Security Alerts! 08/22/2007
Posted on August 22, 2007
Filed Under Alerts |
This alert is intended to help keep you up to date on some of the more important remote security vulnerabilities in Linux and common applications that run on Linux. Because of the open nature of the OS and applications this is a summary only, minor vulnerabilities and local vulnerabilities will not be listed.
Kernel and Subsystems
- A NULL pointer dereference condition was discovered in the netfilter subsystem. This vulnerability can be used to remotely crash a system by using carefully crafted SCTP protocol packets which will cause an “unknown chunk type” error.
- There is a lack of range checking in nf_conntrack h323 that may lead to NULL pointer dereferences. This could be exploited remotely to cause a system crash.
Common Applications
- Pidgin: A vague report of a remote code execution vulnerability due to an input validation error has been reported at Wasbisabilabi.
- I should note that I’ve never really trusted IM clients, and it should never be installed on a production server, for ANY reason.
- NuFW: On versions 2.0 and higher, using a time based attack vector, remote attackers can bypass the firewall using “out of period” packet transmissions.
-John
Comments
Leave a Reply