ep's blog

http://www.redhat.com/security/data/openssh-blacklist.html - RedHats distribution servers were infiltrated and some openssh packages were compromised. There is a small possibility that some RHEL4 and RHEL5 systems who updated during the compromise have installed malicious openssh packages. RedHat has released a script to determine if the system has been compromised. It is suggested that the script (available at the URL above) be run on all RHEL4 and RHEL5 machines to determine compromise.

http://www.isc.org/index.pl?/sw/bind/bind-security.php - A weakness in the DNS protocol could lead to DNS poisoning of caching recursive name servers. This affects all non-DNSSEC protected domains. Newer versions of BIND utilize Query Port Randomization for BIND 9 which helps to mitigate the problem, but is not a full solution. The only proven solution to protect your domain from this attack is to implement DNSSEC on your authoritative name servers.

http://lists.debian.org/debian-security-announce/2008/msg00152.html - Debian released this announcement today pertaining to their openssl libraries. It has been determined that a Debian specific patch to openssl has been using a weak and easily determined pseudo random number generator for creating ssl certificates. This patch was made to fix CVE-2008-0166, but ended up creating a new issue. This was introduced into Debians testing environment in September 2006, and was moved into their etch release.

http://secunia.com/advisories/29965/ - Two vulnerabilities have been discovered, one which can lead to authentication bypass (if account registration is enabled) and another which can lead to arbitrary HTML and code execution on the clients web browser. This could appear to be a defacement, but is executed locally on the users computer, not on the server itself. Test and update to v2.5.1 when possible.

http://secunia.com/advisories/29988/ - Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious people to conduct cross-site scripting attacks. This affects Apache 1.3.x and 2.0.x running on Solaris 8, 9 and 10 on SPARC and x86. Some vendor patches are available. Please test and apply these patches when available.

http://secunia.com/advisories/29838/ - Adobe Photoshop Album Starter Edition 3.2 and Adobe After Effects CS3 (and possibly other Adobe products) are vulnerable to a buffer overflow vulnerability that could lead to system compromise. An update is not yet available. Users should avoid opening untrusted BMP files.

http://secunia.com/advisories/29786/ - RedHat has released a new version of ImageMagick which fixes DoS and system compromise vulnerabilites. This new release affects RHEL2.1, 3, 4 and 5. It is suggested to test and update during the next scheduled outage window.

http://secunia.com/advisories/29836/ - Poppler is a PDF rendering engine used by xpdf, evince and other tools. There is a system compromise vulnerability that can be exploited by processing malicious PDF files. RedHat has released poppler-0.5.4-4.4 to fix this vulnerability. It is suggested to test and update to this version during the next outage window.

http://secunia.com/advisories/27124/ - A vulnerability in the plugins for Nagios could lead to system compromise. Successful exploitation requires that a connection is made to a malicious web server. This affects versions prior to 1.4.10. Fedora just released updates for nagios-plugins for Fedora 7 and Fedora 8.

http://secunia.com/advisories/29852/ - Multiple vulnerabilities in OpenOffice prior to version 2.4 exist that could allow for system compromise. It is recommended to update to v2.4. This attack requires the user to open a malicious document, so it is advised not to open files from unverified sources.