Linux Security News
SecurityFocus Linux Newsletter #446 Aug 19 2009 05:30PM
sfa securityfocus com
SecurityFocus Linux Newsletter #446
----------------------------------------

This issue is sponsored by Immunet

Are you running Anti-Virus from Symantec, AVG or Mcafee? Make it significantly more effective and harness the security of thousands of others with 'Collective Immunity'. See the beta for Immunet Protect here: https://www.immunet.com/user/new

------------------------------------------------------------------
I. FRONT AND CENTER
1.The Scale of Security
2.Hacker-Tool Law Still Does Little
II. LINUX VULNERABILITY SUMMARY
1. libxml2 Multiple Memory Corruption Vulnerabilities
2. Asterisk SIP Channel Driver 'scanf' Multiple Remote Denial of Service Vulnerabilities
3. Linux Kernel 'fs/proc/base.c' Local Information Disclosure Vulnerability
4. Sun Solaris XScreenSaver and Assistive Technology Support Security Bypass Vulnerability
5. cURL / libcURL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
6. HP Insight Control Suite for Linux (ICE-LX) Unspecified Security Vulnerability
7. Linux Kernel 'binfmt_flat.c' NULL Pointer Dereference Denial of Service Vulnerability
8. Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
III. LINUX FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.The Scale of Security
By Adam O'Donnell
Human beings do not naturally understand scale. While we speak of financial transactions in the hundreds of billions of dollars as being something as routine as brushing our teeth, we question the value of programs that cost in the single-digit millions and quibble with friends over dollars. Similarly, there are many problems in our industry that, when explained to an outsider, sound like they should have been solved decades ago. It is only when we relate the number of systems that need to be considered in the repair that we truly communicate the difficulty of the problem.
http://www.securityfocus.com/columnists/503

2. Hacker-Tool Law Still Does Little
By Mark Rasch
On August 10, 2007, a new section of the German Penal code went into effect. The statute, intended to implement certain provisions of the Council of Europe Treaty on Cybercrime, could be interpreted to make the creation or distribution of computer security software a criminal offense.
http://www.securityfocus.com/columnists/502

II. LINUX VULNERABILITY SUMMARY
------------------------------------
1. libxml2 Multiple Memory Corruption Vulnerabilities
BugTraq ID: 36010
Remote: Yes
Date Published: 2009-08-10
Relevant URL: http://www.securityfocus.com/bid/36010
Summary:
libxml2 is prone to multiple memory-corruption vulnerabilities.

An attacker can exploit these issues by tricking a victim into opening a specially crafted XML file.

A successful attack can allow attacker-supplied code to run in the context of the application using the vulnerable library or cause a denial-of-service condition.

2. Asterisk SIP Channel Driver 'scanf' Multiple Remote Denial of Service Vulnerabilities
BugTraq ID: 36015
Remote: Yes
Date Published: 2009-08-10
Relevant URL: http://www.securityfocus.com/bid/36015
Summary:
Asterisk is prone to multiple remote denial-of-service vulnerabilities.

Successful exploits can crash the SIP channel driver, resulting in denial-of-service conditions for legitimate users.

The issues affect the Asterisk 1.6.1.

Please note that other versions may also include the affected code but may not be exploitable as they do not allow SIP packets to exceed 1500 bytes total.

3. Linux Kernel 'fs/proc/base.c' Local Information Disclosure Vulnerability
BugTraq ID: 36019
Remote: No
Date Published: 2009-08-11
Relevant URL: http://www.securityfocus.com/bid/36019
Summary:
The Linux kernel is prone to a local information-disclosure vulnerability.

Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

4. Sun Solaris XScreenSaver and Assistive Technology Support Security Bypass Vulnerability
BugTraq ID: 36030
Remote: No
Date Published: 2009-08-11
Relevant URL: http://www.securityfocus.com/bid/36030
Summary:
Sun Solaris is prone to a security-bypass vulnerability that affects XScreenSaver and Assistive Technology Support.

A local attacker can exploit this issue to gain unauthorized access to the system that may lead to further attacks.

This issue affects the following on both SPARC and x86 platforms:

Solaris 10
OpenSolaris builds snv_01 through snv_110

5. cURL / libcURL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
BugTraq ID: 36032
Remote: Yes
Date Published: 2009-08-12
Relevant URL: http://www.securityfocus.com/bid/36032
Summary:
cURL and libcURL are prone to a security-bypass vulnerability because they fail to properly validate the domain name in a signed CA certificate, allowing attackers to substitute malicious SSL certificates for trusted ones.

This issue affects cURL and libcURL when compiled against OpenSSL.

Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks.

cURL and libcURL 7.4 through 7.19.5 are vulnerable. Additional applications which use the affected library may also be vulnerable.

6. HP Insight Control Suite for Linux (ICE-LX) Unspecified Security Vulnerability
BugTraq ID: 36036
Remote: Yes
Date Published: 2009-08-13
Relevant URL: http://www.securityfocus.com/bid/36036
Summary:
HP Insight Control Suite for Linux (ICE-LX) is prone to an unspecified security vulnerability.

Very little is known about this issue or its effects at this time. We will update this BID as more information emerges.

Version of HP Insight Control Suite for Linux (ICE-LX) prior to 2.11 are vulnerable.

7. Linux Kernel 'binfmt_flat.c' NULL Pointer Dereference Denial of Service Vulnerability
BugTraq ID: 36037
Remote: No
Date Published: 2009-08-13
Relevant URL: http://www.securityfocus.com/bid/36037
Summary:
The Linux kernel is prone to a local denial-of-service vulnerability.

Attackers can exploit this issue to crash the affected kernel, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.

This issue was introduced in Linux kernel 2.6.30; fixes have been committed to the Linux Git repository.

8. Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability
BugTraq ID: 36038
Remote: No
Date Published: 2009-08-13
Relevant URL: http://www.securityfocus.com/bid/36038
Summary:
The Linux kernel is prone to a local NULL-pointer dereference vulnerability.

A local attacker can exploit this issue to execute arbitrary code with superuser privileges or crash an affected kernel, denying service to legitimate users.

Versions prior to the Linux kernel 2.4.37.5 and 2.6.31-rc6 are vulnerable.

III. LINUX FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to linux-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Immunet

Are you running Anti-Virus from Symantec, AVG or Mcafee? Make it significantly more effective and harness the security of thousands of others with 'Collective Immunity'. See the beta for Immunet Protect here: https://www.immunet.com/user/new

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus