Linux Security News
SecurityFocus Linux Newsletter #420 Dec 31 2008 06:53PM
sfa securityfocus com
SecurityFocus Linux Newsletter #420
----------------------------------------

This issue is sponsored by Purewire

NEW! White Paper:
"Hackers Announce Open Season on Web 2.0 Users and Browsers"

Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's.
Download this white paper now to mitigate your online security risks.
http://www.purewire.com/lp/sec

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Time to Exclude Bad ISPs
2.Standing on Other's Shoulders
II. LINUX VULNERABILITY SUMMARY
1. Qemu and KVM VNC Server Remote Denial of Service Vulnerability
2. PHP 'mbstring' Extension Buffer Overflow Vulnerability
3. Git gitweb 'diff.external' Local Privilege Escalation Vulnerability
4. Linux Kernel 'qdisc_run()' Local Denial of Service Vulnerability
5. Audio File Library (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Time to Exclude Bad ISPs
By Oliver Day
In recent months, three questionable Internet service providers - EstDomains, Atrivo, and McColo - were effectively taken offline resulting in noticeable drops of malware and spam.
http://www.securityfocus.com/columnists/487

2. Standing on Other's Shoulders
By Chris Wysopal
"If I have seen a little further it is by standing on the shoulders of Giants," Issac Netwon once wrote to describe how he felt that his scientific work was an extension of the work of those who went before him. In the scientific realm it is dishonorable not to credit those upon whose work you build.
http://www.securityfocus.com/columnists/486

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Qemu and KVM VNC Server Remote Denial of Service Vulnerability
BugTraq ID: 32910
Remote: Yes
Date Published: 2008-12-22
Relevant URL: http://www.securityfocus.com/bid/32910
Summary:
Qemu and KVM are prone to a remote denial-of-service vulnerability which affects the included VNC server.

Attackers can exploit this issue to create a denial-of-service condition.

The following are vulnerable to this issue:

Qemu 0.9.1 and prior.
KVM-79 and prior.

2. PHP 'mbstring' Extension Buffer Overflow Vulnerability
BugTraq ID: 32948
Remote: Yes
Date Published: 2008-12-21
Relevant URL: http://www.securityfocus.com/bid/32948
Summary:
PHP is prone to a buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. The issue affects the 'mbstring' extension included in the standard distribution.

An attacker can exploit this issue to execute arbitrary machine code in the context of the affected webserver. Failed exploit attempts will likely crash the webserver, denying service to legitimate users.

PHP 4.3.0 up to and including 5.2.6 are vulnerable.

3. Git gitweb 'diff.external' Local Privilege Escalation Vulnerability
BugTraq ID: 32967
Remote: No
Date Published: 2008-12-22
Relevant URL: http://www.securityfocus.com/bid/32967
Summary:
Git gitweb is prone to a local privilege-escalation vulnerability.

A local attacker may exploit this issue to gain elevated privileges.

Versions prior to Git 1.5.4.7, 1.5.5.6, 1.5.6.6, and 1.6.0.6 are vulnerable.

4. Linux Kernel 'qdisc_run()' Local Denial of Service Vulnerability
BugTraq ID: 32985
Remote: No
Date Published: 2008-12-23
Relevant URL: http://www.securityfocus.com/bid/32985
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

Local attackers can exploit this issue to cause a soft lockup, denying service to legitimate users.

Versions prior to Linux kernel 2.6.25 are vulnerable.

5. Audio File Library (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow Vulnerability
BugTraq ID: 33066
Remote: Yes
Date Published: 2008-12-30
Relevant URL: http://www.securityfocus.com/bid/33066
Summary:
Audio File Library (libaudiofile) is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data.

An attacker can exploit this issue to execute arbitrary machine code in the context of applications using the vulnerable library. Failed exploit attempts will likely cause denial-of-service conditions.

This issue affects libaudiofile 0.2.6; other versions may also be vulnerable.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Purewire

NEW! White Paper:
"Hackers Announce Open Season on Web 2.0 Users and Browsers"

Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's.
Download this white paper now to mitigate your online security risks.
http://www.purewire.com/lp/sec

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus