Linux Security News
SecurityFocus Linux Newsletter #429 Mar 05 2009 06:12PM
sfa securityfocus com
SecurityFocus Linux Newsletter #429
----------------------------------------

This issue is sponsored by Qualys

Choosing a solution for Vulnerability Management (VM) is a critical step toward protecting your organization's network and data. Without proven, automated technology for precise detection and remediation, no network can withstand the daily onslaught of new vulnerabilities that threaten security.

http://dinclinx.com/Redirect.aspx?36;4164;35;189;0;6;259;456696438e431ea
1

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Free Market Filtering
2. Don't Blame the Browser
II. LINUX VULNERABILITY SUMMARY
1. Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
2. Adobe Flash Player Unspecified Information Disclosure Vulnerability
3. Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
4. Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
5. OpenSC PKCS#11 Implementation Unauthorized Access Vulnerability
6. PHP 5.2.8 and Prior Versions Multiple Vulnerabilities
7. Avahi 'avahi-core/server.c' Multicast DNS Denial Of Service Vulnerability
8. Linux Kernel 'seccomp' System Call Security Bypass Vulnerability
9. Linux Kernel Audit System 'audit_syscall_entry()' System Call Security Bypass Vulnerability
10. NovaStor NovaNET 'DtbClsLogin()' Remote Stack Buffer Overflow Vulnerability
11. cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
12. ZABBIX 'locales.php' Local File Include and Remote Code Execution Vulnerability
13. Ubuntu network-manager-applet Permission Enforcement Multiple Local Vulnrabilities
14. Arno's IPTables Firewall Script Restart Security Bypass Vulnerability
15. Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Free Market Filtering
By Mark Rasch
The Australian government is considering requiring that Internet service providers in that country install filters which would prevent citizens from accessing tens of thousands of sites that contain "objectionable" material.
http://www.securityfocus.com/columnists/493

2.Don't Blame the Browser
Melih Abdulhayoglu
There was a time when most diseases were fatal for humans. Intense study and research helped doctors manage diseases better, and subsequently even prevent them altogether.
http://www.securityfocus.com/columnists/492

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
BugTraq ID: 33880
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33880
Summary:
Adobe Flash Player is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will likely crash the application, denying service to legitimate users.

Versions prior to Flash Player 10.0.12.36 are vulnerable.

2. Adobe Flash Player Unspecified Information Disclosure Vulnerability
BugTraq ID: 33889
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33889
Summary:
Adobe Flash Player is prone to an information-disclosure vulnerability.

Successful exploits will allow an attacker to obtain potentially sensitive information that may be used to elevate privileges.

This issue affects Flash Player on Linux-based operating systems only.

3. Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
BugTraq ID: 33890
Remote: Yes
Date Published: 2009-02-24
Relevant URL: http://www.securityfocus.com/bid/33890
Summary:
Adobe Flash Player is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input.

Exploiting this issue allows remote attackers to crash the application and possibly to execute code, but this has not been confirmed.

Versions prior to Flash Player 10.0.22.87 are vulnerable.

4. Linux Kernel Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
BugTraq ID: 33906
Remote: No
Date Published: 2009-02-25
Relevant URL: http://www.securityfocus.com/bid/33906
Summary:
The Linux kernel is prone to an origin-validation weakness when dealing with signal handling.

This weakness occurs when a privileged process calls attacker-supplied processes as children. Attackers may exploit this to send arbitrary signals to the privileged parent process.

A local attacker may exploit this issue to kill vulnerable processes, resulting in a denial-of-service condition. In some cases, other attacks may also be possible.

Linux kernel 2.6.28 is vulnerable; other versions may also be affected.

5. OpenSC PKCS#11 Implementation Unauthorized Access Vulnerability
BugTraq ID: 33922
Remote: No
Date Published: 2009-02-26
Relevant URL: http://www.securityfocus.com/bid/33922
Summary:
OpenSC is prone to an unauthorized-access vulnerability.

Attackers can exploit this issue to gain unauthorized access to private data, which may lead to other attacks.

Versions prior to OpenSC 0.11.7 are vulnerable.

6. PHP 5.2.8 and Prior Versions Multiple Vulnerabilities
BugTraq ID: 33927
Remote: Yes
Date Published: 2009-02-26
Relevant URL: http://www.securityfocus.com/bid/33927
Summary:
PHP is prone to multiple security vulnerabilities. Successful exploits could allow an attacker to cause a denial-of-service condition. An unspecified issue with an unknown impact was also reported.

These issues affect PHP 5.2.8 and prior versions.

7. Avahi 'avahi-core/server.c' Multicast DNS Denial Of Service Vulnerability
BugTraq ID: 33946
Remote: Yes
Date Published: 2009-03-02
Relevant URL: http://www.securityfocus.com/bid/33946
Summary:
Avahi is prone to a denial-of-service vulnerability.

A remote attacker may exploit this issue to crash the affected application, denying further service to legitimate users.

Avahi 0.6.23 is vulnerable; other versions may also be affected.

8. Linux Kernel 'seccomp' System Call Security Bypass Vulnerability
BugTraq ID: 33948
Remote: No
Date Published: 2009-03-02
Relevant URL: http://www.securityfocus.com/bid/33948
Summary:
The Linux kernel is prone to a local security-bypass vulnerability.

A local attacker may be able to exploit this issue to bypass access control and make restricted system calls, which may result in an elevation of privileges.

9. Linux Kernel Audit System 'audit_syscall_entry()' System Call Security Bypass Vulnerability
BugTraq ID: 33951
Remote: No
Date Published: 2009-03-02
Relevant URL: http://www.securityfocus.com/bid/33951
Summary:
The Linux kernel is prone to a local security-bypass vulnerability.

A local attacker may be able to exploit this issue to bypass audit mechanisms imposed on system calls. This may allow malicious behavior to escape notice.

10. NovaStor NovaNET 'DtbClsLogin()' Remote Stack Buffer Overflow Vulnerability
BugTraq ID: 33954
Remote: Yes
Date Published: 2009-03-02
Relevant URL: http://www.securityfocus.com/bid/33954
Summary:
NovaStor NovaNET is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer.

Attackers can exploit this issue to execute arbitrary code within the context of the affected application or cause a denial-of-service condition.

NovaNET 12 is vulnerable; other versions may also be affected.

11. cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
BugTraq ID: 33962
Remote: Yes
Date Published: 2009-03-03
Relevant URL: http://www.securityfocus.com/bid/33962
Summary:
cURL/libcURL is prone to a security-bypass vulnerability.

Remote attackers can exploit this issue to bypass certain security restrictions and carry out various attacks.

This issue affects cURL/libcURL 5.11 through 7.19.3. Other versions may also be vulnerable.

12. ZABBIX 'locales.php' Local File Include and Remote Code Execution Vulnerability
BugTraq ID: 33965
Remote: Yes
Date Published: 2009-03-03
Relevant URL: http://www.securityfocus.com/bid/33965
Summary:
ZABBIX is prone to a local-file include vulnerability and a remote code-execution vulnerability that occurs in the front end web interface.

Attackers can exploit these issues to execute arbitrary code within the context of the webserver or gain access to sensitive information. Other attacks are also possible.

ZABBIX 1.6.2 is vulnerable; prior versions may also be affected.

13. Ubuntu network-manager-applet Permission Enforcement Multiple Local Vulnrabilities
BugTraq ID: 33966
Remote: No
Date Published: 2009-03-03
Relevant URL: http://www.securityfocus.com/bid/33966
Summary:
The 'network-manager-applet' package is prone to multiple local vulnerabilities because the software fails to properly enforce permissions.

Local attackers can exploit these issue to perform dbus queries to view network connection passwords and pre-shared keys and to modify or delete network connections. Other attacks may also be possible.

14. Arno's IPTables Firewall Script Restart Security Bypass Vulnerability
BugTraq ID: 33981
Remote: Yes
Date Published: 2009-03-04
Relevant URL: http://www.securityfocus.com/bid/33981
Summary:
Arno's IPTables Firewall Script is prone to a security-bypass vulnerability because it fails to properly restrict network traffic following a restart of the application.

An attacker can exploit this issue to bypass intended security restrictions and send network packets to an affected computer.

Versions prior to Arno's IPTables Firewall Script 1.9.0b are vulnerable.

15. Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities
BugTraq ID: 33990
Remote: Yes
Date Published: 2009-03-04
Relevant URL: http://www.securityfocus.com/bid/33990
Summary:
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey.

Attackers can exploit these issues to bypass same-origin restrictions, obtain potentially sensitive information, and execute arbitrary script code with elevated privileges; other attacks are also possible.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Qualys

Choosing a solution for Vulnerability Management (VM) is a critical step toward protecting your organization's network and data. Without proven, automated technology for precise detection and remediation, no network can withstand the daily onslaught of new vulnerabilities that threaten security.

http://dinclinx.com/Redirect.aspx?36;4164;35;189;0;6;259;456696438e431ea
1

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus