Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Advisories, May 30, 2006

May 31, 2006, 04:45 (0 Talkback[s])

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200605-16

http://security.gentoo.org/


Severity: Low
Title: CherryPy: Directory traversal vulnerability
Date: May 30, 2006
Bugs: #134273
ID: 200605-16


Synopsis

CherryPy is vulnerable to a directory traversal that could allow attackers to read arbitrary files.

Background

CherryPy is a Python-based, object-oriented web development framework.

Affected packages


     Package              /  Vulnerable  /                  Unaffected

  1  dev-python/cherrypy       < 2.1.1                        >= 2.1.1

Description

Ivo van der Wijk discovered that the "staticfilter" component of CherryPy fails to sanitize input correctly.

Impact

An attacker could exploit this flaw to obtain arbitrary files from the web server.

Workaround

There is no known workaround at this time.

Resolution

All CherryPy users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-python/cherrypy-2.1.1"

References

[ 1 ] CVE-2006-0847

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0847

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200605-16.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory GLSA 200605-17

http://security.gentoo.org/


Severity: Normal
Title: libTIFF: Multiple vulnerabilities
Date: May 30, 2006
Bugs: #129675
ID: 200605-17


Synopsis

Multiple vulnerabilities in libTIFF could lead to the execution of arbitrary code or a Denial of Service.

Background

libTIFF provides support for reading and manipulating TIFF images.

Affected packages


     Package          /  Vulnerable  /                      Unaffected

  1  media-libs/tiff       < 3.8.1                            >= 3.8.1

Description

Multiple vulnerabilities, ranging from integer overflows and NULL pointer dereferences to double frees, were reported in libTIFF.

Impact

An attacker could exploit these vulnerabilities by enticing a user to open a specially crafted TIFF image, possibly leading to the execution of arbitrary code or a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All libTIFF users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-libs/tiff-3.8.1"

References

[ 1 ] CVE-2006-0405

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0405

[ 2 ] CVE-2006-2024

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2024

[ 3 ] CVE-2006-2025

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025

[ 4 ] CVE-2006-2026

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200605-17.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Mandriva Linux


Mandriva Linux Security Advisory MDKSA-2006:093
http://www.mandriva.com/security/


Package : dia
Date : May 30, 2006
Affected: 2006.0, Corporate 3.0


Problem Description:

A format string vulnerability in Dia allows user-complicit attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms inputs that are automatically process by Dia, such as a crafted .dia file. (CVE-2006-2480)

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480. (CVE-2006-2453)

Packages have been patched to correct this issue.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2480


Updated Packages:

Mandriva Linux 2006.0:
25f39bc046f44931e37df109581e87b9 2006.0/RPMS/dia-0.94-6.4.20060mdk.i586.rpm
f19385acd5189ebc01114fc225fd9320 2006.0/SRPMS/dia-0.94-6.4.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
924a511192a32723ccc93121694b224b x86_64/2006.0/RPMS/dia-0.94-6.4.20060mdk.x86_64.rpm
f19385acd5189ebc01114fc225fd9320 x86_64/2006.0/SRPMS/dia-0.94-6.4.20060mdk.src.rpm

Corporate 3.0:
14773513eee38d6a2ef7c162fedfc0b9 corporate/3.0/RPMS/dia-0.92.2-2.3.C30mdk.i586.rpm
60df291bbe184fdd06564147555eb0e4 corporate/3.0/SRPMS/dia-0.92.2-2.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
3df4b2245403861a7b36c6acaa056ac7 x86_64/corporate/3.0/RPMS/dia-0.92.2-2.3.C30mdk.x86_64.rpm
60df291bbe184fdd06564147555eb0e4 x86_64/corporate/3.0/SRPMS/dia-0.92.2-2.3.C30mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>