Red Hat announced 4 new security updates this morning.
RHSA-2007:0519 Moderate: xorg-x11 security update
This update addresses one vulnerability in the xorg-x11 packages for Red Hat Enterprise Linux 4. A flaw in the xfs font server startup script could allow a local attacker to modify the permissions of any file, possibly elevating their privileges (CVE-2007-3103). The Red Hat Security Response Team has rated this update as having moderate security impact.
RHSA-2007:0520 Moderate: xorg-x11-xfs security update
This update fixes one vulnerability in the xorg-x11-xfs packages for Red Hat Enterprise Linux 5. A flaw in the xfs font server startup script could allow a local attacker to modify the permissions of any file, possibly elevating their privileges (CVE-2007-3103). The Red Hat Security Response Team has rated this update as having moderate security impact.
RHSA-2007:0674 Moderate: perl-Net-DNS security update
This update relates to two vulnerabilities in the perl-Net-DNS packages for Red Hat Enterprise Linux 3 and 5. Due to the predictability of the ID field in a DNS query, a remote attacker could send invalid DNS data (CVE-2007-3377). Additionally, a malformed response to a DNS request could cause an application use Net::DNS to crash or stop responding (CVE-2007-3409). The Red Hat Security Response Team has rated this update as having moderate security impact.
RHSA-2007:0696 Critical: flash-plugin security update
This update addresses one vulnerability in the flash-plugin packages for Red Hat Enterprise Linux 3, 4, and 5. An input validation flaw could allow an attacker to execute arbitrary code if a user opens a malicious Adobe Flash file (CVE-2007-3456). The Red Hat Security Response Team has rated this update as having critical security impact.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!
Leave a Reply