[PLUG-Devel] Linux Security Alerts

Lisa Kachold lisakachold at obnosis.com
Sun Jul 19 12:13:16 MST 2009


It's been an exceptionally good work week for all you reverse
engineers and "testers" out there living outside the Security Matrix!

They were incredibly quick disassembling the JIT Compiler:

-- 

JIT Just In Time Javascript Compiler FireFox 3.5 Zero day Exploit/Bug:

The first zero-day exploit for Firefox 3.5 was revealed publicly on
Monday, in the form of a vulnerability in the browser's Just-in-time
compiler. Unlike older methods of execution, which interpret the
bytecode created from the browser's source code, a Just-in-time
compiler transforms the bytecode into native machine code just before
executing it, resulting in significant performance improvements.
Attackers can utilize the vulnerability to execute malicious code on
the user's system by luring them to a website containing the exploit
code.

Pending a final patch, Mozilla is recommending that users disable the
JIT through the about:config dialog in order to circumvent the
exploit.

http://www.linuxjournal.com/content/jitter-bug
http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/

--
CentOS DHCP = Critical (File security vector)
http://article.gmane.org/gmane.linux.centos.announce/4033
https://rhn.redhat.com/errata/RHSA-2009-1154.html

--
Debian Apache2 mod_proxy = Moderate (Denial of Service)
http://www.debian.org/security/faq

Debian tiff several vulnerabilities (Crash)
http://article.gmane.org/gmane.comp.security.bugtraq/40488

Debian fsckeditor (buffer overflow)
http://article.gmane.org/gmane.comp.security.bugtraq/40507
--
Fedora libtiff (buffer overflow via tiff)
http://article.gmane.org/gmane.linux.redhat.enterprise.announce/1281

Fedora 11 Seamonkey
http://article.gmane.org/gmane.linux.redhat.fedora.package.announce/26258

  [ 1 ] Bug #507812 - CVE-2009-2210 Thunderbird mail crash
        https://bugzilla.redhat.com/show_bug.cgi?id=507812
  [ 2 ] Bug #503583 - CVE-2009-1841 Firefox JavaScript arbitrary code execution
        https://bugzilla.redhat.com/show_bug.cgi?id=503583
  [ 3 ] Bug #503578 - CVE-2009-1836 Firefox SSL tampering via non-200
responses to proxy CONNECT requests
        https://bugzilla.redhat.com/show_bug.cgi?id=503578
  [ 4 ] Bug #503580 - CVE-2009-1838 Firefox arbitrary code execution flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=503580
  [ 5 ] Bug #503576 - CVE-2009-1835 Firefox Arbitrary domain cookie
access by local file: resources
        https://bugzilla.redhat.com/show_bug.cgi?id=503576
  [ 6 ] Bug #503569 - CVE-2009-1832 Firefox double frame construction flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=503569
  [ 7 ] Bug #496271 - CVE-2009-1311 Firefox POST data sent to wrong
site when saving web page with embedded frame
        https://bugzilla.redhat.com/show_bug.cgi?id=496271
  [ 8 ] Bug #496263 - CVE-2009-1307 Firefox Same-origin violations
when Adobe Flash loaded via view-source: protocol
        https://bugzilla.redhat.com/show_bug.cgi?id=496263

Fedora 11 Popler (PDF attack vector)
http://article.gmane.org/gmane.linux.redhat.fedora.package.announce/26381

--
Gentoo/Mandriva DHCP (buffer overflow)
http://article.gmane.org/gmane.linux.mandrake.security.announce/1997

Gentoo/Mandriva PulseAudio (privilege escalation)
http://article.gmane.org/gmane.linux.gentoo.announce/1764

--
To search the archives for your distro and version see:
http://search.gmane.org/

Advanced Searches for scripts:
You can use this page that takes the same form parameters as the
search does (query, author, group, sort, DEFAULTOP) as the form.php
line for scripts. For example:
http://search.gmane.org/form.php?group=gmane.discuss&sort=date

Example cron Line to mail yourself these security alerts every Saturday:

Season to taste for your distro and content:

12 3 * * 6 * root sh /root/bin/bugtraq

/root/bin/bugtraq
#!/bin/bash
DATE=`date +%Y%m%d`
wget http://news.gmane.org/gmane.comp.security.bugtraq
mv gmane.comp.security.bugtraq bugtraq.$DATE
cat bugtraq.$DATE |sendmail someemailIcannotignore at mydailyread.com

Configure your own search parameters based on group, sort, query, etc.
for the wget line.

-- 
http://linuxgazette.net/164/kachold.html
(623)239-3392
(503)754-4452 www.obnosis.com


More information about the PLUG-devel mailing list