USN-652-1: LittleCMS vulnerability

10-14-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

USN-652-1: LittleCMS vulnerability

Referenced CVEs:
CVE-2007-2741

Description:
=========================================================== Ubuntu Security Notice USN-652-1 October 14, 2008 lcms vulnerability CVE-2007-2741 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: liblcms1 1.13-1ubuntu0.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Chris Evans discovered that certain ICC operations in lcms were not correctly bounds-checked. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could crash applications linked against liblcms1, leading to a denial of service, or possibly execute arbitrary code with user privileges.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

WAPITI(1) User Commands WAPITI(1) NAME
wapiti - a web application vulnerability scanner. SYNOPSIS
wapiti http://server.com/base/url/ [options] DESCRIPTION
Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. OPTIONS
-s, --start <url> specify an url to start with. -x, --exclude <url> exclude an url from the scan (for example logout scripts) you can also use a wildcard (*): Example : -x "http://server/base/?page=*&module=test" or -x "http://server/base/admin/*" to exclude a directory -p, --proxy <url_proxy> specify a proxy (-p http://proxy:port/) -c, --cookie <cookie_file> use a cookie -t, --timeout <timeout> set the timeout (in seconds) -a, --auth <login%password> set credentials (for HTTP authentication) doesn't work with Python 2.4 -r, --remove <parameter_name> removes a parameter from URLs -m, --module <module> use a predefined set of scan/attack options: GET_ALL: only use GET request (no POST) GET_XSS: only XSS attacks with HTTP GET method POST_XSS: only XSS attacks with HTTP POST method -u, --underline use color to highlight vulnerable parameters in output -v, --verbose <level> set the verbosity level: 0: quiet (default), 1: print each url, 2: print every attack -h, --help print help page EFFICIENCY
Wapiti is developed in Python and use a library called lswww. This web spider library does the most of the work. Unfortunately, the html parsers module within python only works with well formed html pages so lswww fails to extract information from bad-coded webpages. Tidy can clean these webpages on the fly for us so lswww will give pretty good results. In order to make Wapiti far more efficient, you should: apt-get install python-utidylib python-ctypes AUTHOR
Copyright (C) 2006-2007 Nicolas Surribas <nicolas.surribas@gmail.com> Manpage created by Thomas Blasing <thomasbl@pool.math.tu-berlin.de> http://wapiti.sourceforge.net/ July 2007 WAPITI(1)

Security Advisories (RSS)

USN-652-1: LittleCMS vulnerability

LEARN ABOUT DEBIAN

wapiti