RSS
All articles

January 23, 2013 15:39 Debian: Security update for Zend Framework

0

Yury Dyachenko discovered that Zend Framework uses the PHP XML parser in an insecure way, allowing attackers to open files and trigger HTTP requests, potentially accessing restricted information.

Updated packages are available from security.debian.org.

January 23, 2013 15:38 Red Hat: Security update for GIMP

0

GIMP Toolkit (GTK+) is a multi-platform toolkit for creating graphical user interfaces. An integer overflow flaw was found in the X BitMap (XBM) image file loader in GTK+. A remote attacker could provide a specially-crafted XBM image file that, when opened in an application linked against GTK+ (such as Nautilus), would cause the application to crash.

Updated packages are available from ftp.redhat.com.

January 23, 2013 15:36 Red Hat: Security update for Apache

0

The httpd packages contain the Apache HTTP Server (httpd), which is the namesake project of The Apache Software Foundation. Input sanitization flaws were found in the mod_negotiation module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use these flaws to conduct cross-site scripting and HTTP response splitting attacks against users visiting the site.

Updated packages are available from ftp.redhat.com.

January 23, 2013 15:34 Red Hat: Security update for Ruby

0

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application created files with names based on untrusted input, it could result in the creation of files with different names than expected.

Updated packages are available from ftp.redhat.com.

January 23, 2013 15:31 Red Hat: Security update for FreeRADIUS

0

FreeRADIUS is an open-source Remote Authentication Dial-In User Service (RADIUS) server which allows RADIUS clients to perform authentication against the RADIUS server. It was found that the “unix” module ignored the password expiration setting in “/etc/shadow”. If FreeRADIUS was configured to use this module for user authentication, this flaw could allow users with an expired password to successfully authenticate, even though their access should have been denied.

Updated packages are available from ftp.redhat.com.

January 21, 2013 17:41 Red Hat: Security update for HPLIP

0

Hewlett-Packard Linux Imaging and Printing (HPLIP) provides drivers for Hewlett-Packard (HP) printers and multifunction peripherals. It was found that the HP CUPS (Common UNIX Printing System) fax filter in HPLIP created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting arbitrary files accessible to a process using the fax filter (such as the hp3-sendfax tool).

Updated packages are available from ftp.redhat.com.

January 21, 2013 17:40 Red Hat: Security update for libvirt

0

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Bus and device IDs were ignored when attempting to attach multiple USB devices with identical vendor or product IDs to a guest. This could result in the wrong device being attached to a guest, giving that guest root access to the device.

Updated packages are available from ftp.redhat.com.

January 21, 2013 17:39 Red Hat: Security update for GNOME Virtual File System

0

The gnome-vfs2 packages provide the GNOME Virtual File System, which is the foundation of the Nautilus file manager. neon is an HTTP and WebDAV client library embedded in the gnome-vfs2 packages. A denial of service flaw was found in the neon Extensible Markup Language (XML) parser. Visiting a malicious DAV server with an application using gnome-vfs2 (such as Nautilus) could possibly cause the application to consume an excessive amount of CPU and memory.

Updated packages are available from ftp.redhat.com.

January 21, 2013 17:38 Red Hat: Security update for SquirrelMail

0

SquirrelMail is a standards-based webmail package written in PHP. The SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum text stated, correct the CVE-2010-2813 issue, a flaw in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server.

Updated packages are available from ftp.redhat.com.

January 21, 2013 17:36 Red Hat: Security update for Wireshark

0

Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF (Extensible Record Format) capture files. If Wireshark opened a specially-crafted ERF capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.

Updated packages are available from ftp.redhat.com.

January 18, 2013 09:02 Red Hat: Security update for Conga

0

The Conga project is a management system for remote workstations. It consists of luci, which is a secure web-based front end, and ricci, which is a secure daemon that dispatches incoming messages to underlying management modules. It was discovered that luci stored usernames and passwords in session cookies. This issue prevented the session inactivity timeout feature from working correctly, and allowed attackers able to get access to a session cookie to obtain the victim’s authentication credentials.

Updated packages are available from ftp.redhat.com.

January 18, 2013 08:13 Red Hat: Security update for SNMP

0

These packages provide various libraries and tools for the Simple Network Management Protocol (SNMP). An out-of-bounds buffer read flaw was found in the net-snmp agent. A remote attacker with read privileges to a Management Information Base (MIB) subtree handled by the “extend” directive (in “/etc/snmp/snmpd.conf”) could use this flaw to crash snmpd via a crafted SNMP GET request.

Updated packages are available from ftp.redhat.com.

January 18, 2013 07:29 Red Hat: Security update for Tcl

0

Tcl (Tool Command Language) provides a powerful platform for creating integration applications that tie together diverse applications, protocols, devices, and frameworks. Two denial of service flaws were found in the Tcl regular expression handling engine. If Tcl or an application using Tcl processed a specially-crafted regular expression, it would lead to excessive CPU and memory consumption.

Updated packages are available from ftp.redhat.com.

January 18, 2013 07:28 Red Hat: Security update for OpenIPMI

0

The OpenIPMI packages provide command line tools and utilities to access platform information using Intelligent Platform Management Interface (IPMI). System administrators can use OpenIPMI to manage systems and to perform system health monitoring. It was discovered that the IPMI event daemon (ipmievd) created its process ID (PID) file with world-writable permissions. A local user could use this flaw to make the ipmievd init script kill an arbitrary process when the ipmievd daemon is stopped or restarted.

January 18, 2013 07:26 Red Hat: Security update for quota

0

The quota package provides system administration tools for monitoring and limiting user and group disk usage on file systems. It was discovered that the rpc.rquotad service did not use tcp_wrappers correctly. Certain hosts access rules defined in “/etc/hosts.allow” and “/etc/hosts.deny” may not have been honored, possibly allowing remote attackers to bypass intended access restrictions.

Updated packages are available from ftp.redhat.com.

January 16, 2013 08:21 Debian: Security update for GnuPG

0

KB Sriram discovered that GnuPG, the GNU Privacy Guard did not sufficiently sanitise public keys on import, which could lead to memory and keyring corruption.

Updated packages are available from security.debian.org.

January 16, 2013 08:21 Debian: Security update for CUPS

0

Jann Horn discovered that users of the CUPS printing system who are part of the lpadmin group could modify several configuration parameters with security impact. Specifically, this allows an attacker to read or write arbitrary files as root which can be used to elevate privileges.

Updated packages are available from security.debian.org.

January 16, 2013 08:20 Debian: Security update for nss

0

Google, Inc. discovered that the TurkTrust certification authority included in the Network Security Service libraries (nss) mis-issued two intermediate CA’s which could be used to generate rogue end-entity certificates. This update explicitly distrusts those two intermediate CA’s. The two existing TurkTrust root CA’s remain active.

Updated packages are available from security.debian.org.

January 16, 2013 08:18 Debian: Security update for Weechat

0

Two security issues have been discovered in Weechat a, fast, light and extensible chat client. X.509 certificates were incorrectly validated. The hook_process function in the plugin API allowed the execution of arbitrary shell commands.

Updated packages are available from security.debian.org.

January 16, 2013 08:17 Debian: Security update for rails

0

joernchen of Phenoelit discovered that rails, an MVC ruby based framework geared for web application development, is not properly treating user-supplied input to find_by_* methods. Depending on how the ruby on rails application is using these methods, this allows an attacker to perform SQL injection attacks, e.g., to bypass authentication if Authlogic is used and the session secret token is known.

Updated packages are available from security.debian.org.

January 14, 2013 08:58 Debian: Security update for mediawiki-extensions

0

Thorsten Glaser discovered that the RSSReader extension for mediawiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the mediawiki pages.

Updated packages are available from security.debian.org.

January 14, 2013 08:58 Debian: Security update for Ghostscript

0

Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code.

Updated packages are available from security.debian.org.

January 14, 2013 08:57 Debian: Security update for Virtualbox

0

“halfdog” discovered that incorrect interrupt handling in Virtualbox, a x86 virtualization solution - can lead to denial of service.

Updated packages are available from security.debian.org.

January 14, 2013 08:56 Ubuntu: Security update for MoinMoin

0

It was discovered that MoinMoin did not properly sanitize its input when processing AnyWikiDraw and TWikiDraw actions. A remote attacker with write access could exploit this to overwrite arbitrary files and execute arbitrary code with the priviliges of the web server (user ‘www-data’). It was discovered that MoinMoin also did not properly sanitize its input when processing the AttachFile action. A remote attacker could exploit this to overwrite files via directory traversal.

Updated packages are available from security.ubuntu.com.

January 14, 2013 08:55 Debian: Security update for moin

0

It was discovered that missing input validation in the twikidraw and anywikidraw actions can result in the execution of arbitrary code. This security issue is being actively exploited.

Updated packages are available from security.debian.org.

January 14, 2013 08:54 Debian: Security update for elinks

0

Marko Myllynen discovered that elinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate. Updated packages are available from security.debian.org.

January 11, 2013 17:07 Debian: Security update for wireshark

0

Bjorn Mork and Laurent Butti discovered crashes in the PPP and RTPS2 dissectors, which could potentially result in the execution of arbitrary code.

Updated packages are available from security.debian.org.

January 11, 2013 17:06 Ubuntu: Security update for the Linux kernel

0

A flaw was discovered in the Linux kernel’s handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

Updated packages are available from security.ubuntu.com.

January 11, 2013 17:05 Ubuntu: Security update for AppArmor

0

Dan Rosenberg discovered that the example AppArmor profile for chromium-browser could be escaped by calling xdg-settings with a crafted environment.

Updated packages are available from security.ubuntu.com.

January 11, 2013 17:05 Ubuntu: Security update for Libav

0

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

Updated packages are available from security.ubuntu.com.

Screenshot

Project Spotlight

gjots

A note jotter that organizes ideas, notes, and facts in a heirarchy.

Screenshot

Project Spotlight

Lbzip2

A parallel, SMP-based, bzip2-compatible compression utility.