Weekly Vulnerabilities Reports > July 7 to 13, 2008

Overview

3 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 2 high severity vulnerabilities. This weekly summary report vulnerabilities in 18 products from 8 vendors including Debian, Linux, Opensuse, Canonical, and Novell. Vulnerabilities are notably categorized as "NULL Pointer Dereference", "Insufficient Entropy", and "Improper Privilege Management".

  • 1 reported vulnerabilities are remotely exploitables.
  • 6 reported vulnerabilities have public exploit available.
  • 1 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

0 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS

2 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-07-09 CVE-2008-2931 Linux
Debian
Novell
Opensuse
Canonical
Improper Privilege Management vulnerability in multiple products

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

7.8
2008-07-09 CVE-2008-2812 Linux
Canonical
Novell
Opensuse
Suse
Debian
Avaya
NULL Pointer Dereference vulnerability in multiple products

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.

7.8

1 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2008-07-08 CVE-2008-1447 ISC Insufficient Entropy vulnerability in ISC Bind 4/8/9.2.9

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."

6.8

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS