romanian Translation Insecure Configuration Weakness
BugTraq ID: 34161
Remote: No
Date Published: 2009-03-11
Relevant URL: http://www.securityfocus.com/bid/34161
Summary:
The 'system-config-printer' package is prone to a security weakness that may result in unsafe printer access configurations.

This weakness may cause unsuspecting users to set up unsafe printer configurations, resulting in a false sense of security. This may lead to other attacks.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Tripwire

Configuration Assessment: Choosing the Right Solution
Configuration assessment lets businesses proactively secure their IT infrastructure and achieve compliance with important industry standards and regulations. Learn why configuration assessment is so important, why organizations find it difficult to control system configurations, and what types of configuration assessment solutions are available.

http://dinclinx.com/Redirect.aspx?36;3065;32;189;0;3;259;458f725ab218caf9

No comments:

Blog Archive