Security News > 2010 > August > Linux Advisory Watch: August 20th, 2010

Linux Advisory Watch: August 20th, 2010
2010-08-23 07:43

+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | August 20th, 2010 Volume 11, Number 34 | | | | Editorial Team: Dave Wreski | | Benjamin D. Thomas | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Review: Zabbix 1.8 Network Monitoring ------------------------------------- If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side. http://www.linuxsecurity.com/content/view/152990 Meet the Anti-Nmap: PSAD ------------------------ How would you know if someone is scanning your defenses? Is there any way to properly respond to such scans? You bet there is... http://www.linuxsecurity.com/content/view/134248 --> Take advantage of the LinuxSecurity.com Quick Reference Card! http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2094-1: linux-2.6: privilege escalation/denial (Aug 19) --------------------------------------------------------------- CVE-2009-4895 Kyle Bader reported an issue in the tty subsystem that allows local users to create a denial of service (NULL pointer dereference). [More...] http://www.linuxsecurity.com/content/view/153078 * Debian: 2093-1: ghostscript: Multiple vulnerabilities (Aug 19) -------------------------------------------------------------- Two security issues have been discovered in Ghostscript, the GPL PostScript/PDF interpreter. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/153069 * Debian: 1919-2: smarty: Multiple vulnerabilities (Aug 17) --------------------------------------------------------- A regression was found in the patch applied in DSA 1919-1 to smarty, which caused compilation failures on some specific templates. This update corrects the fix. For reference, the full advisory text below. [More...] http://www.linuxsecurity.com/content/view/153063 * Debian: 2092-1: lxr-cvs: missing input sanitizing (Aug 17) ---------------------------------------------------------- Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks. [More...] http://www.linuxsecurity.com/content/view/153062 * Debian: 2091-1: squirrelmail: No user-specific token impl (Aug 12) ------------------------------------------------------------------ SquirrelMail, a webmail application, does not employ a user-specific token for webforms. This allows a remote attacker to perform a Cross Site Request Forgery (CSRF) attack. The attacker may hijack the authentication of unspecified victims and send messages or change user preferences among other [More...] http://www.linuxsecurity.com/content/view/153028 ------------------------------------------------------------------------ * Mandriva: 2010:155: mysql (Aug 20) ---------------------------------- Multiple vulnerabilities has been found and corrected in mysql: MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# [More...] http://www.linuxsecurity.com/content/view/153085 * Mandriva: 2010:154: cabextract (Aug 16) --------------------------------------- Multiple vulnerabilities has been found and corrected in cabextract: The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a test or extract action, related [More...] http://www.linuxsecurity.com/content/view/153049 * Mandriva: 2010:153: apache (Aug 16) ----------------------------------- Multiple vulnerabilities has been found and corrected in apache: The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path (CVE-2010-1452). [More...] http://www.linuxsecurity.com/content/view/153048 * Mandriva: 2010:152: apache (Aug 16) ----------------------------------- A vulnerabilitiy has been found and corrected in apache: The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path (CVE-2010-1452). [More...] http://www.linuxsecurity.com/content/view/153046 * Mandriva: 2010:151: libmikmod (Aug 16) -------------------------------------- A vulnerability has been discovered and corrected in libmikmod: Multiple heap-based buffer overflows might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file (CVE-2009-3995). [More...] http://www.linuxsecurity.com/content/view/153039 * Mandriva: 2010:150: libsndfile (Aug 14) --------------------------------------- A vulnerability has been discovered and corrected in libsndfile: The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service [More...] http://www.linuxsecurity.com/content/view/153038 * Mandriva: 2010:149: freetype2 (Aug 12) -------------------------------------- A vulnerability has been discovered and corrected in freetype2: Multiple stack overflow flaws have been reported in the way FreeType font rendering engine processed certain CFF opcodes. An attacker could use these flaws to create a specially-crafted font file that, [More...] http://www.linuxsecurity.com/content/view/153015 * Mandriva: 2010:148: pidgin (Aug 12) ----------------------------------- A security vulnerability has been identified and fixed in pidgin: The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and [More...] http://www.linuxsecurity.com/content/view/153008 ------------------------------------------------------------------------ * Red Hat: 2010:0636-02: acroread: Critical Advisory (Aug 20) ----------------------------------------------------------- Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. [More...] http://www.linuxsecurity.com/content/view/153079 * Red Hat: 2010:0627-01: kvm: Important Advisory (Aug 19) ------------------------------------------------------- Updated kvm packages that fix three security issues and multiple bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/153076 * Red Hat: 2010:0633-01: qspice: Important Advisory (Aug 19) ---------------------------------------------------------- Updated qspice packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/153077 * Red Hat: 2010:0631-01: kernel-rt: Important Advisory (Aug 17) ------------------------------------------------------------- Updated kernel-rt packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise MRG 1.2. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/153060 ------------------------------------------------------------------------ * SuSE: 2010-035: Linux kernel (Aug 18) ------------------------------------- This SUSE Linux Enterprise 10 SP3 kernel was updated to fix various bugs and one security issue. CVE-2010-1087: The nfs_wait_on_request function in fs/nfs/pagelist.c in the Linux kernel allows attackers to cause a denial of service (Oops) [More...] http://www.linuxsecurity.com/content/view/153064 * SuSE: Weekly Summary 2010:015 (Aug 17) -------------------------------------- To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. List of vulnerabilities in this summary include: gpg2, krb5, kvirc, libpcsclite1/pcsc-lite, libpython2_6-1_0, libvorbis, libwebkit, squidGuard, strongswan. http://www.linuxsecurity.com/content/view/153050 * SuSE: 2010-034: flash-player (Aug 13) ------------------------------------- Flash Player was updated to version 10.1.82.76 fixing several critical security issues: - CVE-2010-0209: CVSS v2 Base Score: 9.3: Code Injection (CWE-94) Details unknown. - CVE-2010-2188: CVSS v2 Base Score: 6.8: Buffer Errors (CWE-119) [More...] http://www.linuxsecurity.com/content/view/153030 ------------------------------------------------------------------------ * Ubuntu: 974-1: Linux kernel vulnerabilities (Aug 19) ---------------------------------------------------- Gael Delalleu, Rafal Wojtczuk, and Brad Spengler discovered that the memorymanager did not properly handle when applications grow stacks into adjacentmemory regions. A local attacker could exploit this to gain control ofcertain applications, potentially leading to privilege escalation, asdemonstrated in attacks against the X server. (CVE-2010-2240) [More...] http://www.linuxsecurity.com/content/view/153075 * Ubuntu: 973-1: KOffice vulnerabilities (Aug 17) ----------------------------------------------- Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that theXpdf used in KOffice contained multiple security issues in its JBIG2decoder. If a user or automated system were tricked into opening a craftedPDF file, an attacker could cause a denial of service or execute arbitrarycode with privileges of the user invoking the program. (CVE-2009-0146, [More...] http://www.linuxsecurity.com/content/view/153061 * Ubuntu: 972-1: FreeType vulnerabilities (Aug 17) ------------------------------------------------ It was discovered that FreeType did not correctly handle certain malformedfont files. If a user were tricked into using a specially crafted fontfile, a remote attacker could cause FreeType to crash or possibly executearbitrary code with user privileges. [More...] http://www.linuxsecurity.com/content/view/153059 * Ubuntu: 971-1: OpenJDK vulnerabilities (Aug 16) ----------------------------------------------- It was discovered that the IcedTea plugin did not correctly check certainaccesses. If a user or automated system were tricked into running aspecially crafted Java applet, a remote attacker could read arbitraryfiles with user privileges, leading to a loss of privacy. (CVE-2010-2548,CVE-2010-2783) [More...] http://www.linuxsecurity.com/content/view/153047 ------------------------------------------------------------------------ * Pardus: 2010-105: Gnupg: Arbitrary Code Execution (Aug 12) ---------------------------------------------------------- A vulnerability has been fixed in GnuPG, which can be exploited by malicious people to potentially compromise a user's system. http://www.linuxsecurity.com/content/view/153016 * Pardus: 2010-109: Cabextract: Multiple (Aug 12) ----------------------------------------------- Multiple vulnerabilities have been fixed in cabextract. http://www.linuxsecurity.com/content/view/153017 * Pardus: 2010-107: Firefox: Multiple Vulnerabilities (Aug 12) ------------------------------------------------------------ Multiple vulnerabilities have been fixed in Firefox. http://www.linuxsecurity.com/content/view/153018 * Pardus: 2010-110: Iputils: Denial of Service (Aug 12) ----------------------------------------------------- A denial of service vulnerability has been fixed in Iputils. http://www.linuxsecurity.com/content/view/153019 * Pardus: 2010-111: Vte: Arbitrary Code Execution (Aug 12) -------------------------------------------------------- A vulnerability has been fixed in Vte, which an allow malicious users to execute arbitrary code http://www.linuxsecurity.com/content/view/153020 * Pardus: 2010-112: Kernel: Multiple Vulnerabilities (Aug 12) ----------------------------------------------------------- Multiple vulnerabilities have been fixed in kernel http://www.linuxsecurity.com/content/view/153021 * Pardus: 2010-113: Wireshark: Multiple (Aug 12) ---------------------------------------------- Multiple vulnerabilities have been fixed in Wireshark. http://www.linuxsecurity.com/content/view/153022 * Pardus: 2010-114: FreeType: Multiple Vulnerabilities (Aug 12) ------------------------------------------------------------- Multiple vulnerabilities have been fixed in FreeType. http://www.linuxsecurity.com/content/view/153023 * Pardus: 2010-115: Kvirc: Remote Code Execution (Aug 12) ------------------------------------------------------- A vulnerability was fixed in kvirc, which can be used by malicious people to execute arbitrary IRC commands via CTCP request. http://www.linuxsecurity.com/content/view/153024 * Pardus: 2010-108: Rekonq: XSS Vulnerability (Aug 12) ---------------------------------------------------- Universal XSS vulnerability has been fixed in Rekonq. http://www.linuxsecurity.com/content/view/153025 * Pardus: 2010-116: Pidgin: Denial of Service (Aug 12) ---------------------------------------------------- A flaw has been fixed in Pidgin, which can allow remote attackers to cause denial of service via X-Status message. http://www.linuxsecurity.com/content/view/153026 * Pardus: 2010-106: Qt: Multiple Vulnerabilities (Aug 12) ------------------------------------------------------- Multiple vulnerabilities have been fixed in Qt. http://www.linuxsecurity.com/content/view/153027 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ _______________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isn


News URL

http://www.linuxsecurity.com/content/view/152990

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-10-31 CVE-2010-2548 Incorrect Authorization vulnerability in Redhat Icedtea6 1.7
IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files.
network
low complexity
redhat CWE-863
6.4
2019-10-31 CVE-2010-2783 Information Exposure vulnerability in Redhat Icedtea6 1.7
IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services.
network
low complexity
redhat CWE-200
6.4
2010-09-08 CVE-2009-4895 NULL Pointer Dereference vulnerability in multiple products
Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions.
local
high complexity
linux debian canonical CWE-476
4.7
2010-09-03 CVE-2010-2240 Code Injection vulnerability in Linux Kernel
The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.
0.0
2010-08-11 CVE-2010-0209 Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216.
network
adobe CWE-94
critical
9.3
2010-07-28 CVE-2010-1452 Unspecified vulnerability in Apache Http Server
The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
0.0
2010-06-15 CVE-2010-2188 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
network
adobe macromedia CWE-119
critical
9.3
2010-04-06 CVE-2010-1087 The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible. 0.0
2009-12-18 CVE-2009-3995 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file.
network
nullsoft raphael-assenat CWE-119
critical
9.3
2009-04-23 CVE-2009-0146 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (2) JBIG2Stream::readSymbolDictSeg.
4.3

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 17 374 2505 1534 665 5078