SecurityFocus Linux Newsletter #253
----------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
------------------------------------------------------------------
I. FRONT AND CENTER
1. Anonymity made easy
2. Skype security and privacy concerns
II. LINUX VULNERABILITY SUMMARY
1. Opera Web Browser Mail Client Multiple Vulnerabilities
2. Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability
3. Mozilla Browser/Firefox Arbitrary Command Execution Vulnerability
4. Webmin / Usermin Remote PAM Authentication Bypass Vulnerability
5. Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability
6. Mozilla Browser/Firefox XBM Image Processing Heap Overflow Vulnerability
7. Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability
8. Mozilla Browser/Firefox Zero-Width Non-Joiner Stack Corruption Vulnerability
9. Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability
10. Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness
11. Mozilla Browser/Firefox DOM Objects Spoofing Vulnerability
12. Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. Securing Fedora Core 4
2. scanning for windows spywear with linux
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Anonymity made easy
By Matthew Tanase
The opening passage to True Names, a novella written by noted science fiction author Vernor Vinge nearly 25 years ago, delivers an eerily prescient summary of modern Internet usage.
http://www.securityfocus.com/columnists/356
2. Skype security and privacy concerns
By Scott Granneman
One of my stranger hobbies is collecting interesting and weird anecdotes I find in the news.
http://www.securityfocus.com/columnists/357
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Opera Web Browser Mail Client Multiple Vulnerabilities
BugTraq ID: 14880
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14880
Summary:
Opera Web Browser Mail client is affected by multiple vulnerabilities. These issues could allow remote attackers to spoof attachment names and carry out script injection attacks.
These vulnerabilities may also be combined to carry out various attacks.
Opera Web Browser 8.02 is reportedly vulnerable, however, it is likely that other versions are affected as well.
2. Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability
BugTraq ID: 14884
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14884
Summary:
Opera Web Browser is affected by an unspecified drag and drop file upload vulnerability.
The cause of this issue was not specified, however, it may allow remote attackers to upload arbitrary files to a computer. This can lead to various attacks including arbitrary code execution in the context of the user running the browser.
Due to lack of information, further details cannot be provided at the moment. This BID will be update when more information becomes available.
3. Mozilla Browser/Firefox Arbitrary Command Execution Vulnerability
BugTraq ID: 14888
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14888
Summary:
Mozilla Browser/Firefox are affected by an arbitrary command execution vulnerability.
This attack would occur in the context of the user running the vulnerable application and may facilitate unauthorized remote access.
Mozilla Firefox 1.0.6 running on UNIX based platforms is reportedly vulnerable. Other versions and applications employing Firefox functionality may be vulnerable as well.
Mozilla Browser 1.7.x versions and Thunderbird 1.x versions are also vulnerable to this issue.
4. Webmin / Usermin Remote PAM Authentication Bypass Vulnerability
BugTraq ID: 14889
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14889
Summary:
Webmin and Usermin are susceptible to a remote PAM authentication bypass vulnerability. This issue is present in the 'miniserv.pl' Web server that is bundled with these applications.
Due to insufficient input validation, shell metacharacters may be employed to bypass the authentication mechanism.
Due to the nature of these applications, full system compromise is very likely after gaining access.
5. Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability
BugTraq ID: 14902
Remote: No
Date Published: 2005-09-22
Relevant URL: http://www.securityfocus.com/bid/14902
Summary:
A local denial of service vulnerability affects the Linux on 64 bit Symmetric Multi-Processor (SMP) platforms.
Specifically, the vulnerability presents itself due to an omitted call to the 'sockfd_put()' function in the 32-bit compatible 'routing_ioctl()' function.
The 32-bit compatible 'tiocgdev ioctl()' function on x86-64 platforms is affected by this issue as well.
6. Mozilla Browser/Firefox XBM Image Processing Heap Overflow Vulnerability
BugTraq ID: 14916
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14916
Summary:
Mozilla and Firefox browsers are prone to a heap overflow when processing malformed XBM images. Successful exploitation can result in arbitrary code execution.
7. Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability
BugTraq ID: 14917
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14917
Summary:
Mozilla Browser/Firefox are affected by an integer overflow vulnerability in their JavaScript engine.
This issue may be exploited by a remote attacker who entices a user to visit a malicious site.
A successful attack may facilitate unauthorized remote access to a vulnerable computer.
Netscape Browser 8.0.3.3, Netscape 7.2, and K-Meleon 0.9 are vulnerable to this issue as well.
8. Mozilla Browser/Firefox Zero-Width Non-Joiner Stack Corruption Vulnerability
BugTraq ID: 14918
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14918
Summary:
Mozilla and Firefox are prone to a stack corruption vulnerability. Successful exploitation could potentially result in arbitrary code execution.
9. Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability
BugTraq ID: 14919
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14919
Summary:
Mozilla and Firefox browsers are prone to a window spoofing vulnerability.
An attacker can exploit this vulnerability to enhance phishing-style attacks.
10. Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness
BugTraq ID: 14920
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14920
Summary:
Mozilla Browser/Firefox are prone to a potential arbitrary code execution weakness.
Specifically, an attacker can load privileged 'chrome' pages from an unprivileged 'about:' page. This issue does not pose a threat unless it is combined with a same-origin violation issue.
If successfully exploited, this issue may allow a remote attacker to execute arbitrary code and gain unauthorized remote access to a computer. This would occur in the context of the user running the browser.
11. Mozilla Browser/Firefox DOM Objects Spoofing Vulnerability
BugTraq ID: 14921
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14921
Summary:
Mozilla and Firefox are prone to a DOM object spoofing vulnerability. Successful exploitation could allow a remote attacker to execute arbitrary script code with elevated privileges.
12. Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability
BugTraq ID: 14923
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14923
Summary:
Mozilla and Firefox browsers are prone to a vulnerability that permits the injection of arbitrary HTTP requests. This issue is due to a failure in the application to properly sanitize user-supplied input.
This issue can be used to exploit server or proxy flaws from the user's machine, or to fool a server or proxy into thinking a single request is a stream of separate requests.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. Securing Fedora Core 4
http://www.securityfocus.com/archive/91/411346
2. scanning for windows spywear with linux
http://www.securityfocus.com/archive/91/409832
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
----------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------
I. FRONT AND CENTER
1. Anonymity made easy
2. Skype security and privacy concerns
II. LINUX VULNERABILITY SUMMARY
1. Opera Web Browser Mail Client Multiple Vulnerabilities
2. Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability
3. Mozilla Browser/Firefox Arbitrary Command Execution Vulnerability
4. Webmin / Usermin Remote PAM Authentication Bypass Vulnerability
5. Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability
6. Mozilla Browser/Firefox XBM Image Processing Heap Overflow Vulnerability
7. Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability
8. Mozilla Browser/Firefox Zero-Width Non-Joiner Stack Corruption Vulnerability
9. Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability
10. Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness
11. Mozilla Browser/Firefox DOM Objects Spoofing Vulnerability
12. Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. Securing Fedora Core 4
2. scanning for windows spywear with linux
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Anonymity made easy
By Matthew Tanase
The opening passage to True Names, a novella written by noted science fiction author Vernor Vinge nearly 25 years ago, delivers an eerily prescient summary of modern Internet usage.
http://www.securityfocus.com/columnists/356
2. Skype security and privacy concerns
By Scott Granneman
One of my stranger hobbies is collecting interesting and weird anecdotes I find in the news.
http://www.securityfocus.com/columnists/357
II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Opera Web Browser Mail Client Multiple Vulnerabilities
BugTraq ID: 14880
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14880
Summary:
Opera Web Browser Mail client is affected by multiple vulnerabilities. These issues could allow remote attackers to spoof attachment names and carry out script injection attacks.
These vulnerabilities may also be combined to carry out various attacks.
Opera Web Browser 8.02 is reportedly vulnerable, however, it is likely that other versions are affected as well.
2. Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability
BugTraq ID: 14884
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14884
Summary:
Opera Web Browser is affected by an unspecified drag and drop file upload vulnerability.
The cause of this issue was not specified, however, it may allow remote attackers to upload arbitrary files to a computer. This can lead to various attacks including arbitrary code execution in the context of the user running the browser.
Due to lack of information, further details cannot be provided at the moment. This BID will be update when more information becomes available.
3. Mozilla Browser/Firefox Arbitrary Command Execution Vulnerability
BugTraq ID: 14888
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14888
Summary:
Mozilla Browser/Firefox are affected by an arbitrary command execution vulnerability.
This attack would occur in the context of the user running the vulnerable application and may facilitate unauthorized remote access.
Mozilla Firefox 1.0.6 running on UNIX based platforms is reportedly vulnerable. Other versions and applications employing Firefox functionality may be vulnerable as well.
Mozilla Browser 1.7.x versions and Thunderbird 1.x versions are also vulnerable to this issue.
4. Webmin / Usermin Remote PAM Authentication Bypass Vulnerability
BugTraq ID: 14889
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14889
Summary:
Webmin and Usermin are susceptible to a remote PAM authentication bypass vulnerability. This issue is present in the 'miniserv.pl' Web server that is bundled with these applications.
Due to insufficient input validation, shell metacharacters may be employed to bypass the authentication mechanism.
Due to the nature of these applications, full system compromise is very likely after gaining access.
5. Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability
BugTraq ID: 14902
Remote: No
Date Published: 2005-09-22
Relevant URL: http://www.securityfocus.com/bid/14902
Summary:
A local denial of service vulnerability affects the Linux on 64 bit Symmetric Multi-Processor (SMP) platforms.
Specifically, the vulnerability presents itself due to an omitted call to the 'sockfd_put()' function in the 32-bit compatible 'routing_ioctl()' function.
The 32-bit compatible 'tiocgdev ioctl()' function on x86-64 platforms is affected by this issue as well.
6. Mozilla Browser/Firefox XBM Image Processing Heap Overflow Vulnerability
BugTraq ID: 14916
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14916
Summary:
Mozilla and Firefox browsers are prone to a heap overflow when processing malformed XBM images. Successful exploitation can result in arbitrary code execution.
7. Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability
BugTraq ID: 14917
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14917
Summary:
Mozilla Browser/Firefox are affected by an integer overflow vulnerability in their JavaScript engine.
This issue may be exploited by a remote attacker who entices a user to visit a malicious site.
A successful attack may facilitate unauthorized remote access to a vulnerable computer.
Netscape Browser 8.0.3.3, Netscape 7.2, and K-Meleon 0.9 are vulnerable to this issue as well.
8. Mozilla Browser/Firefox Zero-Width Non-Joiner Stack Corruption Vulnerability
BugTraq ID: 14918
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14918
Summary:
Mozilla and Firefox are prone to a stack corruption vulnerability. Successful exploitation could potentially result in arbitrary code execution.
9. Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability
BugTraq ID: 14919
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14919
Summary:
Mozilla and Firefox browsers are prone to a window spoofing vulnerability.
An attacker can exploit this vulnerability to enhance phishing-style attacks.
10. Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness
BugTraq ID: 14920
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14920
Summary:
Mozilla Browser/Firefox are prone to a potential arbitrary code execution weakness.
Specifically, an attacker can load privileged 'chrome' pages from an unprivileged 'about:' page. This issue does not pose a threat unless it is combined with a same-origin violation issue.
If successfully exploited, this issue may allow a remote attacker to execute arbitrary code and gain unauthorized remote access to a computer. This would occur in the context of the user running the browser.
11. Mozilla Browser/Firefox DOM Objects Spoofing Vulnerability
BugTraq ID: 14921
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14921
Summary:
Mozilla and Firefox are prone to a DOM object spoofing vulnerability. Successful exploitation could allow a remote attacker to execute arbitrary script code with elevated privileges.
12. Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability
BugTraq ID: 14923
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14923
Summary:
Mozilla and Firefox browsers are prone to a vulnerability that permits the injection of arbitrary HTTP requests. This issue is due to a failure in the application to properly sanitize user-supplied input.
This issue can be used to exploit server or proxy flaws from the user's machine, or to fool a server or proxy into thinking a single request is a stream of separate requests.
III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. Securing Fedora Core 4
http://www.securityfocus.com/archive/91/411346
2. scanning for windows spywear with linux
http://www.securityfocus.com/archive/91/409832
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
[ reply ]