Security News > 2008 > October > Linux Advisory Watch: October 3rd, 2008

Linux Advisory Watch: October 3rd, 2008
2008-10-06 06:19

+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | October 3rd, 2008 Volume 9, Number 40 | | | | Editorial Team: Dave Wreski | | Benjamin D. Thomas | +----------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week advisories were released for clamav, wireshark, pam_mount, openafs, mozilla-thunderbird, mozilla-firefox, xen, seamonkey, and xulrunner. The distributors include Gentoo, Mandriva, Red Hat, Slackware, and Ubuntu. --- Norwich University's Master of Science in Information Assurance (MSIA) program, designated by the National Security Agency as providing academically excellent education in Information Assurance, provides you with the skills to manage and lead an organization-wide information security program and the tools to fluently communicate the intricacies of information security at an executive level. http://www.linuxsecurity.com/ads/adclick.php?bannerid=12 --- Never Installed a Firewall on Ubuntu? Try Firestarter ----------------------------------------------------- When I typed on Google "Do I really need a firewall?" 695,000 results came across. And I'm pretty sure they must be saying "Hell yeah!". In my opinion, no one would ever recommend anyone to sit naked on the internet keeping in mind the insecurity internet carries these days, unless you really know what you are doing. Read on for more information on Firestarter. http://www.linuxsecurity.com/content/view/142641 --- Review: Hacking Exposed Linux, Third Edition -------------------------------------------- "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack. http://www.linuxsecurity.com/content/view/141165 --> Take advantage of the LinuxSecurity.com Quick Reference Card! http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.20 Now Available (Aug 19) ------------------------------------------------------ Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.20 (Version 3.0, Release 20). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce. http://www.linuxsecurity.com/content/view/141173 ------------------------------------------------------------------------ * Gentoo: ClamAV Multiple Denials of Service (Sep 25) --------------------------------------------------- Multiple vulnerabilities in ClamAV may result in a Denial of Service. http://www.linuxsecurity.com/content/view/142640 * Gentoo: Wireshark Multiple Denials of Service (Sep 25) ------------------------------------------------------ Multiple Denial of Service vulnerabilities have been discovered in Wireshark. http://www.linuxsecurity.com/content/view/142639 * Gentoo: Git User-assisted execution of arbitrary code (Sep 25) -------------------------------------------------------------- Multiple buffer overflow vulnerabilities have been discovered in Git. http://www.linuxsecurity.com/content/view/142638 ------------------------------------------------------------------------ * Mandriva: Subject: [Security Announce] [ MDVSA-2008:208 ] pam_mount (Sep 29) ---------------------------------------------------------------------------- pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount. The updated packages have been patched to fix the issue. http://www.linuxsecurity.com/content/view/142769 * Mandriva: Subject: [Security Announce] [ MDVSA-2008:207 ] openafs (Sep 29) -------------------------------------------------------------------------- A race condition in OpenAFS 1.3.40 through 1.4.5 allowed remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks (CVE-2007-6559). The updated packages have been patched to prevent this issue. http://www.linuxsecurity.com/content/view/142768 * Mandriva: Subject: [Security Announce] [ MDVSA-2008:206 ] mozilla-thunderbird (Sep 26) -------------------------------------------------------------------------------------- A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.17 (CVE-2008-0016, CVE-2008-3835, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4070). This update provides the latest Thunderbird to correct these issues. http://www.linuxsecurity.com/content/view/142647 * Mandriva: Subject: [Security Announce] [ MDVSA-2008:205 ] mozilla-firefox (Sep 25) ---------------------------------------------------------------------------------- Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.17 (CVE-2008-0016, CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4069). This update provides the latest Firefox to correct these issues. http://www.linuxsecurity.com/content/view/142642 ------------------------------------------------------------------------ * RedHat: Moderate: wireshark security update (Oct 1) --------------------------------------------------- Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/142862 * RedHat: Important: xen security and bug fix update (Oct 1) ---------------------------------------------------------- Updated xen packages that resolve a couple of security issues and fix a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/142863 * RedHat: Moderate: thunderbird security update (Oct 1) ----------------------------------------------------- Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/142864 ------------------------------------------------------------------------ * Slackware: mozilla-thunderbird (Sep 27) ----------------------------------------- New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, and -current to fix security issues. More details about the issues may be found on the Mozilla site: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.h tml http://www.linuxsecurity.com/content/view/142648 * Slackware: mozilla-firefox (Sep 26) ------------------------------------- New mozilla-firefox packages are available for Slackware 10.2, 11.0, 12.0, 12.1, and -current to fix security issues. More details about the issues may be found on the Mozilla site: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html http://www.linuxsecurity.com/content/view/142644 * Slackware: seamonkey (Sep 26) ------------------------------- New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. More details about the issues may be found here: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html http://www.linuxsecurity.com/content/view/142645 ------------------------------------------------------------------------ * Ubuntu: Thunderbird vulnerabilities (Sep 25) --------------------------------------------- It was discovered that the same-origin check in Thunderbird could be bypassed. If a user had JavaScript enabled and were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the browser engine of Thunderbird. If a user had JavaScript enabled, this could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) http://www.linuxsecurity.com/content/view/142643 * Ubuntu: Firefox and xulrunner regression (Sep 25) -------------------------------------------------- USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream patches introduced a regression in the saved password handling. While password data was not lost, if a user had saved any passwords with non-ASCII characters, Firefox could not access the password database. This update fixes the problem. http://www.linuxsecurity.com/content/view/142636 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/


News URL

http://www.linuxsecurity.com/ads/adclick.php?bannerid=12

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2008-09-27 CVE-2008-4070 Buffer Errors vulnerability in Mozilla Seamonkey and Thunderbird
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."
network
low complexity
mozilla CWE-119
critical
10.0
2008-09-24 CVE-2008-0016 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox and Seamonkey
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.
network
low complexity
mozilla CWE-119
critical
10.0
2008-09-24 CVE-2008-3835 Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors.
network
low complexity
mozilla CWE-264
7.5
2008-09-24 CVE-2008-3836 Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.
0.0
2008-09-24 CVE-2008-3837 Remote vulnerability in Mozilla Firefox/SeaMonkey/Thunderbird
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.
network
mozilla debian canonical
critical
9.3
2008-09-24 CVE-2008-4058 Permissions, Privileges, and Access Controls vulnerability in multiple products
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.
network
low complexity
mozilla debian canonical CWE-264
7.5
2008-09-24 CVE-2008-4059 Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox
The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.
network
low complexity
mozilla CWE-264
7.5
2008-09-24 CVE-2008-4060 Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox, Seamonkey and Thunderbird
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to (1) the document.loadBindingDocument function and (2) XSLT.
network
low complexity
mozilla CWE-264
7.5
2008-09-24 CVE-2008-4061 Numeric Errors vulnerability in multiple products
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine.
network
low complexity
mozilla debian canonical CWE-189
critical
10.0
2008-09-24 CVE-2008-4062 Resource Management Errors vulnerability in multiple products
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp.
network
low complexity
mozilla debian canonical CWE-399
critical
10.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 17 384 2365 1508 667 4924