Linux Security News
SecurityFocus Linux Newsletter #436 Apr 24 2009 09:18PM
sfa securityfocus com
SecurityFocus Linux Newsletter #436
----------------------------------------

This issue is sponsored by Webex

Desktop Security On Demand

Today, the pressures of technology threats, regulatory compliance, and cost control have combined to force a renewed focus on corporate IT management. As a result, security and system management are top-of-mind considerations for IT managers within businesses of all sizes. Learn more today!

http://dinclinx.com/Redirect.aspx?36;4905;35;189;0;3;259;0e72602f272b1d7
e

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Celebrity Viruses Improve Security
2.Good Obfuscation, Bad Code
II. LINUX VULNERABILITY SUMMARY
1. Zervit 'http.c' Remote Buffer Overflow Vulnerability
2. udev Netlink Message Validation Local Privilege Escalation Vulnerability
3. udev Path Encoding Local Denial of Service Vulnerability
4. MiniWeb Remote Buffer Overflow Vulnerability
5. MiniWeb Source Code Information Disclosure Vulnerability
6. Xpdf JBIG2 Processing Multiple Security Vulnerabilities
7. CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
8. Avast! Antivirus RAR File Scan Evasion Vulnerability
9. Multiple ESET Antivirus Products RAR File Scan Evasion Vulnerability
10. Linux Kernel 'inet6_hashtables.c' NULL Pointer Dereference Denial of Service Vulnerability
11. Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
12. Linux Kernel CIFS 'serverDomain' Remote Buffer Overflow Vulnerability
13. Debian apt Repository Signature Verification Vulnerability
14. MoinMoin 'AttachFile.py' Multiple Cross Site Scripting Vulnerabilities
15. Zervit HTTP Server Malformed URI Remote Denial Of Service Vulnerability
16. SLURM 'sbcast' and 'strigger' Group Permissions Local Privilege Escalation Vulnerability
17. Debian git-core DEC Alpha & MIPS Local Privilege Escalation Vulnerability
18. Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
19. CUPS Insufficient 'Host' Header Validation Weakness
20. Linux Kernel 'drivers/char/agp/generic.c' Local Information Disclosure Vulnerability
21. Mahara User Profile Cross Site Scripting Vulnerability
22. aMule 'wxExecute()' Arbitrary Command Execution Vulnerability
23. acpid Local Denial of Service Vulnerability
III. LINUX FOCUS LIST SUMMARY
1. curuncula dbr rootkit detection tool
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Celebrity Viruses Improve Security
By Adam O'Donnell
Every so often, a computer virus becomes more than just a novelty for anti-virus researchers and moves into the consciousness of the mass media, even if it's not a grave threat.
http://www.securityfocus.com/columnists/499

2.Good Obfuscation, Bad Code
Antivirus analysts and security testers have to deal with a fundamental question every day: Is obfuscated code good or bad?
http://www.securityfocus.com/columnists/498

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Zervit 'http.c' Remote Buffer Overflow Vulnerability
BugTraq ID: 34530
Remote: Yes
Date Published: 2009-04-15
Relevant URL: http://www.securityfocus.com/bid/34530
Summary:
Zervit is prone to a remote buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Zervit 0.2 is vulnerable; other versions may also be affected.

2. udev Netlink Message Validation Local Privilege Escalation Vulnerability
BugTraq ID: 34536
Remote: No
Date Published: 2009-04-15
Relevant URL: http://www.securityfocus.com/bid/34536
Summary:
The 'udev' Linux application is prone to a local privilege-escalation vulnerability because it fails to properly handle netlink messages.

Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system.

This issue affects udev as shipped with Ubuntu Linux releases; other versions may also be vulnerable.

3. udev Path Encoding Local Denial of Service Vulnerability
BugTraq ID: 34539
Remote: No
Date Published: 2009-04-15
Relevant URL: http://www.securityfocus.com/bid/34539
Summary:
The 'udev' Linux application is prone to a local denial-of-service vulnerability.

Exploiting this issue allows local attackers to crash the application. Attackers may also be able to execute code with elevated privileges, but this has not been confirmed.

This issue affects udev as shipped with Ubuntu Linux releases; other versions may also be vulnerable.

4. MiniWeb Remote Buffer Overflow Vulnerability
BugTraq ID: 34563
Remote: Yes
Date Published: 2009-04-16
Relevant URL: http://www.securityfocus.com/bid/34563
Summary:
MiniWeb is prone to a remote buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

5. MiniWeb Source Code Information Disclosure Vulnerability
BugTraq ID: 34565
Remote: Yes
Date Published: 2009-04-16
Relevant URL: http://www.securityfocus.com/bid/34565
Summary:
MiniWeb is prone to a vulnerability that lets attackers access source code because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable computer in the context of the webserver process. Information obtained may aid in further attacks.

We don't know which versions of MiniWeb are affected. We will update this BID when further details are available.

6. Xpdf JBIG2 Processing Multiple Security Vulnerabilities
BugTraq ID: 34568
Remote: Yes
Date Published: 2009-04-16
Relevant URL: http://www.securityfocus.com/bid/34568
Summary:
Xpdf is prone to multiple security vulnerabilities.

Exploiting these issues may allow remote attackers to execute arbitrary code in the context of an affected application. Failed exploit attempts will likely cause denial-of-service conditions.

These issues affect multiple applications on multiple platforms that use the affected library.

7. CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
BugTraq ID: 34571
Remote: Yes
Date Published: 2009-04-16
Relevant URL: http://www.securityfocus.com/bid/34571
Summary:
CUPS is prone to an integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied TIFF image sizes before using them to allocate memory buffers.

Successful exploits may allow attackers to execute arbitrary code with the privileges of a user running the utilities. Failed exploit attempts likely cause denial-of-service conditions.

Versions prior to CUPS 1.3.10 are vulnerable.

8. Avast! Antivirus RAR File Scan Evasion Vulnerability
BugTraq ID: 34578
Remote: Yes
Date Published: 2009-04-17
Relevant URL: http://www.securityfocus.com/bid/34578
Summary:
Avast! Antivirus is prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.

9. Multiple ESET Antivirus Products RAR File Scan Evasion Vulnerability
BugTraq ID: 34582
Remote: Yes
Date Published: 2009-04-17
Relevant URL: http://www.securityfocus.com/bid/34582
Summary:
Multiple ESET products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect.

The following are vulnerable:

ESET Smart Security 4
ESET NOD32 Antivirus 4
ESET Smart Security 4 Business Edition
ESET NOD32 Antivirus 4 Business Edition
ESET NOD32 Antivirus for Exchange Server
ESET Mail Security
ESET NOD32 Antivirus for Lotus Domino Server
ESET File Security
ESET Novell Netware
ESET DELL STORAGE SERVERS
ESET NOD32 Antivirus for Linux gateway devices

10. Linux Kernel 'inet6_hashtables.c' NULL Pointer Dereference Denial of Service Vulnerability
BugTraq ID: 34602
Remote: No
Date Published: 2009-04-20
Relevant URL: http://www.securityfocus.com/bid/34602
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

This issue was introduced in Linux kernel 2.6.27 and fixed in 2.6.29.

11. Linux Kernel CIFS 'decode_unicode_ssetup()' Remote Buffer Overflow Vulnerability
BugTraq ID: 34612
Remote: Yes
Date Published: 2009-04-20
Relevant URL: http://www.securityfocus.com/bid/34612
Summary:
The Linux Kernel is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

12. Linux Kernel CIFS 'serverDomain' Remote Buffer Overflow Vulnerability
BugTraq ID: 34615
Remote: Yes
Date Published: 2009-04-20
Relevant URL: http://www.securityfocus.com/bid/34615
Summary:
The Linux Kernel is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

13. Debian apt Repository Signature Verification Vulnerability
BugTraq ID: 34630
Remote: Yes
Date Published: 2009-04-20
Relevant URL: http://www.securityfocus.com/bid/34630
Summary:
Debian 'apt' is prone to a signature-verification vulnerability.

An attacker may exploit this issue by first compromising a repository server or through man-in-the-middle attacks after gaining access to revoked or expired keys. Successful attacks may allow the attacker to execute arbitrary code on a vulnerable computer.

Versions prior to 'apt' 0.7.21 are affected.

14. MoinMoin 'AttachFile.py' Multiple Cross Site Scripting Vulnerabilities
BugTraq ID: 34631
Remote: Yes
Date Published: 2009-04-18
Relevant URL: http://www.securityfocus.com/bid/34631
Summary:
MoinMoin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

MoinMoin 1.8.2 is vulnerable; other versions may also be affected.

15. Zervit HTTP Server Malformed URI Remote Denial Of Service Vulnerability
BugTraq ID: 34637
Remote: Yes
Date Published: 2009-04-21
Relevant URL: http://www.securityfocus.com/bid/34637
Summary:
Zervit HTTP server is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input.

Attackers can exploit this issue to crash the affected application, denying service to legitimate users.

Zervit 0.3 is vulnerable; other versions may also be affected.

16. SLURM 'sbcast' and 'strigger' Group Permissions Local Privilege Escalation Vulnerability
BugTraq ID: 34638
Remote: No
Date Published: 2009-04-21
Relevant URL: http://www.securityfocus.com/bid/34638
Summary:
SLURM (Simple Linux Utility for Resource Management) is prone to a privilege-escalation vulnerability because it fails to properly drop group privileges.

A local attacker with sufficient privileges to interact with SLURM may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the affected computer.

Versions prior to SLURM 1.3.14 are vulnerable.

17. Debian git-core DEC Alpha & MIPS Local Privilege Escalation Vulnerability
BugTraq ID: 34644
Remote: No
Date Published: 2009-04-21
Relevant URL: http://www.securityfocus.com/bid/34644
Summary:
The Debian 'git-core' package is prone to a local privilege-escalation vulnerability because it fails to sufficiently validate user-supplied data.

An attacker can exploit this issue to execute arbitrary commands with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected computers.

This issue affects only DEC Alpha and MIPS architectures.

18. Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -14 through -22 Multiple Remote Vulnerabilities
BugTraq ID: 34656
Remote: Yes
Date Published: 2009-04-22
Relevant URL: http://www.securityfocus.com/bid/34656
Summary:
The Mozilla Foundation has released multiple security advisories specifying various vulnerabilities in Firefox, Thunderbird, and SeaMonkey.

Attackers can exploit these issues to bypass same-origin restrictions, obtain potentially sensitive information, and execute arbitrary script code with elevated privileges; other attacks are also possible.

19. CUPS Insufficient 'Host' Header Validation Weakness
BugTraq ID: 34665
Remote: Yes
Date Published: 2009-04-22
Relevant URL: http://www.securityfocus.com/bid/34665
Summary:
CUPS is prone to an insufficient 'Host' header validation weakness.

An attacker can use this weakness to carry out certain attacks such as DNS rebinding against the vulnerable server.

20. Linux Kernel 'drivers/char/agp/generic.c' Local Information Disclosure Vulnerability
BugTraq ID: 34673
Remote: No
Date Published: 2009-04-20
Relevant URL: http://www.securityfocus.com/bid/34673
Summary:
The Linux kernel is prone to a local information-disclosure vulnerability.

Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

Versions prior to the Linux kernel 2.6.30-rc3 are vulnerable.

21. Mahara User Profile Cross Site Scripting Vulnerability
BugTraq ID: 34677
Remote: Yes
Date Published: 2009-04-22
Relevant URL: http://www.securityfocus.com/bid/34677
Summary:
Mahara is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

22. aMule 'wxExecute()' Arbitrary Command Execution Vulnerability
BugTraq ID: 34683
Remote: Yes
Date Published: 2009-04-22
Relevant URL: http://www.securityfocus.com/bid/34683
Summary:
aMule is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the vulnerable application.

This issue affects aMule 2.2.4; other versions may also be vulnerable.

23. acpid Local Denial of Service Vulnerability
BugTraq ID: 34692
Remote: No
Date Published: 2009-04-21
Relevant URL: http://www.securityfocus.com/bid/34692
Summary:
acpid is prone to a local denial-of-service vulnerability.

Successful exploits will allow attackers to make the daemon unresponsive, resulting in denial-of-service conditions.

The issue affects versions prior to acpid 1.0.10.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
1. curuncula dbr rootkit detection tool
http://www.securityfocus.com/archive/91/502934

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Webex

Desktop Security On Demand

Today, the pressures of technology threats, regulatory compliance, and cost control have combined to force a renewed focus on corporate IT management. As a result, security and system management are top-of-mind considerations for IT managers within businesses of all sizes. Learn more today!

http://dinclinx.com/Redirect.aspx?36;4905;35;189;0;3;259;0e72602f272b1d7
e

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus