Linux Security News
SecurityFocus Linux Newsletter #419 Dec 18 2008 11:51PM
sfa securityfocus com
SecurityFocus Linux Newsletter #419
----------------------------------------

This issue is sponsored by Purewire

NEW! White Paper:
"Hackers Announce Open Season on Web 2.0 Users and Browsers"

Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's.
Download this white paper now to mitigate your online security risks.
http://www.purewire.com/lp/sec

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Time to Exclude Bad ISPs
2.Standing on Other's Shoulders
II. LINUX VULNERABILITY SUMMARY
1. Vinagre 'vinarge_utils_show_error()' Function Format String Vulnerability
2. Compiz Fusion 'Expo' Plugin Security Bypass Vulnerability
3. Linux Kernel MIPS Untrusted User Application Local Denial of Service Vulnerability
4. PHP 'proc_open()' Environment Parameter Safe Mode Restriction-Bypass Vulnerability
5. Avast! Linux Home Edition ISO and RPM File Multiple Buffer Overflow Vulnerabilities
6. Sophos Antivirus For Linux Multiple File Processing Remote Denial Of Service Vulnerabilities
7. AVG Anti-Virus For Linux UPX File Parsing Denial of Service Vulnerability
8. BitDefender Antivirus For Linux Multiple File Processing Remote Denial Of Service Vulnerabilities
9. F-PROT Antivirus for Linux ELF File Scanning Denial of Service Vulnerability
10. Linux Kernel 'ac_ioctl()' Local Buffer Overflow Vulnerability
11. Mozilla Thunderbird Malformed MIME Message Denial Of Service Vulnerability
12. Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities
13. GpsDrive Multiple Insecure Temporary File Creation Vulnerabilities
14. Adobe Flash Player Unspecified Remote Security Vulnerability
15. Ubuntu 'libvirt' Local Security Bypass Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Time to Exclude Bad ISPs
By Oliver Day
In recent months, three questionable Internet service providers - EstDomains, Atrivo, and McColo - were effectively taken offline resulting in noticeable drops of malware and spam.
http://www.securityfocus.com/columnists/487

2. Standing on Other's Shoulders
By Chris Wysopal
"If I have seen a little further it is by standing on the shoulders of Giants," Issac Netwon once wrote to describe how he felt that his scientific work was an extension of the work of those who went before him. In the scientific realm it is dishonorable not to credit those upon whose work you build.
http://www.securityfocus.com/columnists/486

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Vinagre 'vinarge_utils_show_error()' Function Format String Vulnerability
BugTraq ID: 32682
Remote: Yes
Date Published: 2008-12-08
Relevant URL: http://www.securityfocus.com/bid/32682
Summary:
Vinagre is prone to a remote format-string vulnerability because it fails to sufficiently sanitize user-supplied input before using it in a formatted-printing function.

An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious '.vnc' file.

Successfully exploiting this issue will allow attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely crash the application.

2. Compiz Fusion 'Expo' Plugin Security Bypass Vulnerability
BugTraq ID: 32712
Remote: No
Date Published: 2008-12-08
Relevant URL: http://www.securityfocus.com/bid/32712
Summary:
Compiz Fusion is prone to a security-bypass vulnerability because of an issue with the 'Expo' plugin.

Attackers may be able to bypass certain security restrictions, which may allow them to bypass the screensaver protection and to access the locked desktop.

Versions prior to Compiz Fusion 0.5.2, 0.7.4, and 0.7.8 are vulnerable.

3. Linux Kernel MIPS Untrusted User Application Local Denial of Service Vulnerability
BugTraq ID: 32716
Remote: No
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32716
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability affecting 64-bit MIPS architectures.

Attackers can exploit this issue to cause the kernel to crash, denying service to legitimate users.

4. PHP 'proc_open()' Environment Parameter Safe Mode Restriction-Bypass Vulnerability
BugTraq ID: 32717
Remote: No
Date Published: 2008-12-09
Relevant URL: http://www.securityfocus.com/bid/32717
Summary:
PHP is prone to a 'safe_mode' restriction-bypass vulnerability. Successful exploits could allow an attacker to bypass some safe-mode restrictions.

This vulnerability would be an issue in shared-hosting configurations where multiple users can create and execute arbitrary PHP script code, with the 'safe_mode' restrictions assumed to isolate the users from each other.

This issue is reported to affect PHP 5.2.8 on the Linux operating system; other versions may also be vulnerable.

5. Avast! Linux Home Edition ISO and RPM File Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 32747
Remote: Yes
Date Published: 2008-12-10
Relevant URL: http://www.securityfocus.com/bid/32747
Summary:
Avast! Linux Home Edition is prone to multiple buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Avast! Linux Home Edition 1.0.8 is vulnerable; other versions may also be affected.

6. Sophos Antivirus For Linux Multiple File Processing Remote Denial Of Service Vulnerabilities
BugTraq ID: 32748
Remote: Yes
Date Published: 2008-12-10
Relevant URL: http://www.securityfocus.com/bid/32748
Summary:
Sophos Antivirus For Linux is prone to multiple remote denial-of-service vulnerabilities because the application fails to properly handle malformed files.

Remote attackers may exploit these issues to crash the affected application, denying service to legitimate users. Given the nature of these issues, attackers may also be able to execute code, but this has not been confirmed.

Sophos Antivirus For Linux 4.33.0 is vulnerable; other versions may also be affected.

7. AVG Anti-Virus For Linux UPX File Parsing Denial of Service Vulnerability
BugTraq ID: 32749
Remote: Yes
Date Published: 2008-12-10
Relevant URL: http://www.securityfocus.com/bid/32749
Summary:
AVG Anti-Virus for Linux is prone to a denial-of-service vulnerability.

Attackers can exploit this issue to crash the affected application, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

Versions prior to AVG Anti-Virus 7.5.51 are vulnerable.

8. BitDefender Antivirus For Linux Multiple File Processing Remote Denial Of Service Vulnerabilities
BugTraq ID: 32751
Remote: Yes
Date Published: 2008-12-10
Relevant URL: http://www.securityfocus.com/bid/32751
Summary:
BitDefender Antivirus For Linux is prone to multiple remote denial-of-service vulnerabilities because the application fails to properly handle malformed files.

Remote attackers may exploit these issues to crash the affected application, denying service to legitimate users. Given the nature of these issues, attackers may also be able to execute code, but this has not been confirmed.

BitDefender Antivirus For Linux 7.60825 is vulnerable; other versions may also be affected.

9. F-PROT Antivirus for Linux ELF File Scanning Denial of Service Vulnerability
BugTraq ID: 32753
Remote: Yes
Date Published: 2008-12-10
Relevant URL: http://www.securityfocus.com/bid/32753
Summary:
F-PROT Antivirus for Linux is a virus scanning application for the Linux operating system.

The application is prone to a denial-of-service vulnerability because it fails to handle malformed files.

Successfully exploits will crash the affected application, resulting in a denial-of-service condition. Given the nature of this issue, code execution may be possible, but this has not been confirmed.

F-PROT Antivirus for Linux 4.6.8 is vulnerable; other versions may also be affected.

10. Linux Kernel 'ac_ioctl()' Local Buffer Overflow Vulnerability
BugTraq ID: 32759
Remote: No
Date Published: 2008-12-10
Relevant URL: http://www.securityfocus.com/bid/32759
Summary:
The Linux kernel is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Local attackers may be able to exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

Versions prior to the Linux kernel 2.6.28-rc1 are vulnerable.

11. Mozilla Thunderbird Malformed MIME Message Denial Of Service Vulnerability
BugTraq ID: 32869
Remote: Yes
Date Published: 2008-12-08
Relevant URL: http://www.securityfocus.com/bid/32869
Summary:
Mozilla Thunderbird is prone to a denial-of-service vulnerability because the application fails to properly handle malformed multipart MIME messages.

An attacker can exploit this issue to crash the application during delivery.

12. Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities
BugTraq ID: 32882
Remote: Yes
Date Published: 2008-12-16
Relevant URL: http://www.securityfocus.com/bid/32882
Summary:
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey.

Attackers can exploit these issues to bypass same-origin restrictions, obtain potentially sensitive information, help launch cross-site scripting attacks, and execute arbitrary script code with elevated privileges; other attacks are also possible.

13. GpsDrive Multiple Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 32887
Remote: No
Date Published: 2008-12-17
Relevant URL: http://www.securityfocus.com/bid/32887
Summary:
GpsDrive create temporary files in an insecure manner.

An attacker with local access could perform symbolic-link attacks, overwriting arbitrary files in the context of an affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible.

GpsDrive 2.10~pre4-6.dfsg-1 is vulnerable; other versions may also be affected.

14. Adobe Flash Player Unspecified Remote Security Vulnerability
BugTraq ID: 32896
Remote: Yes
Date Published: 2008-12-17
Relevant URL: http://www.securityfocus.com/bid/32896
Summary:
Adobe Flash Player is prone to an unspecified security vulnerability.

Remote attackers may exploit this vulnerability to compromise an affected computer.

No further technical details are currently available. We will update this BID as more information emerges.

This issue affects Flash Player on Linux platforms.

Versions prior to Flash Player 10.0.15.3 and 9.0.152.0 are vulnerable.

15. Ubuntu 'libvirt' Local Security Bypass Vulnerability
BugTraq ID: 32905
Remote: No
Date Published: 2008-12-18
Relevant URL: http://www.securityfocus.com/bid/32905
Summary:
Ubuntu 'libvirt' is prone to a local security-bypass vulnerability.

Successful exploitation of this issue may give attackers access to privileged operations.

This issue affects the following releases:

Ubuntu 7.10
Ubuntu 8.04 LTS
Ubuntu 8.10

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Purewire

NEW! White Paper:
"Hackers Announce Open Season on Web 2.0 Users and Browsers"

Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's.
Download this white paper now to mitigate your online security risks.
http://www.purewire.com/lp/sec

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus