Linux Security News
SecurityFocus Linux Newsletter #440 Jun 11 2009 11:17PM
sfa securityfocus com
SecurityFocus Linux Newsletter #440
----------------------------------------

This issue is sponsored by VeriSign

VeriSign EV SSL Certificates for your sites. security turn the address bar in high security browsers green which helps your customers know they are safe on your site.

http://ad.doubleclick.net/clk;215510119;37701656;z

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Hacker-Tool Law Still Does Little
2. A Botnet by Any Other Name
II. LINUX VULNERABILITY SUMMARY
1. CUPS 'cups/ipp.c' NULL Pointer Dereference Denial Of Service Vulnerability
2. GStreamer gst-plugins-good 'gstpngdec.c' PNG Output Buffer Integer Overflow Vulnerability
3. OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability
4. strongSwan IKE Request Multiple Remote Denial Of Service Vulnerabilities
5. Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability
6. CUPS Scheduler Directory Services Remote Denial Of Service Vulnerability
7. CUPS PDF File Multiple Heap Buffer Overflow Vulnerabilities
8. Sun Java System Web Server Reverse Proxy Plug-in Cross-Site Scripting Vulnerability
9. Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
10. Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
11. Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
12. MoinMoin Hierarchical ACL Security Bypass Vulnerability
13. Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Hacker-Tool Law Still Does Little
By Mark Rasch
On August 10, 2007, a new section of the German Penal code went into effect. The statute, intended to implement certain provisions of the Council of Europe Treaty on Cybercrime, could be interpreted to make the creation or distribution of computer security software a criminal offense.
http://www.securityfocus.com/columnists/502

2. A Botnet by Any Other Name
By Gubter Ollmann
The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown - and currently unnamed - botnet consisting of some 1.9 million malicious agents.
http://www.securityfocus.com/columnists/501

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. CUPS 'cups/ipp.c' NULL Pointer Dereference Denial Of Service Vulnerability
BugTraq ID: 35169
Remote: Yes
Date Published: 2009-06-02
Relevant URL: http://www.securityfocus.com/bid/35169
Summary:
CUPS is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when processing two consecutive IPP_TAG_UNSUPPORTED tags in specially crafted IPP (Internet Printing Protocal) packets.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

2. GStreamer gst-plugins-good 'gstpngdec.c' PNG Output Buffer Integer Overflow Vulnerability
BugTraq ID: 35172
Remote: Yes
Date Published: 2009-06-02
Relevant URL: http://www.securityfocus.com/bid/35172
Summary:
GStreamer 'gst-plugins-good' is prone to an integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data before using it to allocate memory buffers.

Successful exploits will allow attacker-supplied code to run in the context of the user running the affected application. Failed attacks will result in denial-of-service conditions.

This issue affects gst-plugins-good 0.10.15; other versions may also be affected.

3. OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability
BugTraq ID: 35174
Remote: Yes
Date Published: 2009-06-02
Relevant URL: http://www.securityfocus.com/bid/35174
Summary:
OpenSSL is prone to a denial-of-service vulnerability caused by a NULL-pointer dereference condition.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

Versions prior to OpenSSL 0.9.8i are vulnerable.

4. strongSwan IKE Request Multiple Remote Denial Of Service Vulnerabilities
BugTraq ID: 35178
Remote: Yes
Date Published: 2009-06-02
Relevant URL: http://www.securityfocus.com/bid/35178
Summary:
strongSwan is prone to multiple remote denial-of-service vulnerabilities because it fail to properly handle certain IKE packets.

Attackers can exploit this issue to crash the IKEv2 charon daemon, denying access to legitimate users.

Versions prior to strongSwan 4.3.1 and 4.2.15 are vulnerable.

5. Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability
BugTraq ID: 35185
Remote: Yes
Date Published: 2009-06-02
Relevant URL: http://www.securityfocus.com/bid/35185
Summary:
The Linux kernel is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue via crafted packets to cause a kernel panic, denying service to legitimate users.

6. CUPS Scheduler Directory Services Remote Denial Of Service Vulnerability
BugTraq ID: 35194
Remote: Yes
Date Published: 2009-06-03
Relevant URL: http://www.securityfocus.com/bid/35194
Summary:
CUPS is prone to a denial-of-service vulnerability.

A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users.

7. CUPS PDF File Multiple Heap Buffer Overflow Vulnerabilities
BugTraq ID: 35195
Remote: Yes
Date Published: 2009-06-03
Relevant URL: http://www.securityfocus.com/bid/35195
Summary:
CUPS is prone to multiple heap-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer.

Exploiting these issues may allow remote attackers to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

8. Sun Java System Web Server Reverse Proxy Plug-in Cross-Site Scripting Vulnerability
BugTraq ID: 35204
Remote: Yes
Date Published: 2009-06-03
Relevant URL: http://www.securityfocus.com/bid/35204
Summary:
Sun Java System Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of a site that uses the affected functionality. This may help the attacker steal cookie-based authentication credentials and launch other attacks.

This issue affects Sun Java System Web Server 6.1 SPARC, x86, Linux, Windows, HP-UX, and AIX platforms.

9. Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability
BugTraq ID: 35221
Remote: Yes
Date Published: 2009-06-04
Relevant URL: http://www.securityfocus.com/bid/35221
Summary:
Apache 'APR-util' is prone to an integer-underflow vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of an affected application. Successful exploits will compromise the affected application and possibly the computer. Failed attacks will cause denial-of-service conditions.

Versions prior to 'APR-util' 1.3.5 are vulnerable.

10. Apache APR-util 'apr_brigade_vprintf' Off By One Vulnerability
BugTraq ID: 35251
Remote: Yes
Date Published: 2009-06-04
Relevant URL: http://www.securityfocus.com/bid/35251
Summary:
Apache 'APR-util' is prone to an off-by-one vulnerability that may allow attackers to obtain sensitive information or trigger a denial-of-service condition.

Given the nature of this issue, attackers may also be able to execute arbitrary code in the context of an application that uses the affected library, but this has not been confirmed.

Versions prior to 'APR-util' 1.3.5 on big-endian platforms are vulnerable.

11. Apache APR-util 'xml/apr_xml.c' Denial of Service Vulnerability
BugTraq ID: 35253
Remote: Yes
Date Published: 2009-06-06
Relevant URL: http://www.securityfocus.com/bid/35253
Summary:
Apache 'APR-util' is prone to a vulnerability that may allow attackers to cause an affected application to consume memory, resulting in a denial-of-service condition.

Versions prior to 'APR-util' 1.3.7 are vulnerable.

12. MoinMoin Hierarchical ACL Security Bypass Vulnerability
BugTraq ID: 35277
Remote: Yes
Date Published: 2009-06-10
Relevant URL: http://www.securityfocus.com/bid/35277
Summary:
MoinMoin is prone to a security-bypass vulnerability.

Successful exploits will allow attackers to bypass certain security restrictions and gain unauthorized access to restricted sub-pages. This may aim in further attacks.

This issue affects MoinMoin 1.8.3; other versions may also be affected.

13. Linux Kernel RTL8169 NIC Remote Denial of Service Vulnerability
BugTraq ID: 35281
Remote: Yes
Date Published: 2009-06-10
Relevant URL: http://www.securityfocus.com/bid/35281
Summary:
The Linux Kernel is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to crash the system, denying service to legitimate users.
Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed.

Versions prior to Linux Kernel 2.6.30 are vulnerable.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by VeriSign

VeriSign EV SSL Certificates for your sites. security turn the address bar in high security browsers green which helps your customers know they are safe on your site.

http://ad.doubleclick.net/clk;215510119;37701656;z

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus