It's been an exceptionally good work week for all you reverse
engineers and "testers" out there living outside the Security Matrix!
They were incredibly quick disassembling the JIT Compiler:
--
JIT Just In Time Javascript Compiler FireFox 3.5 Zero day Exploit/Bug:
The first zero-day exploit for Firefox 3.5 was revealed publicly on
Monday, in the form of a vulnerability in the browser's Just-in-time
compiler. Unlike older methods of execution, which interpret the
bytecode created from the browser's source code, a Just-in-time
compiler transforms the bytecode into native machine code just before
executing it, resulting in significant performance improvements.
Attackers can utilize the vulnerability to execute malicious code on
the user's system by luring them to a website containing the exploit
code.
Pending a final patch, Mozilla is recommending that users disable the
JIT through the about:config dialog in order to circumvent the
exploit.
http://www.linuxjournal.com/content/jitter-bug
http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/
--
CentOS DHCP = Critical (File security vector)
http://article.gmane.org/gmane.linux.centos.announce/4033
https://rhn.redhat.com/errata/RHSA-2009-1154.html
--
Debian Apache2 mod_proxy = Moderate (Denial of Service)
http://www.debian.org/security/faq
Debian tiff several vulnerabilities (Crash)
http://article.gmane.org/gmane.comp.security.bugtraq/40488
Debian fsckeditor (buffer overflow)
http://article.gmane.org/gmane.comp.security.bugtraq/40507
--
Fedora libtiff (buffer overflow via tiff)
http://article.gmane.org/gmane.linux.redhat.enterprise.announce/1281
Fedora 11 Seamonkey
http://article.gmane.org/gmane.linux.redhat.fedora.package.announce/26258
[ 1 ] Bug #507812 - CVE-2009-2210 Thunderbird mail crash
https://bugzilla.redhat.com/show_bug.cgi?id=507812
[ 2 ] Bug #503583 - CVE-2009-1841 Firefox JavaScript arbitrary code execution
https://bugzilla.redhat.com/show_bug.cgi?id=503583
[ 3 ] Bug #503578 - CVE-2009-1836 Firefox SSL tampering via non-200
responses to proxy CONNECT requests
https://bugzilla.redhat.com/show_bug.cgi?id=503578
[ 4 ] Bug #503580 - CVE-2009-1838 Firefox arbitrary code execution flaw
https://bugzilla.redhat.com/show_bug.cgi?id=503580
[ 5 ] Bug #503576 - CVE-2009-1835 Firefox Arbitrary domain cookie
access by local file: resources
https://bugzilla.redhat.com/show_bug.cgi?id=503576
[ 6 ] Bug #503569 - CVE-2009-1832 Firefox double frame construction flaw
https://bugzilla.redhat.com/show_bug.cgi?id=503569
[ 7 ] Bug #496271 - CVE-2009-1311 Firefox POST data sent to wrong
site when saving web page with embedded frame
https://bugzilla.redhat.com/show_bug.cgi?id=496271
[ 8 ] Bug #496263 - CVE-2009-1307 Firefox Same-origin violations
when Adobe Flash loaded via view-source: protocol
https://bugzilla.redhat.com/show_bug.cgi?id=496263
Fedora 11 Popler (PDF attack vector)
http://article.gmane.org/gmane.linux.redhat.fedora.package.announce/26381
--
Gentoo/Mandriva DHCP (buffer overflow)
http://article.gmane.org/gmane.linux.mandrake.security.announce/1997
Gentoo/Mandriva PulseAudio (privilege escalation)
http://article.gmane.org/gmane.linux.gentoo.announce/1764
--
To search the archives for your distro and version see:
http://search.gmane.org/
Advanced Searches for scripts:
You can use this page that takes the same form parameters as the
search does (query, author, group, sort, DEFAULTOP) as the form.php
line for scripts. For example:
http://search.gmane.org/form.php?group=gmane.discuss&sort=date
Example cron Line to mail yourself these security alerts every Saturday:
Season to taste for your distro and content:
12 3 * * 6 * root sh /root/bin/bugtraq
/root/bin/bugtraq
#!/bin/bash
DATE=`date +%Y%m%d`
wget
http://news.gmane.org/gmane.comp.security.bugtraq
mv gmane.comp.security.bugtraq bugtraq.$DATE
cat bugtraq.$DATE |sendmail
someemailIcannotignore@mydailyread.com
Configure your own search parameters based on group, sort, query, etc.
for the wget line.
--
http://linuxgazette.net/164/kachold.html
(623)239-3392
(503)754-4452
www.obnosis.com
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss