Articles / Red Hat

RSS All articles tagged with Red Hat

July 02, 2009 10:14 Red Hat: Updated httpd packages fix multiple security issues

0

The Apache HTTP Server is a popular Web server. An off-by-one overflow flaw was found in the way apr-util processed a variable list of arguments, which could potentially lead to the disclosure of sensitive information or a denial of service (application crash). A denial of service flaw was found in the apr-util Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine. A heap-based underwrite flaw was found in the way apr-util created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. Updated packages are available from updates.redhat.com.

July 02, 2009 10:11 Red Hat: Updated apr-util packages fix multiple security ...

0

apr-util is a utility library used with the Apache Portable Runtime (APR). An off-by-one overflow flaw was found in the way apr-util processed a variable list of arguments, which could potentially lead to the disclosure of sensitive information or a denial of service (application crash). A denial of service flaw was found in the apr-util Extensible Markup Language (XML) parser that would cause excessive memory consumption when processed by the XML decoding engine. A heap-based underwrite flaw was found in the way apr-util created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. Updated packages are available from updates.redhat.com.

July 02, 2009 10:08 Red Hat: Updated kernel packages fix several security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. Several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings, possibly leading to a denial of service or privilege escalation on the client mounting the CIFS share. A flaw in the Linux kernel Network File System daemon (nfsd) implementation could possibly lead to an information leak or privilege escalation. Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations, which could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. A missing check was found in the hypervisor_callback() function, which could cause a denial of service of a Xen guest. A flaw was found in the AGPGART driver, which could possibly lead to an information leak. Updated packages are available from updates.redhat.com.

July 02, 2009 09:43 Red Hat: An updated cscope package fixes multiple securit...

0

cscope is a mature, ncurses-based, C source-code tree browsing tool. Multiple buffer overflow flaws were found in cscope. An attacker could create a specially crafted source code file that could cause cscope to crash or, possibly, execute arbitrary code when browsed with cscope. Updated packages are available from updates.redhat.com.

July 02, 2009 09:40 Red Hat: An updated cscope package fixes multiple securit...

0

cscope is a mature, ncurses-based, C source-code tree browsing tool. Multiple buffer overflow flaws were found in cscope. An attacker could create a specially crafted source code file that could cause cscope to crash or, possibly, execute arbitrary code when browsed with cscope. Updated packages are available from updates.redhat.com.

July 02, 2009 09:36 Red Hat: Updated wireshark packages fix several security ...

0

Wireshark is a program for monitoring network traffic. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. Updated packages are available from updates.redhat.com.

July 02, 2009 09:29 Red Hat: Updated seamonkey packages fix several security ...

0

SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. A flaw was found in the processing of malformed, local file content. If a user loaded malicious, local content via the file:// URL, it was possible for that content to access other local data. Updated packages are available from updates.redhat.com.

July 01, 2009 09:03 Red Hat: Updated firefox packages fix several security is...

0

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. Multiple flaws were found in the processing of malformed, local file content. If a user loaded malicious, local content via the file:// URL, it was possible for that content to access other local data. A script, privilege elevation flaw was found in the way Firefox loaded XML User Interface Language (XUL) scripts. Firefox and certain add-ons could load malicious content when certain policy checks did not happen. A flaw was found in the way Firefox displayed certain Unicode characters in International Domain Names (IDN). If an IDN contained invalid characters, they may have been displayed as spaces, making it appear to the user that they were visiting a trusted site. A flaw was found in the way Firefox handled error responses returned from proxy servers. If an attacker is able to conduct a man-in-the-middle attack against a Firefox instance that is using a proxy server, they may be able to steal sensitive information from the site the user is visiting. Updated packages are available from updates.redhat.com.

July 01, 2009 09:01 Red Hat: Updated mod_jk packages fix one security issue

0

mod_jk is an Apache Tomcat connector that allows Apache Tomcat and the Apache HTTP Server to communicate with each other. An information disclosure flaw was found in mod_jk. In certain situations, if a faulty client set the “Content-Length” header without providing data, or if a user sent repeated requests very quickly, one user may view a response intended for another user. Updated packages are available from updates.redhat.com.

June 07, 2009 16:03 Debian: New apr-util packages fix several vulnerabilities

0

Apr-util, the Apache Portable Runtime Utility library, is used by Apache 2.x, Subversion, and other applications. “kcope” discovered a flaw in the handling of internal XML entities in the apr_xml_* interface that can be exploited to use all available memory. This denial of service can be triggered remotely in the Apache mod_dav and mod_dav_svn modules. Matthew Palmer discovered an underflow flaw in the apr_strmatch_precompile function that can be exploited to cause a daemon crash. Updated packages are available from Updated packages are available from security.debian.org.

June 07, 2009 16:01 Red Hat: Updated cups packages that fix one security issue

0

The Common UNIX® Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The Internet Printing Protocol (IPP) allows users to print and manage printing-related tasks over a network. A NULL pointer dereference flaw was found in the CUPS IPP routine, used for processing incoming IPP requests for the CUPS scheduler. An attacker could use this flaw to send specially-crafted IPP requests that would crash the cupsd daemon. Updated packages are available from updates.redhat.com.

June 07, 2009 11:31 Red Hat: Updated kernel-rt packages that fix several secu...

0

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the Common Internet File System (CIFS) implementation. When mounting a CIFS share, a malicious server could send an overly-long string to the client, possibly leading to a denial of service or privilege escalation on the client mounting the CIFS share. The Network File System daemon (nfsd) implementation did not drop the CAP_MKNOD capability when handling requests from local, unprivileged users. This flaw could possibly lead to an information leak or privilege escalation. A deficiency was found in the signals implementation. The kill_something_info() function did not check if a process was outside the caller’s namespace before sending the kill signal, making it possible to kill processes in all process ID (PID) namespaces, breaking PID namespace isolation. A flaw was found in the AGPGART driver which could possibly lead to an information leak. Updated packages are available from updates.redhat.com.

May 31, 2009 09:51 Red Hat: An updated squirrelmail package fixes multiple s...

0

SquirrelMail is a standards-based webmail package written in PHP. A server-side code injection flaw was found in the SquirrelMail “map_yp_alias” function. If SquirrelMail was configured to retrieve a user’s IMAP server address from a Network Information Service (NIS) server via the “map_yp_alias” function, an unauthenticated, remote attacker using a specially-crafted username could use this flaw to execute arbitrary code with the privileges of the web server. Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. An attacker could construct a carefully crafted URL, which once visited by an unsuspecting user, could cause the user’s web browser to execute malicious script in the context of the visited SquirrelMail web page. It was discovered that SquirrelMail did not properly sanitize Cascading Style Sheets (CSS) directives used in HTML mail. A remote attacker could send a specially-crafted email that could place mail content above SquirrelMail’s controls, possibly allowing phishing and cross-site scripting attacks. Updated packages are available from updates.redhat.com.

May 31, 2009 09:23 Red Hat: Updated httpd packages fix two security issues

0

The Apache HTTP Server is a popular and freely-available Web server. A flaw was found in the handling of compression structures between mod_ssl and OpenSSL. If too many connections were opened in a short period of time, all system memory and swap space would be consumed by httpd, negatively impacting other processes, or causing a system crash. A flaw was found in the handling of the “Options” and “AllowOverride” directives. In configurations using the “AllowOverride” directive with certain “Options=” arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended. Updated packages are available from updates.redhat.com.

May 25, 2009 10:57 Red Hat: Updated freetype packages fix various security i...

0

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. These packages provide the FreeType 2 font engine. Tavis Ormandy of the Google Security Team discovered several integer overflow flaws in the FreeType 2 font engine. If a user loaded a carefully-crafted font file with an application linked against FreeType 2, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Updated packages are available from updates.redhat.com.

May 25, 2009 10:54 Red Hat: An updated pidgin package fixes multiple securit...

0

Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. A denial of service flaw was found in Pidgin’s QQ protocol decryption handler. When the QQ protocol decrypts packet information, heap data can be overwritten, possibly causing Pidgin to crash. A flaw was found in the way Pidgin’s PurpleCircBuffer object is expanded. If the buffer is full when more data arrives, the data stored in this buffer becomes corrupted. This corrupted data could result in confusing or misleading data being presented to the user, or possibly crash Pidgin. Updated packages are available from updates.redhat.com.

May 25, 2009 10:52 Red Hat: Updated freetype packages fix various security i...

0

FreeType is a free, high-quality, portable font engine that can open and manage font files. Tavis Ormandy and Chris Evans discovered several integer overflow flaws in the FreeType 2 font engine leading to an application crash or, possibly, execute arbitrary code with the privileges of the user running the application. Updated packages are available from updates.redhat.com.

May 25, 2009 10:33 Red Hat: Updated kernel packages fix one security issue

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow was found in the Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation. This could, potentially, lead to a remote denial of service or arbitrary code execution if a Forward-TSN chunk is received with a large stream ID. Updated packages are available from updates.redhat.com.

May 25, 2009 10:29 Red Hat: An updated ntp package fixes two security issues

0

The Network Time Protocol (NTP) is used to synchronize a computer’s time with a referenced time source. A buffer overflow flaw was discovered in the ntpd daemon’s NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd. A buffer overflow flaw was found in the ntpq diagnostic command. A malicious, remote server could send a specially-crafted reply to an ntpq request that could crash ntpq. Updated packages are available from updates.redhat.com.

May 25, 2009 10:23 Red Hat: Updated java-1.5.0-ibm packages fix several secu...

0

The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities summarized on the IBM “Security alerts” page listed in the References section of the advisory. Updated packages are available from updates.redhat.com.

May 25, 2009 10:21 Red Hat: An updated ipsec-tools package fixes multiple se...

0

The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. An unauthenticated, remote attacker could trigger a NULL pointer dereference that could cause the racoon daemon to crash. Multiple memory leak flaws were found in the ipsec-tools racoon daemon. If a remote attacker is able to make multiple connection attempts to the racoon daemon, it was possible to cause the racoon daemon to consume all available memory. Updated packages are available from updates.redhat.com.

May 25, 2009 10:19 Red Hat: Updated kernel packages fix two security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. The exit_notify() function did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. The Network File System (NFS) implementation did not properly initialize the file name limit in the nfs_server data structure. This flaw could possibly lead to a denial of service on a client mounting an NFS share. Updated packages are available from updates.redhat.com.

May 25, 2009 10:15 Red Hat: An updated util-linux package fixes one security...

0

The util-linux package contains a collection of basic system utilities, such as fdisk and mount. A log injection attack was found in util-linux when logging log in attempts via the audit subsystem of the Linux kernel. A remote attacker could use this flaw to modify certain parts of logged events, possibly hiding their activities on a system. Updated packages are available from updates.redhat.com.

May 17, 2009 16:29 Red Hat: Updated poppler packages fix multiple security i...

0

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Multiple integer overflow flaws were found in poppler. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code when opened. Multiple flaws were found in poppler’s JBIG2 decoder that could lead to the freeing of arbitrary memory. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code when opened. Updated packages are available from updates.redhat.com.

May 17, 2009 16:23 Red Hat: An updated perl-DBD-Pg package fixes two securit...

0

Perl DBI is a database access Application Programming Interface (API) for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. A heap-based buffer overflow flaw was discovered in the pg_getline function implementation. If the pg_getline or getline functions read large, untrusted records from a database, it could cause an application using these functions to crash or, possibly, execute arbitrary code. A memory leak flaw was found in the function performing the de-quoting of BYTEA type values acquired from a database. An attacker able to cause an application using perl-DBD-Pg to perform a large number of SQL queries returning BYTEA records, could cause the application to use excessive amounts of memory or, possibly, crash. Updated packages are available from updates.redhat.com.

May 17, 2009 16:21 Red Hat: Updated acroread packages fix two security issues

0

Adobe Reader allows users to view and print documents in Portable Document Format (PDF). Two flaws were discovered in Adobe Reader’s JavaScript API. A PDF file containing malicious JavaScript instructions could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader. Updated packages are available from updates.redhat.com.

May 11, 2009 12:52 Red Hat: Updated pango packages fix an integer overflow flaw

0

Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the permissions of the application calling Pango. Updated packages are available from updates.redhat.com.

May 11, 2009 12:50 Red Hat: An updated acpid package fixes one security issue

0

acpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs. Anthony de Almeida Lopes of Outpost24 AB reported a denial of service flaw in the acpid daemon’s error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. Updated packages are available from updates.redhat.com.

May 11, 2009 12:46 Red Hat: Updated kernel packages fix several security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A logic error was found in the Network File System (NFS) implementation. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. A deficiency was found in the system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration. The exit_notify() function could allow a local, unprivileged user to elevate their privileges. A flaw was found in the eCryptfs implementation which could lead to an information leak. The Network File System (NFS) did not properly initialize the file name limit in the nfs_server data structure which could possibly lead to a denial of service on a client mounting an NFS share. Updated packages are available from updates.redhat.com.

May 04, 2009 08:42 Red Hat: Updated kernel packages fix several security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A logic error was found in the do_setlk() function of the Network File System (NFS) implementation. This could cause a denial of service on the NFS server if a file descriptor was closed before its corresponding lock request returned. A deficiency was found in the system call auditing implementation on 64-bit systems. This could allow a local, unprivileged user to circumvent a system call audit configuration. Chris Evans reported a deficiency in the signals implementation. This could lead to a denial of service of the parent. The sock_getsockopt() function did not properly initialize a data structure that can be directly returned to user-space when the getsockopt() function is called with SO_BSDCOMPAT optname set. This flaw could possibly lead to memory disclosure. Updated packages are available from updates.redhat.com.

Screenshot

Project Spotlight

PHP Email address validation component

PHP class to verify if a e-mail address is valid.

Screenshot

Project Spotlight

JS-Collider

An event-driven Java network (NIO) framework.