Linux Security News
SecurityFocus Linux Newsletter #443 Jul 14 2009 11:30PM
sfa securityfocus com
SecurityFocus Linux Newsletter #443
----------------------------------------

This issue is sponsored by Ironkey

INTRODUCING THE WORLD'S ONLY FIPS 140-2 LEVEL 3 VALIDATED USB FLASH DRIVE

Designed to meet the needs of military, government and demanding enterprise users, the IronKey. S200 series USB flash drives have passed the stringent Security Level 3 tests for the FIPS 140-2 standard. A rugged, tamper-resistant and tamper-evident enclosure protects the critical components, while strong AES 256-bit hardware encryption and active malware defenses safeguard even the most sensitive data. Enterprise-class central management capabilities also make it easy to enforce security policies on fleets of drives and even remotely destroy drives in the field.

Learn more at https://www.ironkey.com/S200_Launch

------------------------------------------------------------------
I. FRONT AND CENTER
1. Hacker-Tool Law Still Does Little
2. A Botnet by Any Other Name
II. LINUX VULNERABILITY SUMMARY
1. Horde 'Passwd' Module Cross Site Scripting Vulnerability
2. XScreenSaver Symbolic Link Local Information Disclosure Vulnerability
3. Bugzilla Bug Status Modification Security Bypass Vulnerability
4. Apache 'mod_deflate' Remote Denial Of Service Vulnerability
5. Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Vulnerability
6. LibTIFF Multiple Remote Integer Overflow Vulnerabilities
7. ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability
8. ISC DHCP Server Host Definition Remote Denial Of Service Vulnerability
9. ISC DHCP 'dhcpd -t' Command Insecure Temporary File Creation Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Hacker-Tool Law Still Does Little
By Mark Rasch
On August 10, 2007, a new section of the German Penal code went into effect. The statute, intended to implement certain provisions of the Council of Europe Treaty on Cybercrime, could be interpreted to make the creation or distribution of computer security software a criminal offense.
http://www.securityfocus.com/columnists/502

2. A Botnet by Any Other Name
By Gubter Ollmann
The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown - and currently unnamed - botnet consisting of some 1.9 million malicious agents.
http://www.securityfocus.com/columnists/501

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. Horde 'Passwd' Module Cross Site Scripting Vulnerability
BugTraq ID: 35573
Remote: Yes
Date Published: 2009-07-05
Relevant URL: http://www.securityfocus.com/bid/35573
Summary:
The Horde 'Passwd' module is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.

Versions prior to Horde 'Passwd' 3.1.1 are vulnerable.

2. XScreenSaver Symbolic Link Local Information Disclosure Vulnerability
BugTraq ID: 35574
Remote: No
Date Published: 2009-07-05
Relevant URL: http://www.securityfocus.com/bid/35574
Summary:
XScreenSaver is prone to a local information-disclosure vulnerability.

A local attacker can exploit this issue to obtain sensitive information that may lead to further attacks.

XScreenSaver 5.01 is vulnerable; other versions may also be affected.

3. Bugzilla Bug Status Modification Security Bypass Vulnerability
BugTraq ID: 35604
Remote: Yes
Date Published: 2009-07-08
Relevant URL: http://www.securityfocus.com/bid/35604
Summary:
Bugzilla is prone to a security-bypass vulnerability.

Successful exploits will allow authenticated attackers to modify the status of bug reports, which may aid in further attacks.

The following are vulnerable:

Bugzilla 3.1.1 through 3.2.3
Bugzilla 3.3.1 through 3.3.4

4. Apache 'mod_deflate' Remote Denial Of Service Vulnerability
BugTraq ID: 35623
Remote: Yes
Date Published: 2009-07-06
Relevant URL: http://www.securityfocus.com/bid/35623
Summary:
The Apache 'mod_deflate' module is prone to a denial-of-service vulnerability.

Successful exploits may allow remote attackers to cause denial-of-service conditions and prevent legitimate users from accessing the services.

5. Linux Kernel 'PER_CLEAR_ON_SETID' Incomplete Personality List Access Validation Vulnerability
BugTraq ID: 35647
Remote: Yes
Date Published: 2009-07-13
Relevant URL: http://www.securityfocus.com/bid/35647
Summary:
The Linux Kernel is prone to an unauthorized-access vulnerability because of an error in the definition of the 'PER_CLEAR_ON_SETID' personalities mask. These masks are defined in the 'include/linux/personality.h' source file.

An attacker can exploit this issue to perform privileged operations on a vulnerable computer, which may aid in further attacks.

6. LibTIFF Multiple Remote Integer Overflow Vulnerabilities
BugTraq ID: 35652
Remote: Yes
Date Published: 2009-07-13
Relevant URL: http://www.securityfocus.com/bid/35652
Summary:
LibTIFF is prone to multiple remote integer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit these issues to execute arbitrary malicious code in the context of a user running an application that uses the affected library. Failed exploit attempts will likely crash the application.

LibTIFF 3.8.2, 3.9, and 4.0 are vulnerable; other versions may also be affected.

7. ISC DHCP 'dhclient' 'script_write_params()' Stack Buffer Overflow Vulnerability
BugTraq ID: 35668
Remote: Yes
Date Published: 2009-07-14
Relevant URL: http://www.securityfocus.com/bid/35668
Summary:
The ISC DHCP client 'dhclient' is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a fixed-length buffer.

Successfully exploiting this issue allows a remote attacker to execute arbitrary code with superuser privileges, resulting in a complete compromise of the affected computer.

8. ISC DHCP Server Host Definition Remote Denial Of Service Vulnerability
BugTraq ID: 35669
Remote: Yes
Date Published: 2009-07-14
Relevant URL: http://www.securityfocus.com/bid/35669
Summary:
ISC DHCP Server is prone to a remote denial-of-service vulnerability because it fails to adequately handle specially crafted DHCP requests.

Attackers can exploit this issue to cause the server to terminate, thus denying service to legitimate users.

9. ISC DHCP 'dhcpd -t' Command Insecure Temporary File Creation Vulnerability
BugTraq ID: 35670
Remote: No
Date Published: 2009-07-14
Relevant URL: http://www.securityfocus.com/bid/35670
Summary:
ISC DHCP creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic link attacks to overwrite arbitrary attacker-specified files.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Ironkey

INTRODUCING THE WORLD'S ONLY FIPS 140-2 LEVEL 3 VALIDATED USB FLASH DRIVE

Designed to meet the needs of military, government and demanding enterprise users, the IronKey. S200 series USB flash drives have passed the stringent Security Level 3 tests for the FIPS 140-2 standard. A rugged, tamper-resistant and tamper-evident enclosure protects the critical components, while strong AES 256-bit hardware encryption and active malware defenses safeguard even the most sensitive data. Enterprise-class central management capabilities also make it easy to enforce security policies on fleets of drives and even remotely destroy drives in the field.

. Always-On AES 256-bit Hardware Encryption

. FIPS 140-2 Level 3 Validated

. Hardened Case.Waterproof Beyond MIL-STD-810F

. Remote Management Software

Research for the IronKey architecture was funded in part by the U.S. Department of Homeland Security. In addition, IronKey maintains a trusted supply chain: all research and development is performed in the USA, and all boards are built and all drives are assembled in secure facilities in the USA.

IronKey Basic S200 drives will also be available in high-capacity 16GB models.

https://www.ironkey.com/S200_Launch?ik_c=s200_launch&ik_s=security_focus
&ik_t=newsletter

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus