Linux Advisory Watch: April 23rd, 2010
+----------------------------------------------------------------------+
| LinuxSecurity.com Linux Advisory Watch |
| April 23rd, 2010 Volume 11, Number 17 |
| |
| Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> |
| Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> |
+----------------------------------------------------------------------+
Thank you for reading the Linux Advisory Watch Security Newsletter. The
purpose of this document is to provide our readers with a quick summary of
each week's vendor security bulletins and pointers on methods to improve
the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so be
sure to read through to find the updates your distributor have made
available.
SSH: Best Practices
-------------------
If you're reading LinuxSecurity.com then it's a safe bet that you are
already using SSH, but are you using it in the best way possible? Have
you configured it to be as limited and secure as possible?<BR/>Read on for
my best practices for using Secure Shell.
http://www.linuxsecurity.com/content/view/133312
Review: Linux Firewalls
-----------------------
Security is at the forefront of everyone's mind and a firewall can be an
integral part of your Linux defense. But is Michael's Rash's "Linux
Firewalls," the newest release from NoStarchPress, up for the challenge?
Eckie S. here at Linuxsecurity.com gives you the low-down on this newest
addition to the Linux security resource library and how it's one of the
best ways to crack down on attacks to your Linux network.
http://www.linuxsecurity.com/content/view/130392
--> Take advantage of the LinuxSecurity.com Quick Reference Card! <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <--
------------------------------------------------------------------------
* EnGarde Secure Community 3.0.22 Now Available!
----------------------------------------------
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.22 (Version 3.0, Release 22). This release includes
many updated packages and bug fixes and some feature enhancements to
the EnGarde Secure Linux Installer and the SELinux policy.
http://www.linuxsecurity.com/content/view/145668
------------------------------------------------------------------------
* Debian: 2038-1: pidgin: Multiple vulnerabilities (Apr 18)
---------------------------------------------------------
Several remote vulnerabilities have been discovered in Pidgin, a
multi protocol instant messaging client. The Common Vulnerabilities
and Exposures project identifies the following problems: [More...]
http://www.linuxsecurity.com/content/view/152175
* Debian: 2037-1: kdm (kdebase): race condition (Apr 17)
------------------------------------------------------
Sebastian Krahmer discovered that a race condition in the KDE Desktop
Environment's KDM display manager, allow a local user to elevate
privileges to root. [More...]
http://www.linuxsecurity.com/content/view/152174
* Debian: 2036-1: jasper: programming error (Apr 17)
--------------------------------------------------
It was discovered that the JasPer JPEG-2000 runtime library allowed
an attacker to create a crafted input file that could lead to denial
of service and heap corruption. [More...]
http://www.linuxsecurity.com/content/view/152173
* Debian: 2035-1: apache2: multiple issues (Apr 17)
-------------------------------------------------
Two issues have been found in the Apache HTTPD web server:
CVE-2010-0408 [More...]
http://www.linuxsecurity.com/content/view/152172
* Debian: 2034-1: phpmyadmin: Multiple vulnerabilities (Apr 17)
-------------------------------------------------------------
Several vulnerabilities have been discovered in phpMyAdmin, a tool to
administer MySQL over the web. The Common Vulnerabilities and
Exposures project identifies the following problems: [More...]
http://www.linuxsecurity.com/content/view/152166
* Debian: 2033-1: ejabberd: heap overflow (Apr 15)
------------------------------------------------
It was discovered that in ejabberd, a distributed XMPP/Jabber server
written in Erlang, a problem in ejabberd_c2s.erl allows remote
authenticated users to cause a denial of service by sending a large
number of c2s (client2server) messages; that triggers an overload of
the [More...]
http://www.linuxsecurity.com/content/view/152149
------------------------------------------------------------------------
* Mandriva: 2010:070-1: firefox (Apr 20)
--------------------------------------
Security issues were identified and fixed in firefox: Security
researcher regenrecht reported (via TippingPoint's Zero Day
Initiative) a potential reuse of a deleted image frame in Firefox
3.6's handling of multipart/x-mixed-replace images. Although no
exploit was [More...]
http://www.linuxsecurity.com/content/view/152204
* Mandriva: 2010:083: emacs (Apr 20)
----------------------------------
A vulnerability has been found and corrected in emacs:
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users
to read, modify, or delete arbitrary mailbox files via a symlink
attack, related to improper file-permission checks (CVE-2010-0825).
[More...]
http://www.linuxsecurity.com/content/view/152196
* Mandriva: 2010:076-1: openssl (Apr 19)
--------------------------------------
This update fixes several security issues in openssl: - The
ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through
0.9.8m allows remote attackers to cause a denial of service (crash)
via a malformed record in a TLS connection (CVE-2010-0740) - OpenSSL
before 0.9.8m does not check for a NULL return value [More...]
http://www.linuxsecurity.com/content/view/152184
* Mandriva: 2010:076-1: openssl (Apr 19)
--------------------------------------
This update fixes several security issues in openssl: - The
ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through
0.9.8m allows remote attackers to cause a denial of service (crash)
via a malformed record in a TLS connection (CVE-2010-0740) - OpenSSL
before 0.9.8m does not check for a NULL return value [More...]
http://www.linuxsecurity.com/content/view/152183
* Mandriva: 2010:082: clamav (Apr 18)
-----------------------------------
Multiple vulnerabilities has been found and corrected in clamav:
ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z
file formats, which allows remote attackers to bypass virus detection
via a crafted archive that is compatible with standard archive
utilities [More...]
http://www.linuxsecurity.com/content/view/152177
* Mandriva: 2010:081: apache-mod_auth_shadow (Apr 18)
---------------------------------------------------
A vulnerability has been found and corrected in
apache-mod_auth_shadow: A race condition was found in the way
mod_auth_shadow used an external helper binary to validate user
credentials (username / password pairs). A remote attacker could use
this flaw to bypass intended [More...]
http://www.linuxsecurity.com/content/view/152176
* Mandriva: 2010:080: brltty (Apr 17)
-----------------------------------
A vulnerability has been found and corrected in brltty: Untrusted
search path vulnerability in libbrlttybba.so in brltty 3.7.2 allows
local users to gain privileges via a crafted library, related to an
incorrect RPATH setting (CVE-2008-3279). [More...]
http://www.linuxsecurity.com/content/view/152171
* Mandriva: 2010:079: irssi (Apr 17)
----------------------------------
Multiple vulnerabilities has been found and corrected in irssi: Irssi
before 0.8.15, when SSL is used, does not verify that the server
hostname matches a domain name in the subject's Common Name (CN)
field or a Subject Alternative Name field of the X.509 certificate,
[More...]
http://www.linuxsecurity.com/content/view/152170
* Mandriva: 2010:076: openssl (Apr 17)
------------------------------------
This update fixes several security issues in openssl: - The
ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through
0.9.8m allows remote attackers to cause a denial of service (crash)
via a malformed record in a TLS connection (CVE-2010-0740) - OpenSSL
before 0.9.8m does not check for a NULL return value [More...]
http://www.linuxsecurity.com/content/view/152169
* Mandriva: 2010:078: sudo (Apr 17)
---------------------------------
A vulnerability has been found and corrected in sudo: The command
matching functionality in sudo 1.6.8 through 1.7.2p5 does not
properly handle when a file in the current working directory has the
same name as a pseudo-command in the sudoers file and the PATH
[More...]
http://www.linuxsecurity.com/content/view/152168
* Mandriva: 2010:077: nss_db (Apr 17)
-----------------------------------
A vulnerability has been found and corrected in nss_db: The Free
Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db)
2.2.3pre1 reads the DB_CONFIG file in the current working directory,
which allows local users to obtain sensitive information [More...]
http://www.linuxsecurity.com/content/view/152167
* Mandriva: 2010:075: openoffice.org (Apr 15)
-------------------------------------------
This updates provides a security update to the OpenOffice.org
described as follow: OpenOffice's xmlsec uses a bundled Libtool which
might load .la file in the current working directory allowing local
users to gain [More...]
http://www.linuxsecurity.com/content/view/152152
* Mandriva: 2010:074: kdebase (Apr 15)
------------------------------------
A vulnerability has been found and corrected in kdm
(kdebase/kdebase4-workspace): KDM contains a race condition that
allows local attackers to make arbitrary files on the system
world-writeable. This can happen [More...]
http://www.linuxsecurity.com/content/view/152150
------------------------------------------------------------------------
* Red Hat: 2010:0362-01: scsi-target-utils: Important Advisory (Apr 20)
---------------------------------------------------------------------
An updated scsi-target-utils package that fixes one security issue is
now available for Red Hat Enterprise Linux 5. The Red Hat Security
Response Team has rated this update as having [More...]
http://www.linuxsecurity.com/content/view/152202
* Red Hat: 2010:0361-01: sudo: Moderate Advisory (Apr 20)
-------------------------------------------------------
An updated sudo package that fixes one security issue is now
available for Red Hat Enterprise Linux 5. The Red Hat Security
Response Team has rated this update as having moderate [More...]
http://www.linuxsecurity.com/content/view/152201
* Red Hat: 2010:0360-01: wireshark: Moderate Advisory (Apr 20)
------------------------------------------------------------
Updated wireshark packages that fix several security issues are now
available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat
Security Response Team has rated this update as having moderate
[More...]
http://www.linuxsecurity.com/content/view/152200
* Red Hat: 2010:0356-02: java-1.6.0-sun: Critical Advisory (Apr 19)
-----------------------------------------------------------------
Updated java-1.6.0-sun packages that fix two security issues are now
available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
The Red Hat Security Response Team has rated this update as having
critical [More...]
http://www.linuxsecurity.com/content/view/152186
------------------------------------------------------------------------
* Slackware: 2010-110-01: sudo: Security Update (Apr 20)
------------------------------------------------------
New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix
security issues. [More Info...]
http://www.linuxsecurity.com/content/view/152206
* Slackware: 2010-110-02: kdebase-workspace: Security Update (Apr 20)
-------------------------------------------------------------------
New kdebase-workspace packages are available for Slackware 13.0 and
-current to fix a security issue with KDM. [More Info...]
http://www.linuxsecurity.com/content/view/152205
------------------------------------------------------------------------
* SuSE: 2010-022: acroread (Apr 21)
---------------------------------
Specially crafted PDF documents could crash acroread or even lead to
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/152212
------------------------------------------------------------------------
* Ubuntu: 929-2: irssi regression (Apr 20)
----------------------------------------
USN-929-1 fixed vulnerabilities in irssi. The upstream changes
introduced aregression when using irssi with SSL and an IRC proxy.
This update fixesthe problem. [More...]
http://www.linuxsecurity.com/content/view/152203
* Ubuntu: 932-1: KDM vulnerability (Apr 19)
-----------------------------------------
Sebastian Krahmer discovered a race condition in the KDE Display
Manager(KDM). A local attacker could exploit this to change the
permissions onarbitrary files, thus allowing privilege escalation.
[More...]
http://www.linuxsecurity.com/content/view/152185
* Ubuntu: 931-1: FFmpeg vulnerabilities (Apr 19)
----------------------------------------------
It was discovered that FFmpeg contained multiple security issues
whenhandling certain multimedia files. If a user were tricked into
opening acrafted multimedia file, an attacker could cause a denial of
service viaapplication crash, or possibly execute arbitrary code with
the privilegesof the user invoking the program. [More...]
http://www.linuxsecurity.com/content/view/152182
* Ubuntu: 929-1: irssi vulnerabilities (Apr 15)
---------------------------------------------
It was discovered that irssi did not perform certificate host
validationwhen using SSL connections. An attacker could exploit this
to perform a manin the middle attack to view sensitive information or
alter encryptedcommunications. (CVE-2010-1155) [More...]
http://www.linuxsecurity.com/content/view/152153
* Ubuntu: 890-6: CMake vulnerabilities (Apr 15)
---------------------------------------------
USN-890-1 fixed vulnerabilities in Expat. This update provides
thecorresponding updates for CMake. [More...]
http://www.linuxsecurity.com/content/view/152151
* Ubuntu: 928-1: Sudo vulnerability (Apr 15)
------------------------------------------
Valerio Costamagna discovered that sudo did not properly validate the
pathfor the 'sudoedit' pseudo-command when the PATH contained only a
dot ('.').If secure_path and ignore_dot were disabled, a local
attacker could exploitthis to execute arbitrary code as root if sudo
was configured to allow theattacker to use sudoedit. By default,
secure_path is used and the sudoedit [More...]
http://www.linuxsecurity.com/content/view/152148
------------------------------------------------------------------------
* Pardus: 2010-55: ClamAV: Multiple Vulnerabilities (Apr 20)
----------------------------------------------------------
A weakness and a vulnerability have been fixed in ClamAV, which can
be exploited by malicious people to bypass the scanning functionality
or potentially compromise a vulnerable system.
http://www.linuxsecurity.com/content/view/152193
* Pardus: 2010-51: Qemu: Denial of Service (Apr 20)
-------------------------------------------------
A vulnerability has been fixed in Qemu, which could be exploited by
attackers to cause a denial of service.
http://www.linuxsecurity.com/content/view/152194
* Pardus: 2010-56: Libnids: Denial of Service (Apr 20)
----------------------------------------------------
A vulnerability has been reported in Libnids, which can be exploited
by malicious people to cause a DoS (Denial of Service).
http://www.linuxsecurity.com/content/view/152195
* Pardus: 2010-53: Mit-kerberos: Denial of Service (Apr 20)
---------------------------------------------------------
A vulnerability has been fixed in mit-kerberos, which could be
exploited by attackers to cause a denial of service.
http://www.linuxsecurity.com/content/view/152189
* Pardus: 2010-52: Memcached: Denial of Service (Apr 20)
------------------------------------------------------
A vulnerability has been fixed in memcached, which could be exploited
by attackers to cause a denial of service.
http://www.linuxsecurity.com/content/view/152190
* Pardus: 2010-50: KDM: Privilege Escalation (Apr 20)
---------------------------------------------------
A security issue has been fixed in KDE, which can be exploited by
malicious, local users to gain escalated privileges.
http://www.linuxsecurity.com/content/view/152191
* Pardus: 2010-54: Cups: Privilege Escalation (Apr 20)
----------------------------------------------------
A vulnerability has been fixed in Cups, which can be exploited by
malicious people to bypass certain privileges.
http://www.linuxsecurity.com/content/view/152192
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
[Fedora Announce]
[Linux Crypto]
[Kernel]
[Netfilter]
[Video for Linux]
[Bugtraq]
[USB]
[Fedora Security]
