Articles / Red Hat

All articles tagged with Red Hat

November 22, 2009 18:49 Red Hat: An updated xpdf package fixes multiple security ...

0

Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. Multiple integer overflow flaws were found in Xpdf. An attacker could create a malicious PDF file that would cause Xpdf to crash or, potentially, execute arbitrary code when opened. Updated packages are available from updates.redhat.com.

November 22, 2009 18:48 Red Hat: An updated xpdf package fixes multiple security ...

0

Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. Multiple integer overflow flaws were found in Xpdf. An attacker could create a malicious PDF file that would cause Xpdf to crash or, potentially, execute arbitrary code when opened. Updated packages are available from updates.redhat.com.

November 22, 2009 18:39 Red Hat: Updated java-1.4.2-ibm packages fix two security...

0

The IBM 1.4.2 SR13-FP1 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes two vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Updated packages are available from updates.redhat.com.

November 22, 2009 18:37 Red Hat: Updated acroread packages fix multiple security ...

0

Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Multiple flaws were discovered in Adobe Reader. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. Multiple flaws were discovered in Adobe Reader. A specially-crafted PDF file could cause Adobe Reader to crash when opened. An input validation flaw was found in Adobe Reader. Opening a specially-crafted PDF file could lead to a Trust Manager restrictions bypass. Updated packages are available from updates.redhat.com.

November 22, 2009 18:27 Red Hat: Updated squirrelmail package fixes several secur...

0

SquirrelMail is a standards-based webmail package written in PHP. Form submissions in SquirrelMail did not implement protection against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a user into visiting a malicious web page, the attacker could hijack that user’s authentication, inject malicious content into that user’s preferences, or possibly send mail without that user’s permission. Updated packages are available from updates.redhat.com.

November 22, 2009 18:23 Red Hat: Updated postgresql packages fix two security issues

0

PostgreSQL is an advanced object-relational database management system (DBMS). A flaw was found in the way PostgreSQL handled encoding conversion. A remote, authenticated user could trigger an encoding conversion failure, possibly leading to a temporary denial of service. Updated packages are available from updates.redhat.com.

November 22, 2009 18:09 Red Hat: Updated xen packages fix a security issue

0

Xen is an open source virtualization framework. Virtualization allows users to run guest operating systems in virtual machines on top of a host operating system. The pyGrub boot loader did not honor the “password” option in the grub.conf file for para-virtualized guests. Users with access to a guest’s console could use this flaw to bypass intended access restrictions and boot the guest with arbitrary kernel boot options, allowing them to get root privileges in the guest’s operating system. With this update, pyGrub correctly honors the “password” option in grub.conf for para-virtualized guests. Updated packages are available from updates.redhat.com.

November 22, 2009 18:07 Red Hat: An updated elinks package fixes two security issues

0

ELinks is a text-based Web browser. An off-by-one buffer overflow flaw was discovered in the way ELinks handled its internal cache of string representations for HTML special entities that would cause ELinks to crash or, possibly, execute arbitrary code when rendered. It was discovered that ELinks tried to load translation files using relative paths, which could be used to confuse the victim via incorrect translations, or cause ELinks to crash and possibly execute arbitrary code via embedded formatting sequences in translated messages. Updated packages are available from updates.redhat.com.

November 22, 2009 18:04 Red Hat: Updated openssh packages fix a security issue

0

OpenSSH is OpenBSD’s SSH (Secure Shell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. A Red Hat specific patch used in the openssh packages as shipped in Red Hat Enterprise Linux 5.4 loosened certain ownership requirements for directories used as arguments for the ChrootDirectory configuration options. A malicious user that also has or previously had non-chroot shell access to a system could possibly use this flaw to escalate their privileges and run commands as any system user. Updated packages are available from updates.redhat.com.

November 22, 2009 18:03 Red Hat: Updated kernel packages fix one security issue

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the Multiple Devices (md) driver, which could lead to a local denial of service or privilege escalation. Updated packages are available from updates.redhat.com.

November 22, 2009 17:58 Red Hat: Updated kernel packages fix two security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. It was discovered that, when executing a new process, the clear_child_tid pointer is not cleared, possibly leading to a local denial of service or privilege escalation. A flaw was found in the way the do_sigaltstack() function copies the stack_t structure to user-space. On 64-bit machines, this flaw could lead to a four-byte information leak. Updated packages are available from updates.redhat.com.

November 22, 2009 17:57 Red Hat: Updated kvm packages fix one security issue

0

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for the standard Red Hat Enterprise Linux kernel. The kvm_emulate_hypercall() implementation was missing a check for the Current Privilege Level (CPL). A local, unprivileged user in a virtual machine could use this flaw to cause a local denial of service or escalate their privileges within that virtual machine. Updated packages are available from updates.redhat.com.

November 22, 2009 17:40 Red Hat: Updated newt packages fix one security issue

0

Newt is a programming library for color text mode, widget-based user interfaces. A heap-based buffer overflow flaw was found in the way newt processes content that is to be displayed in a text dialog box. A local attacker could issue a specially-crafted text dialog box display request (direct or via a custom application), leading to a denial of service (application crash) or, potentially, arbitrary code execution with the privileges of the user running the application using the newt library. Updated packages are available from updates.redhat.com.

November 22, 2009 17:35 Red Hat: Updated cyrus-imapd packages fix several securit...

0

The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. Multiple buffer overflow flaws were found in the Cyrus IMAP Sieve implementation. An authenticated user able to create Sieve mail filtering rules could use these flaws to execute arbitrary code with the privileges of the Cyrus IMAP server user. Updated packages are available from updates.redhat.com.

November 22, 2009 17:31 Red Hat: Updated kernel packages fix several security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. Michael Tokarev reported a flaw in the Realtek r8169 Ethernet driver which could lead to a remote denial of service or code execution. Tavis Ormandy and Julien Tinnes of the Google Security Team reported a flaw in the SOCKOPS_WRAP macro which could use be used to cause a local denial of service or escalate their privileges. Tavis Ormandy and Julien Tinnes of the Google Security Team reported a flaw in the udp_sendmsg() implementation which could be used to cause a local denial of service or escalate their privileges. Updated packages are available from updates.redhat.com.

November 22, 2009 17:28 Red Hat: Updated pidgin packages fix several security issues

0

Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A NULL pointer dereference flaw was found in the way the Pidgin XMPP protocol plug-in processes IQ error responses when trying to fetch a custom smiley resulting in a program crash. A NULL pointer dereference flaw was found in the way the Pidgin IRC protocol plug-in handles IRC topics, which once received by Pidgin, would lead to a denial of service (Pidgin crash). It was discovered that, when connecting to certain, very old Jabber servers via XMPP, Pidgin may ignore the “Require SSL/TLS” setting, causing the user to believe they are using an encrypted connection when they are not, leading to sensitive information disclosure. A NULL pointer dereference flaw was found in the way the Pidgin MSN protocol plug-in handles improper MSNSLP invitations, which once accepted by a valid Pidgin user, would lead to a denial of service (Pidgin crash). Updated packages are available from updates.redhat.com.

November 22, 2009 17:26 Red Hat: Updated neon packages fix two security issues

0

neon is an HTTP and WebDAV client library, with a C interface. It was discovered that neon is affected by the previously published “null prefix attack”, caused by incorrect handling of NULL characters in X.509 certificates. A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. A remote attacker (malicious DAV server) could provide a specially-crafted XML document that would cause excessive memory and CPU consumption if an application using the neon XML parser was tricked into processing it. Updated packages are available from updates.redhat.com.

November 22, 2009 17:23 Red Hat: Updated freeradius packages that fix a security ...

0

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network. An input validation flaw was discovered in the way FreeRADIUS decoded specific RADIUS attributes from RADIUS packets. A remote attacker could use this flaw to crash the RADIUS daemon (radiusd) via a specially-crafted RADIUS packet. Updated packages are available from updates.redhat.com.

November 22, 2009 17:13 Red Hat: Updated kernel packages fix several security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. The ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed which could be used to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack. It was discovered that, when executing a new process, the clear_child_tid pointer is not cleared, possibly leading to a local denial of service or privilege escalation. Solar Designer reported a missing capability check in the z90crypt driver which could allow a local user with an effective user ID (euid) of 0 to bypass intended capability restrictions. A flaw was found in the do_sigaltstack() function which could lead to a four-byte information leak. Updated packages are available from updates.redhat.com.

September 26, 2009 06:41 Red Hat: Updated seamonkey packages fix several security ...

0

SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. A use-after-free flaw was found in SeaMonkey. An attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. Dan Kaminsky discovered flaws in the way browsers such as SeaMonkey handle NULL characters in a certificate. Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. A flaw was found in the way SeaMonkey displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. Dan Kaminsky found that browsers still accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. Updated packages are available from updates.redhat.com.

September 26, 2009 06:25 Red Hat: Updated firefox packages fix several security is...

0

Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A use-after-free flaw was found in Firefox. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative. A flaw was found in the way Firefox displays the address bar when window.open() is called in a certain way. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. A flaw was found in the way Firefox displays certain Unicode characters. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. Updated packages are available from updates.redhat.com.

September 26, 2009 06:18 Red Hat: Updated xmlsec1 packages fix security issue

0

The XML Security Library is a C library based on libxml2 and OpenSSL. It implements the XML Signature Syntax and Processing and XML Encryption Syntax and Processing standards. A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature specification. Updated packages are available from updates.redhat.com.

September 26, 2009 06:15 Red Hat: An updated fetchmail package fixes multiple secu...

0

Fetchmail is a remote mail retrieval and forwarding utility intended for use over on-demand TCP/IP links, such as SLIP and PPP connections. It was discovered that fetchmail is affected by the previously published “null prefix attack”, caused by incorrect handling of NULL characters in X.509 certificates. A flaw was found in the way fetchmail handles rejections from a remote SMTP server when sending warning mail to the postmaster. If fetchmail sent a warning mail to the postmaster of an SMTP server and that SMTP server rejected it, fetchmail could crash. When fetchmail is run in double verbose mode, it could crash upon receiving certain, malformed mail messages with long headers. A remote attacker could use this flaw to cause a denial of service if fetchmail was also running in daemon mode. Updated packages are available from updates.redhat.com.

September 21, 2009 21:41 Red Hat: Updated openoffice.org packages correct security...

0

OpenOffice.org is an office productivity suite. An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parses certain records in Microsoft Word documents. An attacker could create a specially-crafted Microsoft Word document, which once opened by an unsuspecting user, could cause OpenOffice.org to crash or, potentially, execute arbitrary code with the permissions of the user running OpenOffice.org. Updated packages are available from updates.redhat.com.

September 21, 2009 21:32 Red Hat: Updated mysql packages fix various security issues

0

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. MySQL did not correctly check directories used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. Using this flaw, an authenticated attacker could elevate their access privileges to tables created by other database users. A flaw was found in the way MySQL handles an empty bit-string literal. A remote, authenticated attacker could crash the MySQL server daemon (mysqld) if they used an empty bit-string literal in an SQL statement. An insufficient HTML entities quoting flaw was found in the mysql command line client’s HTML output mode leading to a cross-site scripting (XSS) attack against victims viewing the HTML output in a web browser. Multiple format string flaws were found in the way the MySQL server logs user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specifically-crafted SQL command that would cause a temporary denial of service (open connections to mysqld are terminated). Updated packages are available from updates.redhat.com.

September 21, 2009 21:30 Red Hat: Updated gdm packages fix a security issue

0

The GNOME Display Manager (GDM) is a configurable re-implementation of XDM, the X Display Manager. A flaw was found in the way the gdm package was built. The gdm package was missing TCP wrappers support, which could result in an administrator believing they had access restrictions enabled when they did not. Updated packages are available from updates.redhat.com.

September 21, 2009 21:26 Red Hat: Updated cman packages fix several security issues

0

The Cluster Manager (cman) utility provides services for managing a Linux cluster. Multiple insecure temporary file use flaws were found in fence_apc_snmp and ccs_tool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. Updated packages are available from updates.redhat.com.

September 21, 2009 10:06 Red Hat: Updated gfs2-utils package fixes multiple securi...

0

The gfs2-utils package provides the user-space tools necessary to mount, create, maintain, and test GFS2 file systems. Multiple insecure temporary file use flaws were discovered in GFS2 user level utilities. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. Updated packages are available from updates.redhat.com.

September 21, 2009 10:04 Red Hat: Updated openssl packages fix several security is...

0

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength general purpose cryptography library. Multiple denial of service flaws were discovered in OpenSSL’s DTLS implementation. A remote attacker could use these flaws to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer dereference. An input validation flaw was found in the handling of the BMPString and UniversalString ASN1 string types in OpenSSL’s ASN1_STRING_print_ex() function. An attacker could use this flaw to create a specially-crafted X.509 certificate that could cause applications using the affected function to crash when printing certificate contents. Updated packages are available from updates.redhat.com.

September 21, 2009 10:03 Red Hat: An updated nfs-utils package fixes a security issue

0

The nfs-utils package provides a daemon for the kernel NFS server and related tools. It was discovered that nfs-utils did not use tcp_wrappers correctly. Certain hosts access rules defined in “/etc/hosts.allow” and “/etc/hosts.deny” may not have been honored, possibly allowing remote attackers to bypass intended access restrictions. Updated packages are available from updates.redhat.com.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.