LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

LWN Weekly Edition

Front page
Security
Kernel development
Distributions
Development
Announcements
->One big page

 

This page

Previous week
Following week

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Security

STEED: End-to-end email encryption

October 26, 2011

This article was contributed by Nathan Willis

Is end-to-end email encryption a lost cause, or do the existing protocols simply fail to meet the ease-of-use requirements needed for widespread adoption? That is a question the security community has debated for years without arriving at a consensus. Two key developers from the GnuPG project have outlined a new approach to email encryption that they call STEED, for "Secure Transmission of Encrypted Electronic Data." It is backwards compatible with existing OpenPGP and S/MIME standards, but seeks to smooth out the stumbling blocks that "casual" and non-technical users typically find onerous.

STEED is outlined in an October 17 white paper [PDF] co-authored by Werner Koch, co-founder of FSF Europe and lead developer of GNU Privacy Guard (GnuPG aka GPG), and Marcus Brinkmann, longtime Debian and GNU/Hurd developer and Koch's partner at security consulting firm g10code. The paper outlines the overall security approach taken by OpenPGP and S/MIME — including the setup, configuration, and maintenance tasks expected of the user, as well as the trust model that each scheme employs. S/MIME's trust model is called PKIX, for "public-key infrastructure for X.509," and encompasses the existence and operation of trusted certificate authorities (CAs). In contrast, OpenPGP's trust model is the web-of-trust (WoT), which depends on a global, decentralized reputation system.

Koch and Brinkmann argue that email encryption has failed to take off both because of "usability pitfalls" in OpenPGP and S/MIME approaches, and because the PKIX and WoT trust models fail to match up with user expectations and the "mental model" users associate with email. Ultimately, STEED is a set of practices that, if implemented in mail user agents (MUAs), mail servers, and encryption utilities, would put secure-by-default choices into play with a minimum of user involvement. The resulting system amounts to a different trust model, which the authors feel would seem saner to end users. The paper merely outlines the pieces that make up STEED; the authors are seeking feedback and input, but plan to push the work forward with actual specifications in the future, and code targeting Thunderbird, Outlook, Kmail, and a webmail client.

Components

STEED is comprised of three functional techniques: automatic key generation, automatic key distribution via DNS, and opportunistic encryption.

With automatic key generation, the MUA would automatically create an OpenPGP key-pair or a self-signed S/MIME certificate whenever creating a new mail account. The name and email address associated with the key or certificate are taken directly from the account set-up data, and cryptographic parameters are pre-configured in the MUA using sane defaults. S/MIME, like TLS, is intended to work with CA-signed certificates, but self-signed certificates are cryptographically equivalent — the difference is that self-signed certificates do not follow the PKIX trust model, which STEED is intending to supplant anyway.

If there is anything more confusing to new users than public-private key-pairs, the authors suggest, then it is the "unpractical" methods used to store, distribute, and retrieve keys. Their solution is to replace dedicated keyservers with a DNS-based distribution method. DNS is decentralized, widely available, and the fact that email addresses include a domain name makes it fit naturally into the structures of existing DNS records. Obtaining an encryption key would be matter of querying the DNS server at the relevant person's email domain and asking for the record associated with that person's user name. An added bonus is that piggybacking on DNS automatically benefits from other security advances like DNSSEC. The white paper does not recommend a specific DNS resource record type, but does suggest that the DNS records store a key or certificate fingerprint and an associated URL linking to the full key.

Opportunistic encryption is, quite simply, encrypting messages by default. Encryption is intended to happen in the MUA, which will be left to implement its own policies regarding message headers, options presented to the user, and when to fall back to sending a message in the clear.

Trust

If everyone has a key, and other users' keys are easily retrievable via a DNS query performed transparently by the MUA, then email encryption and digital signatures would work smoothly. The remaining problem in the scheme is how to authenticate the key or email address of a remote person — particularly one that has not made contact in the past. After all, an attacker could intercept DNS queries and spoof an identity or perform a man-in-the-middle attack against a legitimate-looking contact.

The existing email encryption schemes tackle this problem with PKIX and WoT. But the authors cite a PGP usability study that indicates that these trust models are confusing to users:

Both systems require a significant investment by the user: X.509 asks the user to sink money into the artificial certificate market that provides a dubious return, while OpenPGP asks the user harder and harder questions about the trustworthiness of peers away from the center of his personal web of trust.

Furthermore, they add, neither trust model matches up with users' natural expectations when using email, because both defer trust decisions to someone else. PKIX defers all trust judgments to an external authority, while WoT defers it to peer recommendations. In both cases, a binary trust determination is made before the communication is even read: "Neither system utilizes the users own experience with the peer in the context of the communication happening over time."

STEED's trust model is "trust upon first contact" (TUFC), which accepts the certificate or key of the remote party upon first contact, but persists and tracks it for the user. This is the trust model used by SSH, the authors note, and is what "virtually all users do anyway, when faced with the task to make a trust decision that interrupts their line of work." In other words, TUFC exists outside of an external "trust infrastructure," and leaves it up to the user to verify suspicious first contacts through other means (in person, phone calls, etc.). After the first contact, the system helps the user by flagging changed or revoked keys.

Challenges

Implementing STEED would require changes to the popular MUAs and encryption frameworks (including GnuPG), which the authors discuss, but there are also other challenges that cannot be solved by hard work alone. For example, automatic key generation is fine, except that users will either be interrupted to create (and then memorize) a passphrase, or else the passphrase must be stored somewhere. The paper suggests relegating passphrase storage to a "PIM service" — although the authors do not go into any significant detail. They appear to expect such a service to be network-accessible, and acknowledge that it must be able to communicate with MUAs (and other applications) from more than one platform. At one point, they refer to the service having a "passphrase vault," which implies encryption. Perhaps such a service is to protected by a user's existing account credentials, or else it would be imposing yet-another-password-to-remember, when one of STEED's goals is to spare users from choosing and remembering an encryption passphrase.

Since many email users today are content to store even sensitive correspondence with commercial SaaS companies, there might not be an elevated privacy concern with tossing a passphrase into the mix, but it is also just one more piece of information that could be stolen. On the other hand, STEED makes room for savvy users to create their own keys or use existing keys and security devices, so perhaps the extra-cautious could take that route. STEED's goal is to lower the bar for participation in secure email — at some point surely the benefits of preventing eavesdropping outweigh the risk of losing a passphrase.

A bigger issue is that STEED would require email providers to implement a key system in their DNS infrastructure, and a way for users to store and update their keys. That may not present them with a technical challenge, but convincing providers to change their policies and DNS infrastructure would be a huge undertaking. In addition to that, so many users today use webmail services like GMail that are available over SSL/TLS, which makes implementing a "new" security system an even harder sell.

There is also the issue of how to properly handle user mobility, particularly when users wish to access the same mail account from multiple devices. The authors do not offer easy solutions to any of these questions in the paper, but there is a sizable STEED discussion thread running on the GnuPG mailing list.

Jerome Baum suggested bypassing email providers' DNS and including a URL (privately-hosted or on a keyserver) for the sender's encryption key as a mail header instead. That idea has the benefit of being "in-band" and not requiring email provider support, though it still requires changes to the MUA. Peter Lebbing suggested using Bittorrent or another peer-to-peer system for hosting and retrieving keys.

Mark H. Wood said that attempting to bypass the passphrase-management problem is asking for trouble. "To be secure without being involved in the process is an unreasonable expectation which can never be met." Better, he said, to focus on generating passphrases that can be easily memorized, than to suggest storing them off-site.

Perhaps the thorniest problem was raised by Tom Ritter, who observed that supporting multiple devices also means supporting temporary usage of any random computer. "There's the very practical problem of _sometimes_ I do need to read my mail from a machine that is not my own. As a security person I almost never do it. But 'the young crowd' do it all the time. You have to satisfy that requirement also." Of course, most temporary email access of this type is done through a web mail interface, which has its own share of problems: either implementing the cryptographic functions in JavaScript or another client-side technology, or decrypting messages on the remote server. Either option carries risks. In addition, doing the encryption/decryption on the server breaks the "end-to-end encryption" principle.

Koch is scheduled to speak about STEED in November at the 2011 Free Society Conference and Nordic Summit (FSCONS); there may be changes to the proposal or further details on the protocols at that time. Until then, despite all of the debate, the consensus view on the GnuPG list is that STEED is at least taking on a very important problem: most people do not use email encryption because it is too difficult to configure and manage. Taking most of the decisions out of the user's hands and settling them in the MUA may not be perfect, but it would make for a vast improvement.

Even that, however, would not tackle the biggest obstacle to email encryption of all — the naive assumption by many users that their email is already secure because the lock icon is visible in the browser's location bar. At its heart, STEED is an attempt to make MUAs "do the right thing" more and rely less on the user, because the technical underpinnings of end-to-end encryption are already well-understood by the developer community. STEED is completely compatible with user-driven OpenPGP and S/MIME. But whether or not it could push the apathetic masses into end-to-end encryption remains to be seen. Perhaps nothing can, but making it simpler is certainly better than nothing.

Comments (15 posted)

Brief items

Security quotes of the week

From a technical perspective, it's simply wrong for a design to outsource a critical access control decision to a third party. My computer should decide what sites can turn on my camera and microphone, not one of Adobe's servers.

The policy side is even worse. What if the FBI wanted to bug you? Could they get a court order compelling Adobe to make an access control decision that would turn on your microphone?

-- Steven Bellovin

We've also been starting to think about the issues of law enforcement access that arose during the crypto wars and that came to light again with CAs. These issues are even more wicked with trusted boot. If the Turkish government compelled Microsoft to include the Tubitak key in Windows so their intelligence services could do man-in-the-middle attacks on Kurdish MPs' gmail, then I expect they'll also tell Microsoft to issue them a UEFI key to authenticate their keylogger malware. Hey, I removed the Tubitak key from my browser, but how do I identify and block all foreign governments' UEFI keys?
-- Ross Anderson

Comments (4 posted)

New vulnerabilities

asterisk: multiple vulnerabilities

Package(s):asterisk CVE #(s):CVE-2011-2536 CVE-2011-2665 CVE-2011-2666 CVE-2011-4063
Created:October 25, 2011 Updated:June 13, 2012
Description: From the CVE entries:

chan_sip.c in the SIP channel driver in Asterisk Open Source 1.4.x before 1.4.41.2, 1.6.2.x before 1.6.2.18.2, and 1.8.x before 1.8.4.4, and Asterisk Business Edition C.3.x before C.3.7.3, disregards the "alwaysauthreject' option and generates different responses for invalid SIP requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests. (CVE-2011-2536)

reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.3 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a SIP packet with a Contact header that lacks a < (less than) character. (CVE-2011-2665)

The default configuration of the SIP channel driver in Asterisk Open Source 1.4.x through 1.4.41.2 and 1.6.2.x through 1.6.2.18.2 does not enable the "alwaysauthreject" option, which allows remote attackers to enumerate account names by making a series of invalid SIP requests and observing the differences in the responses for different usernames, a different vulnerability than CVE-2011-2536. (CVE-2011-2666)

chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properly initialize variables during request parsing, which allows remote authenticated users to cause a denial of service (daemon crash) via a malformed request. (CVE-2011-4063)

Alerts:
Fedora FEDORA-2011-14480 2011-10-18
Fedora FEDORA-2011-14538 2011-10-18
Gentoo 201110-21 2011-10-24
Debian DSA-2493-1 2012-06-12

Comments (none posted)

clamav: recursion level crash

Package(s):clamav CVE #(s):CVE-2011-3627
Created:October 24, 2011 Updated:November 10, 2011
Description: ClamAV 0.97.3 fixes a recursion level crash.
Alerts:
Ubuntu USN-1258-1 2011-11-10
Fedora FEDORA-2011-15119 2011-10-29
Fedora FEDORA-2011-15076 2011-10-29
Gentoo 201110-20 2011-10-23
openSUSE openSUSE-SU-2011:1177-1 2011-10-24

Comments (none posted)

cyrus-imapd: denial of service

Package(s):cyrus-imapd CVE #(s):CVE-2011-3481
Created:October 24, 2011 Updated:March 23, 2012
Description: From the CVE entry:

The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.

Alerts:
Scientific Linux SL-cyru-20111201 2011-12-01
Oracle ELSA-2011-1508 2011-12-01
Oracle ELSA-2011-1508 2011-12-01
Oracle ELSA-2011-1508 2011-12-01
CentOS CESA-2011:1508 2011-12-01
CentOS CESA-2011:1508 2011-12-01
Red Hat RHSA-2011:1508-01 2011-12-01
openSUSE openSUSE-SU-2011:1170-1 2011-10-24
Gentoo 201110-16 2011-10-22
Debian DSA-2377-1 2012-01-01
Mandriva MDVSA-2012:037 2012-03-23

Comments (none posted)

dbus: symlink attack

Package(s):dbus CVE #(s):CVE-2011-2533
Created:October 24, 2011 Updated:October 26, 2011
Description: From the CVE entry:

The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/.

Alerts:
Gentoo 201110-14 2011-10-21

Comments (none posted)

etherape: denial of service

Package(s):etherape CVE #(s):CVE-2011-3369
Created:October 24, 2011 Updated:August 20, 2012
Description: From the CVE entry:

The add_conversation function in conversations.c in EtherApe before 0.9.12 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RPC packet, related to the get_rpc function in decode_proto.c.

Alerts:
openSUSE openSUSE-SU-2011:1176-1 2011-10-24
Mageia MGASA-2012-0224 2012-08-18

Comments (none posted)

fail2ban: insecure temp files

Package(s):fail2ban CVE #(s):CVE-2009-5023
Created:October 24, 2011 Updated:October 26, 2011
Description: fail2ban IP used insecure temporary files when unbanning an IP address
Alerts:
openSUSE openSUSE-SU-2011:1175-1 2011-10-24

Comments (none posted)

freetype2: code execution

Package(s):freetype2 CVE #(s):CVE-2011-3256
Created:October 21, 2011 Updated:December 28, 2012
Description:

From the Mandriva advisory:

FreeType allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font (CVE-2011-3256).

Alerts:
SUSE SUSE-SU-2011:1307-1 2011-12-08
SUSE SUSE-SU-2011:1306-1 2011-12-08
Fedora FEDORA-2011-15956 2011-11-15
Ubuntu USN-1267-1 2011-11-18
Fedora FEDORA-2011-14749 2011-10-22
CentOS CESA-2011:1402 2011-11-09
Scientific Linux SL-free-20111025 2011-10-25
CentOS CESA-2011:1402 2011-10-26
Red Hat RHSA-2011:1402-01 2011-10-25
Debian DSA-2328-1 2011-10-24
Mandriva MDVSA-2011:157 2011-10-21
openSUSE openSUSE-SU-2012:0015-1 2012-01-05
Gentoo 201201-09 2012-01-23
Red Hat RHSA-2012:0094-01 2012-02-02
Oracle ELSA-2012-0467 2012-04-12
SUSE SUSE-SU-2012:0553-1 2012-04-23
Mageia MGASA-2012-0369 2012-12-27

Comments (none posted)

java-1.6.0-sun: multiple unspecified vulnerabilities

Package(s):java-1.6.0-sun CVE #(s):CVE-2011-3389 CVE-2011-3516 CVE-2011-3545 CVE-2011-3546 CVE-2011-3549 CVE-2011-3550 CVE-2011-3555 CVE-2011-3561
Created:October 20, 2011 Updated:February 6, 2013
Description:

From the Red Hat advisory:

737506 - CVE-2011-3389 HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)

747203 - CVE-2011-3516 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)

747191 - CVE-2011-3545 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Sound)

747205 - CVE-2011-3546 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)

747198 - CVE-2011-3549 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Swing)

747200 - CVE-2011-3550 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (AWT)

747206 - CVE-2011-3555 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (JRE)

747208 - CVE-2011-3561 Oracle/IBM JDK: unspecified vulnerability fixed in 6u29 (Deployment)

Alerts:
Fedora FEDORA-2011-17400 2011-12-23
Fedora FEDORA-2011-17400 2011-12-23
Fedora FEDORA-2011-17400 2011-12-23
Fedora FEDORA-2011-17400 2011-12-23
Fedora FEDORA-2011-17400 2011-12-23
Debian DSA-2358-1 2011-12-05
SUSE SUSE-SU-2011:1298-1 2011-12-02
Debian DSA-2356-1 2011-12-01
Red Hat RHSA-2011:1478-01 2011-11-24
Ubuntu USN-1263-1 2011-11-16
Fedora FEDORA-2011-15555 2011-11-07
Mandriva MDVSA-2011:170 2011-11-11
Scientific Linux SL-java-20111019 2011-10-19
Gentoo 201111-02 2011-11-05
openSUSE openSUSE-SU-2011:1196-1 2011-10-28
CentOS CESA-2011:1380 2011-10-19
Red Hat RHSA-2011:1384-01 2011-10-19
Red Hat RHSA-2012:0006-01 2012-01-09
Red Hat RHSA-2012:0034-01 2012-01-18
SUSE SUSE-SU-2012:0114-1 2012-01-23
SUSE SUSE-SU-2012:0122-1 2012-01-26
Fedora FEDORA-2012-1690 2012-02-15
SUSE SUSE-SU-2012:0122-2 2012-02-23
SUSE SUSE-SU-2012:0114-2 2012-03-06
Red Hat RHSA-2012:0508-01 2012-04-23
SUSE SUSE-SU-2012:0602-1 2012-05-09
Fedora FEDORA-2012-16351 2012-10-18
Gentoo 201301-01 2013-01-07
Fedora FEDORA-2013-1898 2013-02-05

Comments (none posted)

kernel: denial of service

Package(s):linux-lts-backport-maverick CVE #(s):CVE-2011-3363
Created:October 25, 2011 Updated:November 28, 2011
Description: From the Ubuntu advisory:

Yogesh Sharma discovered that CIFS did not correctly handle UNCs that had no prefixpaths. A local attacker with access to a CIFS partition could exploit this to crash the system, leading to a denial of service.

Alerts:
Scientific Linux SL-kern-20111129 2011-11-29
CentOS CESA-2011:1479 2011-11-30
Oracle ELSA-2011-1479 2011-11-30
Red Hat RHSA-2011:1479-01 2011-11-29
Oracle ELSA-2011-1465 2011-11-28
Ubuntu USN-1281-1 2011-11-24
Scientific Linux SL-kern-20111122 2011-11-22
Red Hat RHSA-2011:1465-01 2011-11-22
Ubuntu USN-1256-1 2011-11-09
openSUSE openSUSE-SU-2011:1222-1 2011-11-08
openSUSE openSUSE-SU-2011:1221-1 2011-11-08
SUSE SUSE-SA:2011:042 2011-10-28
SUSE SUSE-SU-2011:1195-1 2011-10-28
Ubuntu USN-1244-1 2011-10-25
Ubuntu USN-1243-1 2011-10-25
Ubuntu USN-1242-1 2011-10-25
Red Hat RHSA-2012:0010-01 2012-01-10
Oracle ELSA-2012-0150 2012-03-07

Comments (none posted)

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2009-4067 CVE-2011-2942 CVE-2011-3209 CVE-2011-3347
Created:October 20, 2011 Updated:March 29, 2012
Description:

From the Red Hat advisory:

A flaw in the auerswald USB driver could allow a local, unprivileged user to cause a denial of service or escalate their privileges by inserting a specially-crafted USB device. (CVE-2009-4067, Low)

RHSA-2011:1065 introduced a regression in the Ethernet bridge implementation. If a system had an interface in a bridge, and an attacker on the local network could send packets to that interface, they could cause a denial of service on that system. Xen hypervisor and KVM (Kernel-based Virtual Machine) hosts often deploy bridge interfaces. (CVE-2011-2942, Moderate)

A flaw in the kernel's clock implementation could allow a local, unprivileged user to cause a denial of service. (CVE-2011-3209, Moderate)

Non-member VLAN (virtual LAN) packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service. (CVE-2011-3347, Moderate)

Alerts:
Scientific Linux SL-Kern-20111206 2011-12-06
Oracle ELSA-2011-2037 2011-12-15
Ubuntu USN-1294-1 2011-12-08
Red Hat RHSA-2011:1530-03 2011-12-06
Fedora FEDORA-2011-15856 2011-11-13
Ubuntu USN-1256-1 2011-11-09
Ubuntu USN-1268-1 2011-11-21
Red Hat RHSA-2011:1419-01 2011-11-01
Red Hat RHSA-2011:1418-01 2011-11-01
SUSE SUSE-SA:2011:042 2011-10-28
SUSE SUSE-SU-2011:1195-1 2011-10-28
Scientific Linux SL-kern-20111020 2011-10-20
Ubuntu USN-1236-1 2011-10-20
CentOS CESA-2011:1386 2011-10-21
Red Hat RHSA-2011:1386-01 2011-10-20
Red Hat RHSA-2012:0116-01 2012-02-15
Oracle ELSA-2012-0150 2012-03-07
Ubuntu USN-1409-1 2012-03-27
Ubuntu USN-1405-1 2012-03-27
Ubuntu USN-1404-1 2012-03-27
Ubuntu USN-1412-1 2012-03-29
openSUSE openSUSE-SU-2012:0781-1 2012-06-22
openSUSE openSUSE-SU-2012:0812-1 2012-07-03

Comments (none posted)

kfreebsd-8: code execution

Package(s):kfreebsd-8 CVE #(s):CVE-2011-4062
Created:October 24, 2011 Updated:October 26, 2011
Description: From the Debian advisory:

Buffer overflow in the "linux emulation" support in the FreeBSD kernel allows local users to cause a denial of service (panic) and possibly execute arbitrary code by calling the bind system call with a long path for a UNIX-domain socket, which is not properly handled when the address is used by other unspecified system calls.

Alerts:
Debian DSA-2325-1 2011-10-23

Comments (none posted)

nova: information leak

Package(s):nova CVE #(s):
Created:October 26, 2011 Updated:October 26, 2011
Description: From the Ubuntu advisory:

An information leak was discovered in Nova. An attacker with access to a valid EC2_ACCESS_KEY could obtain the corresponding EC2_SECRET_KEY for that user.

Alerts:
Ubuntu USN-1247-1 2011-10-25

Comments (none posted)

open-iscsi: code execution

Package(s):open-iscsi CVE #(s):CVE-2009-1297
Created:October 21, 2011 Updated:April 10, 2013
Description:

From the Ubuntu advisory:

Colin Watson discovered that iscsi_discovery in Open-iSCSI did not safely create temporary files. A local attacker could exploit this to to overwrite arbitrary files with root privileges.

Alerts:
Ubuntu USN-1235-1 2011-10-20
Mageia MGASA-2012-0241 2012-08-26
Mandriva MDVSA-2013:109 2013-04-10

Comments (none posted)

opera: code injection

Package(s):opera CVE #(s):
Created:October 24, 2011 Updated:October 26, 2011
Description: From this article at The H.

Security expert José A. Vázquez has released details of a critical security hole in the Opera browser that can be exploited to inject malicious code.

Alerts:
openSUSE openSUSE-SU-2011:1172-1 2011-10-24

Comments (none posted)

pam: arbitrary code execution

Package(s):pam CVE #(s):CVE-2011-3148 CVE-2011-3149
Created:October 24, 2011 Updated:March 11, 2013
Description: From the Debian advisory:

Kees Cook of the ChromeOS security team discovered a buffer overflow in pam_env, a PAM module to set environment variables through the PAM stack, which allowed the execution of arbitrary code. An additional issue in argument parsing allows denial of service.

Alerts:
Fedora FEDORA-2011-16365 2011-11-25
Fedora FEDORA-2011-16390 2011-12-04
SUSE SUSE-SU-2011:1218-1 2011-11-04
SUSE SUSE-SU-2011:1207-1 2011-11-03
SUSE SUSE-SU-2011:1205-1 2011-11-03
SUSE SUSE-SU-2011:1209-1 2011-11-03
openSUSE openSUSE-SU-2011:1204-1 2011-11-03
openSUSE openSUSE-SU-2011:1208-1 2011-11-03
Ubuntu USN-1237-1 2011-10-24
Debian DSA-2326-1 2011-10-24
Gentoo 201206-31 2012-06-25
Red Hat RHSA-2013:0521-02 2013-02-21
Oracle ELSA-2013-0521 2013-02-25
Scientific Linux SL-pam-20130228 2013-02-28
CentOS CESA-2013:0521 2013-03-09

Comments (none posted)

phpMyAdmin: multiple vulnerabilities

Package(s):phpmyadmin CVE #(s):CVE-2011-3646 CVE-2011-4064
Created:October 21, 2011 Updated:November 14, 2011
Description:

From the Mandriva advisory:

When the js_frame parameter of phpmyadmin.css.php is defined as an array, an error message shows the full path of this file, leading to possible further attacks (CVE-2011-3646).

Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory (CVE-2011-4064).

Alerts:
Fedora FEDORA-2011-15460 2011-11-05
Fedora FEDORA-2011-15472 2011-11-05
Fedora FEDORA-2011-15469 2011-11-05
Mandriva MDVSA-2011:158 2011-10-21
Gentoo 201201-01 2012-01-04

Comments (none posted)

puppet: man-in-the-middle attack

Package(s):puppet CVE #(s):CVE-2011-3872
Created:October 25, 2011 Updated:November 23, 2011
Description: From the Ubuntu advisory:

It was discovered that Puppet incorrectly handled the non-default "certdnsnames" option when generating certificates. If this setting was added to puppet.conf, the puppet master's DNS alt names were added to the X.509 Subject Alternative Name field of all certificates, not just the puppet master's certificate. An attacker that has an incorrect agent certificate in his possession can use it to impersonate the puppet master in a man-in-the-middle attack.

Alerts:
openSUSE openSUSE-SU-2011:1288-1 2011-11-29
Debian DSA-2352-1 2011-11-22
Fedora FEDORA-2011-15000 2011-10-27
Fedora FEDORA-2011-14994 2011-10-27
Fedora FEDORA-2011-14880 2011-10-25
Ubuntu USN-1238-2 2011-10-25
Ubuntu USN-1238-1 2011-10-24
Gentoo 201203-03 2012-03-05

Comments (none posted)

xen: denial of service

Package(s):xen CVE #(s):CVE-2011-3346
Created:October 24, 2011 Updated:October 26, 2011
Description: A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem emulation. An unprivileged, local guest user could provide a large number of bytes that are used to zero out a fixed-sized buffer via a SAI READ CAPACITY SCSI command, overwriting memory and causing the guest to crash.
Alerts:
Scientific Linux SL-xen-20111024 2011-10-24
Red Hat RHSA-2011:1401-01 2011-10-24
CentOS CESA-2011:1401 2011-10-24

Comments (none posted)

XTier: code execution

Package(s):Novell XTier framework CVE #(s):CVE-2011-1710
Created:October 26, 2011 Updated:October 26, 2011
Description: From the SUSE advisory:

Several user supplied header length variables for the HTTP server component in the Novell XTier framework were not size limited, allowing integer overflow attacks to crash the service or potentially execute code.

Alerts:
SUSE SUSE-SU-2011:1185-1 2011-10-26

Comments (none posted)

Page editor: Jake Edge
Next page: Kernel development>>

Copyright © 2011, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds