+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | July 2nd, 2010 Volume 11, Number 27 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Understand: Fork Bombing Attack ------------------------------- As the variety of attacks and threats grow, you need to be prepared. In this HOWTO, get a feeling for the Fork Bombing Attack, what it is, how it works, where it comes from, how to deal with it and more. http://www.linuxsecurity.com/content/view/129220 Review: Hacking: The Art of Exploitation, Second Edition -------------------------------------------------------- If you've ever wondered what a "buffer overflow" was, or how a "denial of service" attack works beyond just a basic understanding, then there is no better book that will help you to delve into the nitty-gritty than <i>Hacking: The Art of Exploitation, Second Edition, by Jon Erickson. http://www.linuxsecurity.com/content/view/152556 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2066-1: wireshark: Multiple vulnerabilities (Jul 1) ----------------------------------------------------------- Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that null pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service [More...] http://www.linuxsecurity.com/content/view/152739 * Debian: 2065-1: kvirc: Multiple vulnerabilities (Jun 27) -------------------------------------------------------- Two security issues have been discovered in the DCC protocol support code of kvirc, a KDE-based next generation IRC client, which allow the overwriting of local files through directory traversal and the execution of arbitrary code through a format string attack. [More...] http://www.linuxsecurity.com/content/view/152703 * Debian: 2064-1: xulrunner: Multiple vulnerabilities (Jun 27) ------------------------------------------------------------ Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/152702 ------------------------------------------------------------------------ * Mandriva: 2010:126: mozilla-thunderbird (Jun 24) ------------------------------------------------ Multiple vulnerabilities has been found and corrected in mozilla-thunderbird: Unspecified vulnerability in Mozilla Firefox 3 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory [More...] http://www.linuxsecurity.com/content/view/152683 * Mandriva: 2010:125: firefox (Jun 24) ------------------------------------ Security issues were identified and fixed in firefox: An unspecified function in the JavaScript implementation in Mozilla Firefox creates and exposes a temporary footprint when there is a current login to a web site, which makes it easier for remote [More...] http://www.linuxsecurity.com/content/view/152675 ------------------------------------------------------------------------ * Red Hat: 2010:0505-01: perl-Archive-Tar: Moderate Advisory (Jul 1) ------------------------------------------------------------------ An updated perl-Archive-Tar package that fixes multiple security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/152737 * Red Hat: 2010:0504-01: kernel: Important Advisory (Jul 1) --------------------------------------------------------- Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/152738 * Red Hat: 2010:0503-01: acroread: Critical Advisory (Jun 30) ----------------------------------------------------------- Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. [More...] http://www.linuxsecurity.com/content/view/152730 ------------------------------------------------------------------------ * Slackware: 2010-180-02: libtiff: Security Update (Jun 30) --------------------------------------------------------- New libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152725 * Slackware: 2010-180-01: libpng: Security Update (Jun 30) -------------------------------------------------------- New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152724 * Slackware: 2010-176-03: seamonkey: Security Update (Jun 25) ----------------------------------------------------------- New seamonkey packages are available for Slackware 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152699 * Slackware: 2010-176-04: mozilla-thunderbird: Security Update (Jun 25) --------------------------------------------------------------------- New mozilla-thunderbird packages are available for Slackware 13.1 and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152697 * Slackware: 2010-176-01: bind: Security Update (Jun 25) ------------------------------------------------------ New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues when DNSSEC is enabled (which is not the default setting). [More Info...] http://www.linuxsecurity.com/content/view/152698 * Slackware: 2010-176-02: mozilla-firefox: Security Update (Jun 25) ----------------------------------------------------------------- New mozilla-firefox packages are available for Slackware 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152696 * Slackware: 2010-176-05: cups: Security Update (Jun 25) ------------------------------------------------------ New cups packages are available for Slackware 13.1 and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/152695 ------------------------------------------------------------------------ * SuSE: 2010-027: Linux kernel (Jul 2) ------------------------------------ This SUSE Linux Enterprise 11 Service Pack 1 kernel update brings the kernel to 2.6.32.13. It also contains a security fix and lots of other bugfixes. Following security issues were fixed: CVE-2010-1173: The sctp_process_unk_param function in [More...] http://www.linuxsecurity.com/content/view/152741 * SuSE: 2010-026: IBM Java 6 (Jul 1) ---------------------------------- IBM Java 6 was updated to Service Release 8 to fix various security issues. Following security issues were fixed: CVE-2010-0084: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 [More...] http://www.linuxsecurity.com/content/view/152736 * SuSE: 2010-025: Samba (Jul 1) ----------------------------- The Samba server was updated to fix security issues and bugs. Following security issues were fixed: CVE-2010-2063: A buffer overrun was possible in chain_reply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. [More...] http://www.linuxsecurity.com/content/view/152733 ------------------------------------------------------------------------ * Ubuntu: 956-1: sudo vulnerability (Jun 30) ------------------------------------------ Evan Broder and Anders Kaseorg discovered that sudo did not properlysanitize its environment when configured to use secure_path (the default inUbuntu). A local attacker could exploit this to execute arbitrary code asroot if sudo was configured to allow the attacker to use a program thatinterpreted the PATH environment variable. [More...] http://www.linuxsecurity.com/content/view/152732 * Ubuntu: 930-3: Firefox regression (Jun 30) ------------------------------------------ USN-930-1 fixed vulnerabilities in Firefox. Due to a software packagingproblem, the Firefox 3.6 update could not be installed when the firefox-2package was also installed. This update fixes the problem and updatesapturl for the change. [More...] http://www.linuxsecurity.com/content/view/152731 * Ubuntu: 930-2: apturl, Epiphany, gecko-sharp, gnome-python-extras, (Jun 29) --------------------------------------------------------------------------- USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This updateprovides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 onUbuntu 8.04 LTS. [More...] http://www.linuxsecurity.com/content/view/152718 * Ubuntu: 930-1: Firefox and Xulrunner vulnerabilities (Jun 29) ------------------------------------------------------------- If was discovered that Firefox could be made to access freed memory. If auser were tricked into viewing a malicious site, a remote attacker couldcause a denial of service or possibly execute arbitrary code with theprivileges of the user invoking the program. This issue only affectedUbuntu 8.04 LTS. (CVE-2010-1121) [More...] http://www.linuxsecurity.com/content/view/152717 * Ubuntu: 927-5: nspr update (Jun 29) ----------------------------------- USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPRneeded to use the new NSS. [More...] http://www.linuxsecurity.com/content/view/152716 * Ubuntu: 927-4: nss vulnerability (Jun 29) ----------------------------------------- USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. This update providesthe corresponding updates for Ubuntu 8.04 LTS. [More...] http://www.linuxsecurity.com/content/view/152715 ------------------------------------------------------------------------ * Pardus: 2010-91: Samba: Memory Corruption (Jun 30) -------------------------------------------------- A vulnerability has been fixed in Samba, which can be exploited by malicious people to potentially compromise a vulnerable system. http://www.linuxsecurity.com/content/view/152719 * Pardus: 2010-89: Thunderbird: Multiple (Jun 30) ----------------------------------------------- Multiple vulnerabilities have been fixed in Thunderbird. http://www.linuxsecurity.com/content/view/152720 * Pardus: 2010-93: Wireshark: Multiple Vulnerabilities (Jun 30) ------------------------------------------------------------- Multiple vulnerabilities have been fixed in Wireshark http://www.linuxsecurity.com/content/view/152721 * Pardus: 2010-90: Ruby: Cross Site Scripting (Jun 30) ---------------------------------------------------- An XSS vulnerability has been fixed in WEBrick module. http://www.linuxsecurity.com/content/view/152722 * Pardus: 2010-92: Firefox: Multiple Vulnerabilities (Jun 30) ----------------------------------------------------------- Multiple vulnerabilities have been fixed in Firefox. http://www.linuxsecurity.com/content/view/152723 * Pardus: 2010-82: texlive-core: Integer Overflow (Jun 24) -------------------------------------------------------- An integer overflow has been fixed in texlive-core which can be used by malicious people to execute arbitrary code. http://www.linuxsecurity.com/content/view/152676 * Pardus: 2010-85: perl-libwww: Unexpected Download (Jun 24) ---------------------------------------------------------- A vulnerability has been fixed in perl-libwww which can allow malicious users to overwrite existing files (such as .bashrc) http://www.linuxsecurity.com/content/view/152677 * Pardus: 2010-86: ncompress: Integer Underflow (Jun 24) ------------------------------------------------------ An integer underflow vulnerability has been fixed which can be used by malicious people to cause denial of service. http://www.linuxsecurity.com/content/view/152678 * Pardus: 2010-87: dhcp: Denial of Service (Jun 24) ------------------------------------------------- A vulnerability has been fixed in dhcp which can be used by malicious people to cause denial of service http://www.linuxsecurity.com/content/view/152679 * Pardus: 2010-88: perl: Multiple Vulnerabilities (Jun 24) -------------------------------------------------------- Multiple vulnerabilities in Safe.pm module in perl have been fixed. http://www.linuxsecurity.com/content/view/152680 * Pardus: 2010-84: dvipng: Denial of Service (Jun 24) --------------------------------------------------- Multiple array index errors have been fixed which can allow malicious users to cause denial of service. http://www.linuxsecurity.com/content/view/152681 * Pardus: 2010-83: flashplugin: Multiple (Jun 24) ----------------------------------------------- Multiple vulnerabilities have been fixed in flashplugin. http://www.linuxsecurity.com/content/view/152682 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------