From sec-adv at secunia.com Thu Apr 1 10:26:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Apr 2010 19:26:21 +0200 Subject: [SEC] [SA39143] Alien Arena "SV_BeginDownload_f()" Denial of Service Vulnerabilities Message-ID: <201004011726.o31HQLkT010460@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Alien Arena "SV_BeginDownload_f()" Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA39143 VERIFY ADVISORY: http://secunia.com/advisories/39143/ DESCRIPTION: Some vulnerabilities have been reported in Alien Arena, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service). Input sanitation errors within the "SV_BeginDownload_f()" function in server/sv_user.c can be exploited to crash a vulnerable server by sending a download request ending in "." or "/" (Linux only) or by supplying a negative offset (all platforms). The vulnerabilities are reported in version 7.33. Other versions may also be affected. SOLUTION: Fixed in the SVN repository. PROVIDED AND/OR DISCOVERED BY: Originally reported in Quake 2 by Richard Stanway. Reported in Alien Arena by "bugmenot". ORIGINAL ADVISORY: http://corent.proboards.com/index.cgi?board=bugreport&action=display&thread=4761 http://www.quakedev.com/forums/index.php?topic=53.0 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 11:26:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Apr 2010 20:26:30 +0200 Subject: [SEC] [SA39165] Ubuntu update for libnss-db Message-ID: <201004011826.o31IQUgj030937@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Ubuntu update for libnss-db SECUNIA ADVISORY ID: SA39165 VERIFY ADVISORY: http://secunia.com/advisories/39165/ DESCRIPTION: Ubuntu has issued an update for libnss-db. This fixes a security issue, which can be exploited by malicious, local users to disclose potentially sensitive information. The security issue is caused due to the library potentially displaying certain content of the "DB_CONFIG" file when encountering parsing errors, which can be exploited to disclose potentially sensitive information by e.g. symlinking "DB_CONFIG" to a restricted file and executing a suid root application using the library. SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.04.2.diff.gz Size/MD5: 517634 340efc402c8b2f7326c3f16ab694d0df http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.04.2.dsc Size/MD5: 1022 69032365bd9f24e8a99cbc8d68eb415e http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1.orig.tar.gz Size/MD5: 235360 b4440ba2865d28e9068e465426c19ede amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.04.2_amd64.deb Size/MD5: 27790 5b4f1ca2abf0c63e88c1dc3ea9b2e862 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.04.2_i386.deb Size/MD5: 26078 333db9551f6d7b13a1c7e77abe8a8d64 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.04.2_lpia.deb Size/MD5: 25830 71fcfc9642e9d41f4023a481487a12e0 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.04.2_powerpc.deb Size/MD5: 29488 3526a671bc2f498945b630e2801a0120 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.04.2_sparc.deb Size/MD5: 25974 1d3286113878cd972956710285c28aef -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.10.2.diff.gz Size/MD5: 520678 30aa88974f0353eb151484fdb08221a7 http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.10.2.dsc Size/MD5: 1454 3d5c2f0c417203490962f6993e07fc7a http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1.orig.tar.gz Size/MD5: 235360 b4440ba2865d28e9068e465426c19ede amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.10.2_amd64.deb Size/MD5: 27864 1f8814425488e56279bc3cafa98a344b i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.10.2_i386.deb Size/MD5: 26102 2a393ea3d246bdb80fb785ed9f385f08 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.10.2_lpia.deb Size/MD5: 26030 80e48bbb31ba51552a26eba264e2f3a0 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.10.2_powerpc.deb Size/MD5: 29406 3742ba8e8b62b4417ba6063511076dc7 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu1.8.10.2_sparc.deb Size/MD5: 26192 7fac30eec8b18445296530c21a0ac54e -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.04.2.diff.gz Size/MD5: 520796 8b8385951a229138681591fc6d9c066d http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.04.2.dsc Size/MD5: 1454 bd14227b2e022d15b27dc7376cb78b44 http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1.orig.tar.gz Size/MD5: 235360 b4440ba2865d28e9068e465426c19ede amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.04.2_amd64.deb Size/MD5: 27994 4af7bd72b6cf6f8787f761e49bbda5f4 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.04.2_i386.deb Size/MD5: 26232 c97642d832eaf8f90b3d563434c9498d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.04.2_lpia.deb Size/MD5: 26138 a38eedb037ba1eeb93ee0d4a35233869 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.04.2_powerpc.deb Size/MD5: 29550 b1fdb2c966e8e81425a5838ef043a26f sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.04.2_sparc.deb Size/MD5: 26250 e7a918fec55b148e9ff3d749e217387e -- Ubuntu 9.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.10.2.diff.gz Size/MD5: 520798 8bfc7f33c0f7ced9ca4cc47c854c11e9 http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.10.2.dsc Size/MD5: 1454 b79b2833b0c30cd92edb44513837e53c http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1.orig.tar.gz Size/MD5: 235360 b4440ba2865d28e9068e465426c19ede amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.10.2_amd64.deb Size/MD5: 28130 14a4238962ee33e44489d94e4dbfeddb i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.10.2_i386.deb Size/MD5: 26372 47716613b66e9ee0be23cc46f7493bf2 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.10.2_lpia.deb Size/MD5: 26130 93caa6343ce3d324b029b213ed95a257 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.10.2_powerpc.deb Size/MD5: 27488 e400c27ac8269da19c2e2c26253652d9 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/libn/libnss-db/libnss-db_2.2.3pre1-3ubuntu3.9.10.2_sparc.deb Size/MD5: 26234 0611d6a34a988914154ef6484e7472d5 PROVIDED AND/OR DISCOVERED BY: Ubuntu credits Stephane Chazelas. ORIGINAL ADVISORY: USN-922-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-March/001069.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 12:26:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Apr 2010 21:26:20 +0200 Subject: [SEC] [SA39166] leaftec cms Cross-Site Scripting and SQL Injection Message-ID: <201004011926.o31JQKk9011908@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: leaftec cms Cross-Site Scripting and SQL Injection SECUNIA ADVISORY ID: SA39166 VERIFY ADVISORY: http://secunia.com/advisories/39166/ DESCRIPTION: Some vulnerabilities have been reported in leaftec cms, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "login" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "id" parameter to article.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Valentin H?bel ORIGINAL ADVISORY: http://www.xenuser.org/2010/03/26/leaftec-cms-multiple-vulnerabilities/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 13:26:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Apr 2010 22:26:25 +0200 Subject: [SEC] [SA39157] Optimal Desktop Archive Parsing Buffer Overflow Vulnerability Message-ID: <201004012026.o31KQPc0032387@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Optimal Desktop Archive Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39157 VERIFY ADVISORY: http://secunia.com/advisories/39157/ DESCRIPTION: A vulnerability has been discovered in Optimal Desktop, which can be exploited by malicious people to compromise a user's system. For more information: SA39154 The vulnerability is confirmed in version 6.0 build 232. Other versions may also be affected. SOLUTION: Do not attempt to unpack untrusted archives. OTHER REFERENCES: SA39154: http://secunia.com/advisories/39154 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 14:20:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Apr 2010 23:20:23 +0200 Subject: [SEC] [SA39185] DynPG CMS "DefineRootToTool" File Inclusion Vulnerability Message-ID: <201004012120.o31LKNj8020436@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: DynPG CMS "DefineRootToTool" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39185 VERIFY ADVISORY: http://secunia.com/advisories/39185/ DESCRIPTION: A vulnerability has been discovered in DynPG CMS, which can be exploited by malicious people to disclose potentially sensitive information or compromise a vulnerable system. Input passed to the "DefineRootToTool" parameter in counter.php (when "inc" is set to any value) is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from remote and local resources via directory traversal attacks and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled and "register_globals" is enabled. The vulnerability is confirmed in version 4.1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: eidelweiss ORIGINAL ADVISORY: http://packetstormsecurity.org/1004-exploits/dynpgcms-rfi.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 14:41:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Apr 2010 23:41:19 +0200 Subject: [SEC] [SA39154] Optimal Archive Error Handling Buffer Overflow Vulnerability Message-ID: <201004012141.o31LfJ9D007826@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Optimal Archive Error Handling Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39154 VERIFY ADVISORY: http://secunia.com/advisories/39154/ DESCRIPTION: TecR0c has discovered a vulnerability in Optimal Archive, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "ALStatus::SetError()" function in OlArchive.dll when constructing error messages. This can be exploited to cause a stack-based buffer overflow by tricking a user into e.g. unpacking a ZIP archive containing an entry with an overly long path. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.10.1.138. Other versions may also be affected. SOLUTION: Do not attempt to unpack untrusted archives. PROVIDED AND/OR DISCOVERED BY: TecR0c Additional details provided by Secunia Research. ORIGINAL ADVISORY: http://www.corelan.be:8800/advisories.php?id=CORELAN-10-017 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 14:53:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Apr 2010 23:53:30 +0200 Subject: [SEC] [SA39142] Linux SCSI Target Framework (tgt) Format String Vulnerabilities Message-ID: <201004012153.o31LrU1n027490@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Linux SCSI Target Framework (tgt) Format String Vulnerabilities SECUNIA ADVISORY ID: SA39142 VERIFY ADVISORY: http://secunia.com/advisories/39142/ DESCRIPTION: Some vulnerabilities have been reported in Linux SCSI Target Framework (tgt), which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerabilities are caused due to format string errors within the "isns_attr_query()" and "qry_rsp_handle()" functions in usr/iscsi/isns.c, which can be exploited to cause a crash and potentially execute arbitrary code. The vulnerabilities are reported in version 1.0.3. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. http://git.kernel.org/?p=linux/kernel/git/tomo/tgt.git;a=commitdiff;h=107d922706cd36f3bb79bcca9bc4678c32f22e59 PROVIDED AND/OR DISCOVERED BY: Arne Redlich ORIGINAL ADVISORY: http://git.kernel.org/?p=linux/kernel/git/tomo/tgt.git;a=commitdiff;h=107d922706cd36f3bb79bcca9bc4678c32f22e59 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 15:06:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 00:06:40 +0200 Subject: [SEC] [SA39204] Fedora update for thunderbird and sunbird Message-ID: <201004012206.o31M6edR014752@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for thunderbird and sunbird SECUNIA ADVISORY ID: SA39204 VERIFY ADVISORY: http://secunia.com/advisories/39204/ DESCRIPTION: Fedora has issued an update for thunderbird and sunbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to manipulate certain data, bypass certain security restrictions, and potentially compromise a user's system. For more information: SA38608 SOLUTION: Apply updated packages via the yum utility ("yum update thunderbird sunbird"). ORIGINAL ADVISORY: FEDORA-2010-5526: https://admin.fedoraproject.org/updates/thunderbird-3.0.4-1.fc11,sunbird-1.0-0.16.20090715hg.fc11 FEDORA-2010-5539: https://admin.fedoraproject.org/updates/thunderbird-3.0.4-1.fc12,sunbird-1.0-0.21.20090916hg.fc12 OTHER REFERENCES: SA38608: http://secunia.com/advisories/38608/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 15:20:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 00:20:20 +0200 Subject: [SEC] [SA39138] Drupal Taxonomy Breadcrumb Module Script Insertion Vulnerabilities Message-ID: <201004012220.o31MKKUQ002024@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Drupal Taxonomy Breadcrumb Module Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA39138 VERIFY ADVISORY: http://secunia.com/advisories/39138/ DESCRIPTION: Multiple vulnerabilities have been reported in the Taxonomy Breadcrumb module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the taxonomy term name and node title is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires "administer taxonomy" permissions. The vulnerabilities are reported in versions prior to 5.x-1.5 and prior to 6.x-1.1. SOLUTION: Update to version 5.x-1.5 or 6.x-1.1 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Martin Barbella. ORIGINAL ADVISORY: SA-CONTRIB-2010-032: http://drupal.org/node/758456 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 15:41:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 00:41:17 +0200 Subject: [SEC] [SA39220] Drupal Taxonomy Filter Module Multiple Script Insertion Vulnerabilities Message-ID: <201004012241.o31MfHOR021824@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Drupal Taxonomy Filter Module Multiple Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA39220 VERIFY ADVISORY: http://secunia.com/advisories/39220/ DESCRIPTION: Multiple vulnerabilities have been reported in the Taxonomy Filter module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the vocabulary names, terms, and filter menus is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires "administer taxonomy" permissions or the ability to create nodes that have free tagging enabled. The vulnerabilities are reported in versions prior to 6.x-1.1. SOLUTION: Update to version 6.x-1.1 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Dylan Wilder-Tack of the Drupal security team. ORIGINAL ADVISORY: SA-CONTRIB-2010-033: http://drupal.org/node/758756 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 15:53:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 00:53:25 +0200 Subject: [SEC] [SA39141] OSSIM Spoofing and Cross-Site Scripting Vulnerabilities Message-ID: <201004012253.o31MrPav009072@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: OSSIM Spoofing and Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA39141 VERIFY ADVISORY: http://secunia.com/advisories/39141/ DESCRIPTION: CONIX Security has discovered some vulnerabilities in OSSIM, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks. 1) Input passed via the URL to various scripts (e.g. control_panel/alarm_console.php and vulnmeter/first/index.php) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "sensor" parameter in nagios/index.php is not properly verified before being used as domain name when generating the URLs for e.g. certain menu items. This can be exploited to e.g. spoof certain content by tricking a user into following a specially crafted link. The vulnerabilities are confirmed in version 2.2.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. PROVIDED AND/OR DISCOVERED BY: CONIX Security ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2010-03/0259.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 16:06:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 01:06:26 +0200 Subject: [SEC] [SA39177] Compiere Cross-Site Scripting Vulnerabilities Message-ID: <201004012306.o31N6QpQ028756@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Compiere Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA39177 VERIFY ADVISORY: http://secunia.com/advisories/39177/ DESCRIPTION: Some vulnerabilities have been reported in Compiere, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to J300_A02. SOLUTION: Update to version J300_A02. http://www.compiere-japan.com/jAlmas/cms/documents/compiere/patch/Compiere_J300_A02_patch.zip PROVIDED AND/OR DISCOVERED BY: JVN credits Kobe Yoshihisa Tokoro Narita Digital Lab Inc. ORIGINAL ADVISORY: JVN: http://jvn.jp/jp/JVN57963254/index.html http://jvn.jp/jp/JVN38687002/index.html Compiere: http://www.compiere-japan.com/products/release/patch.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 16:20:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 01:20:35 +0200 Subject: [SEC] [SA39160] Apple AirPort Base Station Network Access Restriction Bypass Message-ID: <201004012320.o31NKZX3016032@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Apple AirPort Base Station Network Access Restriction Bypass SECUNIA ADVISORY ID: SA39160 VERIFY ADVISORY: http://secunia.com/advisories/39160/ DESCRIPTION: A security issue has been reported in Apple AirPort Base Station, which can be exploited by malicious people to bypass certain security restrictions. The problem is caused due to MAC address ACLs not being properly propagated to network extenders, which may result in restricted networks being accessible. SOLUTION: Apply AirPort Base Station Update 2010-001. AirPort Utility 5.5.1 for Windows: http://support.apple.com/kb/DL954 AirPort Utility 5.5.1 for Mac: http://support.apple.com/kb/DL955 PROVIDED AND/OR DISCOVERED BY: The vendor credits Guido Lamberty. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT3958 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 16:41:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 01:41:17 +0200 Subject: [SEC] [SA39210] Red Hat update for java-1.6.0-openjdk Message-ID: <201004012341.o31NfHgx003415@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-openjdk SECUNIA ADVISORY ID: SA39210 VERIFY ADVISORY: http://secunia.com/advisories/39210/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-openjdk. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system. For more information: SA37255 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2010:0339-1: https://rhn.redhat.com/errata/RHSA-2010-0339.html OTHER REFERENCES: SA37255: http://secunia.com/advisories/37255/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 16:53:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 01:53:18 +0200 Subject: [SEC] [SA39247] Fedora update for imp Message-ID: <201004012353.o31NrIZQ023070@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for imp SECUNIA ADVISORY ID: SA39247 VERIFY ADVISORY: http://secunia.com/advisories/39247/ DESCRIPTION: Fedora has issued an update for imp. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting or script insertion attacks. For more information: SA33719 SOLUTION: Apply updated packages via the yum utility ("yum update imp"). ORIGINAL ADVISORY: FEDORA-2010-5508: https://admin.fedoraproject.org/updates/imp-4.3.6-1.fc11 OTHER REFERENCES: SA33719: http://secunia.com/advisories/33719/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 17:06:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 02:06:28 +0200 Subject: [SEC] [SA39245] Fedora update for horde Message-ID: <201004020006.o3206S13010342@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for horde SECUNIA ADVISORY ID: SA39245 VERIFY ADVISORY: http://secunia.com/advisories/39245/ DESCRIPTION: Fedora has issued an update for horde. This fixes multiple vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to disclose potentially sensitive information, conduct cross-site scripting, and script insertion attacks. For more information: SA31842 SA33521 SA33695 SA36665 SA37709 SOLUTION: Apply updated packages via the yum utility ("yum update horde"). ORIGINAL ADVISORY: FEDORA-2010-5483: https://admin.fedoraproject.org/updates/horde-3.3.6-1.fc11 FEDORA-2010-5520: https://admin.fedoraproject.org/updates/horde-3.3.6-1.fc12 OTHER REFERENCES: SA31842: http://secunia.com/advisories/31842/ SA33521: http://secunia.com/advisories/33521/ SA33695: http://secunia.com/advisories/33695/ SA36665: http://secunia.com/advisories/36665/ SA37709: http://secunia.com/advisories/37709/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 17:20:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 02:20:21 +0200 Subject: [SEC] [SA39249] Fedora update for libnids Message-ID: <201004020020.o320KLUv030032@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for libnids SECUNIA ADVISORY ID: SA39249 VERIFY ADVISORY: http://secunia.com/advisories/39249/ DESCRIPTION: Fedora has issued an update for libnids. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA39225 SOLUTION: Apply updated packages using the yum utility ("yum update libnids"). ORIGINAL ADVISORY: FEDORA-2010-5545: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038387.html FEDORA-2010-5535: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038374.html OTHER REFERENCES: SA39225: http://secunia.com/advisories/39225/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 17:41:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 02:41:21 +0200 Subject: [SEC] [SA39207] Red Hat update for java-1.5.0-sun Message-ID: <201004020041.o320fLTZ017420@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.5.0-sun SECUNIA ADVISORY ID: SA39207 VERIFY ADVISORY: http://secunia.com/advisories/39207/ DESCRIPTION: Red Hat has issued an update for java-1.5.0-sun. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system. For more information: SA37255 SOLUTION: An update is available via Red Hat Network. http://rhn.redhat.com/ NOTE: This update removes the java-1.5.0-sun packages due to End of Service Life. ORIGINAL ADVISORY: RHSA-2010:0338-2: https://rhn.redhat.com/errata/RHSA-2010-0338.html OTHER REFERENCES: SA37255: http://secunia.com/advisories/37255/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 17:53:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 02:53:25 +0200 Subject: [SEC] [SA39216] Red Hat update for java-1.6.0-sun Message-ID: <201004020053.o320rPk3004665@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-sun SECUNIA ADVISORY ID: SA39216 VERIFY ADVISORY: http://secunia.com/advisories/39216/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-sun. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system. For more information: SA37255 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2010:0337-1: https://rhn.redhat.com/errata/RHSA-2010-0337.html OTHER REFERENCES: SA37255: http://secunia.com/advisories/37255/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 18:06:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 03:06:30 +0200 Subject: [SEC] [SA39225] Libnids NULL Pointer Dereference Denial of Service Message-ID: <201004020106.o3216U13024348@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Libnids NULL Pointer Dereference Denial of Service SECUNIA ADVISORY ID: SA39225 VERIFY ADVISORY: http://secunia.com/advisories/39225/ DESCRIPTION: A vulnerability has been reported in Libnids, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error in src/ip_fragment.c, which can be exploited to crash an application using the library by sending specially crafted network traffic. The vulnerability is reported in versions prior to 1.24. SOLUTION: Update to version 1.24. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 18:20:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 03:20:19 +0200 Subject: [SEC] [SA39248] Fedora update for asterisk Message-ID: <201004020120.o321KJej011616@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for asterisk SECUNIA ADVISORY ID: SA39248 VERIFY ADVISORY: http://secunia.com/advisories/39248/ DESCRIPTION: Fedora has issued an update for asterisk. This fixes multiple vulnerabilities, which can lead to unintended configurations and exploited by malicious people to potentially bypass certain security restrictions and cause a DoS (Denial of Service). For more information: SA38395 SA38641 SA38752 SOLUTION: Apply updated packages via the yum utility ("yum update asterisk"). ORIGINAL ADVISORY: FEDORA-2010-3381: https://admin.fedoraproject.org/updates/asterisk-1.6.1.17-1.fc12 OTHER REFERENCES: SA38395: http://secunia.com/advisories/38395/ SA38641: http://secunia.com/advisories/38641/ SA38752: http://secunia.com/advisories/38752/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 18:41:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 03:41:20 +0200 Subject: [SEC] [SA39244] Fedora update for ikiwiki Message-ID: <201004020141.o321fKjx031426@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for ikiwiki SECUNIA ADVISORY ID: SA39244 VERIFY ADVISORY: http://secunia.com/advisories/39244/ DESCRIPTION: Fedora has issued an update for ikiwiki. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks. For more information: SA38983 SOLUTION: Apply updated packages via the yum utility ("yum update ikiwiki"). ORIGINAL ADVISORY: FEDORA-2010-4884: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038327.html FEDORA-2010-4933: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038360.html OTHER REFERENCES: SA38983: http://secunia.com/advisories/38983/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 18:53:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 03:53:17 +0200 Subject: [SEC] [SA39246] Fedora update for firefox and xulrunner Message-ID: <201004020153.o321rHKo018658@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for firefox and xulrunner SECUNIA ADVISORY ID: SA39246 VERIFY ADVISORY: http://secunia.com/advisories/39246/ DESCRIPTION: Fedora has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system. For more information: SA39136 SOLUTION: Apply updated packages using the yum utility ("yum update firefox xulrunner"). ORIGINAL ADVISORY: FEDORA-2010-5515: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038340.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038341.html FEDORA-2010-5506: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038309.html http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038311.html OTHER REFERENCES: SA39136: http://secunia.com/advisories/39136/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 19:12:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 04:12:52 +0200 Subject: [SEC] [SA39212] Novell ZENworks Configuration Management Two Vulnerabilities Message-ID: <201004020212.o322CqSQ006344@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Novell ZENworks Configuration Management Two Vulnerabilities SECUNIA ADVISORY ID: SA39212 VERIFY ADVISORY: http://secunia.com/advisories/39212/ DESCRIPTION: Two vulnerabilities have been reported in Novell ZENworks Configuration Management, which can be exploited by malicious people to compromise a vulnerable system. 1) An unspecified error related to the Preboot Service can be exploited to execute arbitrary code on an affected system. 2) An unspecified error related to Remote Management can be exploited to execute arbitrary code on an affected system. SOLUTION: Update to version 10.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Stephen Fewer of Harmony Security, reported via TippingPoint. ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=7005572 http://www.novell.com/support/viewContent.do?externalId=7005573 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 19:41:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 04:41:17 +0200 Subject: [SEC] [SA39229] Red Hat update for squid Message-ID: <201004020241.o322fHCD026276@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Red Hat update for squid SECUNIA ADVISORY ID: SA39229 VERIFY ADVISORY: http://secunia.com/advisories/39229/ DESCRIPTION: Red Hat has issued an update for squid. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA36378 SA38451 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2010:0221-4: https://rhn.redhat.com/errata/RHSA-2010-0221.html OTHER REFERENCES: SA36378: http://secunia.com/advisories/36378/ SA38451: http://secunia.com/advisories/38451/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 19:53:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 04:53:20 +0200 Subject: [SEC] [SA39232] Red Hat update for openldap Message-ID: <201004020253.o322rKmb013510@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Red Hat update for openldap SECUNIA ADVISORY ID: SA39232 VERIFY ADVISORY: http://secunia.com/advisories/39232/ DESCRIPTION: Red Hat has issued an update for openldap. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA38769 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2010:0198-4: https://rhn.redhat.com/errata/RHSA-2010-0198.html OTHER REFERENCES: SA38769: http://secunia.com/advisories/38769/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 20:06:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 05:06:19 +0200 Subject: [SEC] [SA39178] SUSE update for kernel Message-ID: <201004020306.o3236JqT000726@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA39178 VERIFY ADVISORY: http://secunia.com/advisories/39178/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to manipulate certain data, disclose potentially sensitive information, and cause a DoS (Denial of Service). For more information: SA37590 SA38317 SA38601 1) The qla2xxx driver for QLogic Fibre Channel PCI/PCIe host adapters sets world-writable permissions for the "/sys/class/scsi_host/[a qla2xxx host]/vport_create" and "/sys/class/scsi_host/[a qla2xxx host]/vport_delete" files, which can be exploited to change certain SCSI attributes. SOLUTION: Apply updated packages. SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=30110847005ad3a7ea7c5d1efd067ce1 SUSE Linux Enterprise Server 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=30110847005ad3a7ea7c5d1efd067ce1 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=d5a23ca2612948125ba212f86484077b http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=9a1d7bed362eab0ffb8a1cfcb944439e http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=ffb169f8e0b809058bff6cb318c6a511 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=44be42f54c5e35e6e551e68351bbd0e1 SLE SDK 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=30110847005ad3a7ea7c5d1efd067ce1 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=9a1d7bed362eab0ffb8a1cfcb944439e http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=ffb169f8e0b809058bff6cb318c6a511 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=44be42f54c5e35e6e551e68351bbd0e1 SUSE Linux Enterprise Desktop 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=30110847005ad3a7ea7c5d1efd067ce1 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=44be42f54c5e35e6e551e68351bbd0e1 SUSE Linux Enterprise Desktop 10 SP3 for x86 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keywords=44be42f54c5e35e6e551e68351bbd0e1 ORIGINAL ADVISORY: SUSE-SA:2010:019: http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html OTHER REFERENCES: SA37590: http://secunia.com/advisories/37590/ SA38317: http://secunia.com/advisories/38317/ SA38601: http://secunia.com/advisories/38601/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 20:20:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 05:20:24 +0200 Subject: [SEC] [SA39233] Red Hat update for automake Message-ID: <201004020320.o323KObR020467@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Red Hat update for automake SECUNIA ADVISORY ID: SA39233 VERIFY ADVISORY: http://secunia.com/advisories/39233/ DESCRIPTION: Red Hat has issued an update for automake. This fixes a security issue, which can be exploited by malicious, local users to manipulate certain data. For more information: SA37814 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2010:0321-4: https://rhn.redhat.com/errata/RHSA-2010-0321.html OTHER REFERENCES: SA37814: http://secunia.com/advisories/37814/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 20:41:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 05:41:09 +0200 Subject: [SEC] [SA39133] Apple QuickTime Multiple Vulnerabilities Message-ID: <201004020341.o323f8Bm007856@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39133 VERIFY ADVISORY: http://secunia.com/advisories/39133/ DESCRIPTION: Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. 1) An error in the processing of QDM2 encoded audio content can be exploited to trigger a memory corruption. 2) An error in the processing of QDMC encoded audio content can be exploited to trigger a memory corruption. 3) An error in the processing of H.263 encoded movie files can be exploited to cause a heap-based buffer overflow. 4) An error in the processing of H.261 encoded movie files can be exploited to cause a heap-based buffer overflow. 5) An error when handling PICT images can be exploited to cause a heap-based buffer overflow. 6) An error in the processing of H.264 encoded movie files can be exploited to trigger a memory corruption. 7) An error in the processing of RLE encoded movie files can be exploited to cause a heap-based buffer overflow. 8) An error in the processing of M-JPEG encoded movie files can be exploited to cause a heap-based buffer overflow. 9) An error in the processing of Sorenson encoded movie files can be exploited to trigger a memory corruption. 10) An integer overflow error in the processing of FlashPix encoded movie files can be exploited to corrupt memory. 11) An error in the processing of FLC encoded movie files can be exploited to cause a heap-based buffer overflow. 12) An error in the processing of MPEG encoded movie files can be exploited to cause a heap-based buffer overflow. 13) An integer overflow error in the processing of PICT images can be exploited to cause a memory corruption. 14) An error when handling color tables included in movie files can be exploited to corrupt memory. 15) An error in the processing of PICT images can be exploited to cause a heap-based buffer overflow. 16) An error in the processing of BMP images can be exploited to trigger a memory corruption. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 7.6.6. SOLUTION: Update to version 7.6.6. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 2, 7, 10, 12, 14) an anonymous researcher working with ZDI 3, 8, 15) Damian Put working with ZDI 4, 9) Will Dormann of the CERT/CC 5, 13) Nicolas Joly of Vupen 11) Moritz Jodeit of n.runs AG, and Nicolas Joly of Vupen working with ZDI 16) SkyLined of Google ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4104 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 1 20:53:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 05:53:11 +0200 Subject: [SEC] [SA39135] Apple iTunes Multiple Vulnerabilities Message-ID: <201004020353.o323rBvJ027512@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Apple iTunes Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39135 VERIFY ADVISORY: http://secunia.com/advisories/39135/ DESCRIPTION: Some vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or compromise a user's system. 1) Multiple errors in the ColorSync and ImageIO components when handling images can be exploited to disclose application memory or potentially execute arbitrary code. For more information see vulnerabilities #1 through #4 and #9 in: SA38932 2) An error when processing MP4 files can be exploited to trigger the execution of an infinite loop and render the application unusable after its restart via e.g. a specially crafted podcast. 3) During installation iTunes for Windows installs and executes certain files in a directory in the ""%ALLUSERSPROFILE%\Application Data\" path. As standard permissions allows any user to write files to the path, this can be exploited to either create malicious files with specific names before installation or malicious libraries after installation, allowing execution of arbitrary code with SYSTEM privileges. The vulnerabilities are reported in versions prior to 9.1. SOLUTION: Update to version 9.1. PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Sojeong Hong, Sourcefire VRT 3) Jason Geffner, NGSSoftware CHANGELOG: 2010-03-31: Added additional information provided by NGSSoftware. ORIGINAL ADVISORY: http://support.apple.com/kb/HT4105 OTHER REFERENCES: SA38932: http://secunia.com/advisories/38932/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 2 10:26:16 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 19:26:16 +0200 Subject: [SEC] [SA39239] Slackware update for openssl Message-ID: <201004021726.o32HQGQ1015730@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Slackware update for openssl SECUNIA ADVISORY ID: SA39239 VERIFY ADVISORY: http://secunia.com/advisories/39239/ DESCRIPTION: Slackware has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA38807 SOLUTION: Apply updated packages. Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-0.9.8n-i486-1_slack11.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/openssl-solibs-0.9.8n-i486-1_slack11.0.tgz Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-0.9.8n-i486-1_slack12.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/openssl-solibs-0.9.8n-i486-1_slack12.0.tgz Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-0.9.8n-i486-1_slack12.1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/openssl-solibs-0.9.8n-i486-1_slack12.1.tgz Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-0.9.8n-i486-1_slack12.2.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/openssl-solibs-0.9.8n-i486-1_slack12.2.tgz Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-0.9.8n-i486-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openssl-solibs-0.9.8n-i486-1_slack13.0.txz Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-0.9.8n-x86_64-1_slack13.0.txz ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openssl-solibs-0.9.8n-x86_64-1_slack13.0.txz Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/openssl-solibs-0.9.8n-i486-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssl-0.9.8n-i486-1.txz Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/openssl-solibs-0.9.8n-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openssl-0.9.8n-x86_64-1.txz ORIGINAL ADVISORY: SSA:2010-090-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.615467 OTHER REFERENCES: SA38807: http://secunia.com/advisories/38807/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 2 11:26:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 20:26:26 +0200 Subject: [SEC] [SA39241] Slackware update for seamonkey Message-ID: <201004021826.o32IQQjw003797@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Slackware update for seamonkey SECUNIA ADVISORY ID: SA39241 VERIFY ADVISORY: http://secunia.com/advisories/39241/ DESCRIPTION: Slackware has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information or potentially compromise a user's system. For more information: SA39001 SOLUTION: Apply updated packages. Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/seamonkey-1.1.19-i486-1_slack11.0.tgz Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/seamonkey-1.1.19-i486-1_slack12.0.tgz Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/seamonkey-1.1.19-i486-1_slack12.1.tgz ORIGINAL ADVISORY: SSA:2010-090-03: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.362028 OTHER REFERENCES: SA39001: http://secunia.com/advisories/39001/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 2 12:26:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 21:26:19 +0200 Subject: [SEC] [SA39119] Zabbix PHP Frontend "user" SQL Injection Vulnerability Message-ID: <201004021926.o32JQJn8024266@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Zabbix PHP Frontend "user" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39119 VERIFY ADVISORY: http://secunia.com/advisories/39119/ DESCRIPTION: Dawid Golunski has discovered a vulnerability in the ZABBIX PHP frontend, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "user" JSON parameter to api_jsonrpc.php is not properly sanitised before being used in a SQL query in include/db.inc.php script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.8.1. Prior versions may also be affected. SOLUTION: Update to version 1.8.2 or later. PROVIDED AND/OR DISCOVERED BY: Dawid Golunski ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0001.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 2 13:26:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 2 Apr 2010 22:26:20 +0200 Subject: [SEC] [SA39175] Mozilla Firefox DOM Node Moving Use-After-Free Vulnerability Message-ID: <201004022026.o32KQKuo012325@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Mozilla Firefox DOM Node Moving Use-After-Free Vulnerability SECUNIA ADVISORY ID: SA39175 VERIFY ADVISORY: http://secunia.com/advisories/39175/ DESCRIPTION: A vulnerability has been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a use-after-free error when moving DOM nodes between documents and can be exploited via a specially crafted web page. Successful exploitation allows execution of arbitrary code. SOLUTION: Update to version 3.6.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Nils, MWR InfoSecurity. ORIGINAL ADVISORY: MFSA 2010-25: http://www.mozilla.org/security/announce/2010/mfsa2010-25.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 10:26:53 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 5 Apr 2010 19:26:53 +0200 Subject: [SEC] [SA39348] Joomla! Magic Updater Component "controller" Local File Inclusion Vulnerability Message-ID: <201004051726.o35HQrLg005166@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! Magic Updater Component "controller" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39348 VERIFY ADVISORY: http://secunia.com/advisories/39348/ DESCRIPTION: A vulnerability has been reported in the Magic Updater component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed via the "controller" parameter to index.php (when "option" is set to "com_joomlaupdater") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Vrs-hCk ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 11:26:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 5 Apr 2010 20:26:24 +0200 Subject: [SEC] [SA39344] Linux Kernel "cifs_create()" NULL Pointer Dereference Message-ID: <201004051826.o35IQO4i025652@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Linux Kernel "cifs_create()" NULL Pointer Dereference SECUNIA ADVISORY ID: SA39344 VERIFY ADVISORY: http://secunia.com/advisories/39344/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL-pointer dereference error within the "cifs_create()" function in fs/cifs/dir.c. This can be exploited to cause a crash when a file without an associated "nameidata" structure is created. The vulnerability is reported in version 2.6.29-rc6 and later. SOLUTION: Restrict local access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Eugene Teo, Red Hat ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2010/04/05/1 https://bugzilla.redhat.com/show_bug.cgi?id=579445 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 12:26:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 5 Apr 2010 21:26:24 +0200 Subject: [SEC] [SA39252] Advenced Management For Services Sites Security Bypass Message-ID: <201004051926.o35JQOtH013730@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Advenced Management For Services Sites Security Bypass SECUNIA ADVISORY ID: SA39252 VERIFY ADVISORY: http://secunia.com/advisories/39252/ DESCRIPTION: A security issues has been discovered in Advenced Management For Services Sites, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to improper authentication in admincp/global.php. This can be exploited to bypass the authentication when performing administrative actions e.g creating new users via the admincp/users.php script. The security issue is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: indoushka ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 13:26:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 5 Apr 2010 22:26:32 +0200 Subject: [SEC] [SA39336] Slackware update for mozilla-thunderbird Message-ID: <201004052026.o35KQWZX001809@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Slackware update for mozilla-thunderbird SECUNIA ADVISORY ID: SA39336 VERIFY ADVISORY: http://secunia.com/advisories/39336/ DESCRIPTION: Slackware has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system. For more information: SA37682 SOLUTION: Apply updated packages. Slackware 10.2: ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.tgz Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.tgz Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.tgz Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.tgz Slackware 12.2: ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.tgz Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.txz Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mozilla-thunderbird-2.0.0.24-x86_64-1.txz Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-3.0.4-i686-1.txz Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-3.0.4-x86_64-1.txz ORIGINAL ADVISORY: SSA:2010-095-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.481306 OTHER REFERENCES: SA37682: http://secunia.com/advisories/37682/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 14:20:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 5 Apr 2010 23:20:20 +0200 Subject: [SEC] [SA39349] Joomla! LoginBox Pro Component "view" Local File Inclusion Vulnerability Message-ID: <201004052120.o35LKKYP022300@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! LoginBox Pro Component "view" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39349 VERIFY ADVISORY: http://secunia.com/advisories/39349/ DESCRIPTION: A vulnerability has been reported in the LoginBox Pro component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed via the "view" parameter to index.php (when "option" is set to "com_loginbox") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Vrs-hCk ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 14:41:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 5 Apr 2010 23:41:20 +0200 Subject: [SEC] [SA39192] uTorrent Web UI Basic Authorization Header Parsing Denial of Service Message-ID: <201004052141.o35LfK1b009721@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: uTorrent Web UI Basic Authorization Header Parsing Denial of Service SECUNIA ADVISORY ID: SA39192 VERIFY ADVISORY: http://secunia.com/advisories/39192/ DESCRIPTION: zombiefx has discovered a vulnerability in uTorrent, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error in WebUI when processing an invalid basic authorization string that does not contain a user-id and password as expected. Successful exploitation allows crashing the application, but requires that the Web UI interface is enabled (disabled by default). The vulnerability is confirmed in version 2.0 build 18907. Other versions may also be affected. SOLUTION: Restrict access to the WebUI. PROVIDED AND/OR DISCOVERED BY: zombiefx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 14:53:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 5 Apr 2010 23:53:25 +0200 Subject: [SEC] [SA39302] Fedora update for seamonkey Message-ID: <201004052153.o35LrPtq029398@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for seamonkey SECUNIA ADVISORY ID: SA39302 VERIFY ADVISORY: http://secunia.com/advisories/39302/ DESCRIPTION: Fedora has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system. For more information: SA39243 SOLUTION: Apply updated packages via the yum utility ("yum update seamonkey"). ORIGINAL ADVISORY: FEDORA-2010-5840: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038416.html OTHER REFERENCES: SA39243: http://secunia.com/advisories/39243/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 15:06:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 00:06:58 +0200 Subject: [SEC] [SA39350] Joomla! SVMap Component "controller" Local File Inclusion Vulnerability Message-ID: <201004052206.o35M6w8d016691@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! SVMap Component "controller" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39350 VERIFY ADVISORY: http://secunia.com/advisories/39350/ DESCRIPTION: A vulnerability has been discovered in the SVMap component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed via the "controller" parameter to index.php (when "option" is set to "com_svmap") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Vrs-hCk ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 15:20:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 00:20:21 +0200 Subject: [SEC] [SA39347] Fedora update for hamlib Message-ID: <201004052220.o35MKLOd003983@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for hamlib SECUNIA ADVISORY ID: SA39347 VERIFY ADVISORY: http://secunia.com/advisories/39347/ DESCRIPTION: Fedora has issued an update for hamlib. This fixes a security issue, which can be exploited by malicious, local users to potentially gain escalated privileges. For more information: SA39299 SOLUTION: Apply updated packages using the yum utility ("yum update hamlib"). ORIGINAL ADVISORY: FEDORA-2010-4352: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038472.html FEDORA-2010-4407: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038467.html OTHER REFERENCES: SA39299: http://secunia.com/advisories/39299/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 15:41:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 00:41:15 +0200 Subject: [SEC] [SA39280] Zip Unzip Archive Processing Buffer Overflow Vulnerability Message-ID: <201004052241.o35MfFgI023811@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Zip Unzip Archive Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39280 VERIFY ADVISORY: http://secunia.com/advisories/39280/ DESCRIPTION: mr_me has discovered a vulnerability in Zip Unzip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of archives containing an entry with an overly long path. This can be exploited to cause a stack-based buffer overflow by tricking a user into e.g. unpacking a specially crafted ZIP file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 6.0. Other versions may also be affected. SOLUTION: Do not open untrusted archives. PROVIDED AND/OR DISCOVERED BY: mr_me ORIGINAL ADVISORY: http://www.corelan.be:8800/advisories.php?id=10-019 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 15:53:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 00:53:23 +0200 Subject: [SEC] [SA39299] Ham Radio Control Libraries libtool Search Path Security Issue Message-ID: <201004052253.o35MrNXo011084@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Ham Radio Control Libraries libtool Search Path Security Issue SECUNIA ADVISORY ID: SA39299 VERIFY ADVISORY: http://secunia.com/advisories/39299/ DESCRIPTION: A security issue has been reported in Ham Radio Control Libraries, which can be exploited by malicious, local users to potentially gain escalated privileges. The security issue is caused due to the use of vulnerable libtool code. For more information: SA37414 SOLUTION: Fixed in the SVN repository. http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup ORIGINAL ADVISORY: http://hamlib.svn.sourceforge.net/viewvc/hamlib/trunk/libltdl/Makefile.am?revision=2841&view=markup OTHER REFERENCES: SA37414: http://secunia.com/advisories/37414/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 16:06:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 01:06:23 +0200 Subject: [SEC] [SA39281] ZipScan Archive Processing Buffer Overflow Vulnerability Message-ID: <201004052306.o35N6NBM030788@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: ZipScan Archive Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39281 VERIFY ADVISORY: http://secunia.com/advisories/39281/ DESCRIPTION: Lincoln has discovered a vulnerability in ZipScan, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing archives containing entries with overly long paths. This can be exploited to cause a stack-based buffer overflow by tricking a user into e.g. opening a specially crafted ZIP archive. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.2c. Other versions may also be affected. SOLUTION: Do not open untrusted archives. PROVIDED AND/OR DISCOVERED BY: Lincoln ORIGINAL ADVISORY: http://www.corelan.be:8800/advisories.php?id=CORELAN-10-020 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 16:20:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 01:20:23 +0200 Subject: [SEC] [SA39309] Munkyscripts Simple Gallery "cid" SQL Injection Vulnerability Message-ID: <201004052320.o35NKNNo018087@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Munkyscripts Simple Gallery "cid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39309 VERIFY ADVISORY: http://secunia.com/advisories/39309/ DESCRIPTION: A vulnerability has been discovered in Munkyscripts Simple Gallery, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "cid" parameter to gallery is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: ItSecTeam ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12045 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 16:41:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 01:41:24 +0200 Subject: [SEC] [SA39169] eZip Wizard Archive Unpacking Buffer Overflow Vulnerability Message-ID: <201004052341.o35NfOM5005510@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: eZip Wizard Archive Unpacking Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39169 VERIFY ADVISORY: http://secunia.com/advisories/39169/ DESCRIPTION: A vulnerability has been discovered in eZip Wizard, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when unpacking ZIP archives and can be exploited to cause a stack-based buffer overflow by tricking a user into double-clicking an overly long file name entry in an archive being unpacked. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.0.0. Other versions may also be affected. SOLUTION: Do not unpack untrusted files. Use another product. PROVIDED AND/OR DISCOVERED BY: fl0 fl0w ORIGINAL ADVISORY: http://www.milw0rm.com/exploits/8180 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 16:53:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 01:53:24 +0200 Subject: [SEC] [SA39319] Solutive CMS Multiple SQL Injection Vulnerabilities Message-ID: <201004052353.o35NrOCl025190@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Solutive CMS Multiple SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA39319 VERIFY ADVISORY: http://secunia.com/advisories/39319/ DESCRIPTION: Some vulnerabilities have been reported in Solutive CMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "cat_id" parameter in products_by_cat.php and to the "id" parameter in product_detail.php and news_content.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Th3 RDX ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12041 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 17:06:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 02:06:21 +0200 Subject: [SEC] [SA39342] Joomla redTWITTER Component "view" File Inclusion Vulnerability Message-ID: <201004060006.o3606LXd012480@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla redTWITTER Component "view" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39342 VERIFY ADVISORY: http://secunia.com/advisories/39342/ DESCRIPTION: NoGe has discovered a vulnerability in the redTWITTER component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "view" parameter in index.php (when "option" is set to "com_redtwitter") is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0b11. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: NoGe ORIGINAL ADVISORY: http://evilc0de.blogspot.com/2010/04/joomla-component-redtwitter-lfi-vuln.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 17:20:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 02:20:19 +0200 Subject: [SEC] [SA39314] MassMirror Uploader "MM_ROOT_DIRECTORY" File Inclusion Vulnerabilities Message-ID: <201004060020.o360KJ2f032190@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: MassMirror Uploader "MM_ROOT_DIRECTORY" File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA39314 VERIFY ADVISORY: http://secunia.com/advisories/39314/ DESCRIPTION: Some vulnerabilities have been discovered in MassMirror Uploader, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "MM_ROOT_DIRECTORY" parameter in upload.php and upload_progress.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that "register_globals" is enabled. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: cr4wl3r ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12050 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 17:41:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 02:41:21 +0200 Subject: [SEC] [SA39313] Uiga Proxy "content" File Inclusion Vulnerability Message-ID: <201004060041.o360fLQi019615@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Uiga Proxy "content" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39313 VERIFY ADVISORY: http://secunia.com/advisories/39313/ DESCRIPTION: A vulnerability has been discovered in Uiga Proxy, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "content" parameter in include/template.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that "register_globals" is enabled (discouraged for security reasons in README.txt). SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: ItSecTeam ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12049 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 17:53:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 02:53:27 +0200 Subject: [SEC] [SA39149] PolicyKit "pkexec" File Existence Disclosure Weakness Message-ID: <201004060053.o360rR6h006881@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: PolicyKit "pkexec" File Existence Disclosure Weakness SECUNIA ADVISORY ID: SA39149 VERIFY ADVISORY: http://secunia.com/advisories/39149/ DESCRIPTION: A weakness has been reported in PolicyKit, which can be exploited by malicious, local users to disclose certain system information. The weakness is caused due to the "pkexec" utility returning different results depending on the existence of files, which can be exploited to e.g. determine if a file exists in a restricted directory. The weakness is reported in version 0.96. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. http://cgit.freedesktop.org/PolicyKit/commit/?id=14bdfd816512a82b1ad258fa143ae5faa945df8a PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: Launchpad Ubuntu Bug #532852: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/532852 PolicyKit: http://bugs.freedesktop.org/show_bug.cgi?id=26982 http://cgit.freedesktop.org/PolicyKit/commit/?id=14bdfd816512a82b1ad258fa143ae5faa945df8a ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 18:06:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 03:06:32 +0200 Subject: [SEC] [SA39196] Profi Einzelgebots Auktions System "id_auk" SQL Injection Vulnerability Message-ID: <201004060106.o3616Wng026583@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Profi Einzelgebots Auktions System "id_auk" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39196 VERIFY ADVISORY: http://secunia.com/advisories/39196/ DESCRIPTION: A vulnerability has been reported in Profi Einzelgebots Auktions System, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "id_auk" parameter in auktion_text.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Easy Laster ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12005 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 18:20:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 03:20:24 +0200 Subject: [SEC] [SA39311] Nodesforum Multiple File Inclusion Vulnerabilities Message-ID: <201004060120.o361KOe7013881@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Nodesforum Multiple File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA39311 VERIFY ADVISORY: http://secunia.com/advisories/39311/ DESCRIPTION: Some vulnerabilities have been discovered in Nodesforum, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "_nodesforum_path_from_here_to_nodesforum_folder" parameter in erase_user_data.php and to the "_nodesforum_code_path" parameter in pre_output.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or remote resources. Successful exploitation requires that "register_globals" is enabled. The vulnerabilities are confirmed in version 1.045. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: ItSecTeam ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 18:41:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 03:41:20 +0200 Subject: [SEC] [SA39297] Linux Kernel r128 NULL Pointer Dereference Vulnerability Message-ID: <201004060141.o361fKHR001277@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Linux Kernel r128 NULL Pointer Dereference Vulnerability SECUNIA ADVISORY ID: SA39297 VERIFY ADVISORY: http://secunia.com/advisories/39297/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges. The vulnerability is caused due an error in several r128 IOCTL handlers and can be exploited to trigger a NULL-pointer dereference via certain IOCTLs. SOLUTION: Update to version 2.6.27.46 or 2.6.31.13. PROVIDED AND/OR DISCOVERED BY: Ben Hutchings ORIGINAL ADVISORY: http://git.kernel.org/linus/7dc482dfeeeefcfd000d4271c4626937406756d7 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.46 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.31.13 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 18:53:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 03:53:26 +0200 Subject: [SEC] [SA39331] AjaXplorer Multiple Unspecified Vulnerabilities Message-ID: <201004060153.o361rQ1u020981@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: AjaXplorer Multiple Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA39331 VERIFY ADVISORY: http://secunia.com/advisories/39331/ DESCRIPTION: Some vulnerabilities with unknown impacts have been reported in AjaXplorer. The vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in versions prior to 2.6. SOLUTION: Update to version 2.6. PROVIDED AND/OR DISCOVERED BY: The vendor credits Julien Cayssol. ORIGINAL ADVISORY: http://www.ajaxplorer.info/wordpress/2010/04/ajaxplorer-2-6-security-ajaxplorer-2-7-1-early-beta-for-3-0/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 19:10:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 04:10:43 +0200 Subject: [SEC] [SA39325] Joomla! JP Jobs Component "id" SQL Injection Vulnerability Message-ID: <201004060210.o362AhB1008840@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! JP Jobs Component "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39325 VERIFY ADVISORY: http://secunia.com/advisories/39325/ DESCRIPTION: Valentin has discovered a vulnerability in the JP Jobs component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "option" is set to "com_jp_jobs" and "view" is set to "detail") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.4.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Valentin ORIGINAL ADVISORY: http://www.xenuser.org/documents/security/joomla_com_jp_jobs_sql.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 19:41:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 04:41:51 +0200 Subject: [SA39273] Vor und Rückwärts Auktions System "id_auk" SQL Injection Vulnerability Message-ID: <201004060241.o362fpAW028844@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Vor und R?ckw?rts Auktions System "id_auk" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39273 VERIFY ADVISORY: http://secunia.com/advisories/39273/ DESCRIPTION: A vulnerability has been reported in Vor und R?ckw?rts Auktions System, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "id_auk" parameter in auktionen.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in "Vor und R?ckw?rts Auktions Community Premium System inkl allen Modulen wie Shop Modul,Preisvorschlag usw" and "Vor und R?ckw?rts Auktions System Standart". SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Easy Laster ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12026 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 19:53:57 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 04:53:57 +0200 Subject: [SEC] [SA39277] Tcpdf HTML "tcpdf" Tag Processing Vulnerability Message-ID: <201004060253.o362rvHr016109@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Tcpdf HTML "tcpdf" Tag Processing Vulnerability SECUNIA ADVISORY ID: SA39277 VERIFY ADVISORY: http://secunia.com/advisories/39277/ DESCRIPTION: A vulnerability with an unknown impact has been reported in Tcpdf. The vulnerability is caused due to an error related to "eval()" when generating PDF files from user-supplied HTML code and can be exploited via specially crafted "tcpdf" HTML tags. The vulnerability is reported in versions prior to 4.9.006. SOLUTION: Update to version 4.9.006 or later and disable the "K_TCPDF_CALLS_IN_HTML" configuration option. PROVIDED AND/OR DISCOVERED BY: The vendor credits Matthias Hecker. ORIGINAL ADVISORY: http://sourceforge.net/projects/tcpdf/files/CHANGELOG.TXT/view ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 20:07:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 05:07:06 +0200 Subject: [SEC] [SA39291] Foxit Reader Embedded Program Execution Vulnerability Message-ID: <201004060307.o36376Wf003400@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Foxit Reader Embedded Program Execution Vulnerability SECUNIA ADVISORY ID: SA39291 VERIFY ADVISORY: http://secunia.com/advisories/39291/ DESCRIPTION: A vulnerability has been reported in Foxit Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application executing PDF-embedded programs without asking for the user's permission. This can be exploited to run an arbitrary executable via a specially crafted PDF file. The vulnerability is reported in versions prior to 3.2.1.0401. SOLUTION: Update to version 3.2.1.0401. PROVIDED AND/OR DISCOVERED BY: Didier Stevens ORIGINAL ADVISORY: Foxit Software: http://forums.foxitsoftware.com/showthread.php?t=18044 Didier Stevens: http://blog.didierstevens.com/2010/03/31/escape-from-foxit-reader/ OTHER REFERENCES: US-CERT VU#570177: http://www.kb.cert.org/vuls/id/570177 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 20:21:00 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 05:21:00 +0200 Subject: [SEC] [SA39343] Joomla! redSHOP Component "view" Local File Inclusion Vulnerability Message-ID: <201004060321.o363L0Cn023114@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! redSHOP Component "view" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39343 VERIFY ADVISORY: http://secunia.com/advisories/39343/ DESCRIPTION: A vulnerability has been reported in the redSHOP component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed via the "view" parameter to index.php (when "option" is set to "com_redshop") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: NoGe ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 20:42:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 05:42:17 +0200 Subject: [SEC] [SA39147] VMware ESX Server 4 Update for samba and acpid Message-ID: <201004060342.o363gHSb010532@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: VMware ESX Server 4 Update for samba and acpid SECUNIA ADVISORY ID: SA39147 VERIFY ADVISORY: http://secunia.com/advisories/39147/ DESCRIPTION: VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information or cause a DoS, and by malicious users to bypass certain security restrictions, disclose sensitive information, and cause a DoS (Denial of Service). For more information: SA34838 SA35539 SA36893 SOLUTION: Apply ESX400-201003001. https://hostupdate.vmware.com/software/VUM/OFFLINE/release-195-20100324-069238/ESX400-201003001.zip ORIGINAL ADVISORY: VMSA-2010-0006: http://lists.vmware.com/pipermail/security-announce/2010/000089.html OTHER REFERENCES: SA34838: http://secunia.com/advisories/34838/ SA35539: http://secunia.com/advisories/35539/ SA36893: http://secunia.com/advisories/36893/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 20:53:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 05:53:58 +0200 Subject: [SEC] [SA39218] VMware ESX Server Samba Multiple Vulnerabilities Message-ID: <201004060353.o363rww2030208@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: VMware ESX Server Samba Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39218 VERIFY ADVISORY: http://secunia.com/advisories/39218/ DESCRIPTION: VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious users to bypass certain security restrictions, disclose sensitive information, and cause a DoS (Denial of Service). For more information: SA35539 SA36893 The vulnerabilities are reported in version 2.5.5, 3.0.3, and 3.5. SOLUTION: Restrict network and local access to trusted users only. ORIGINAL ADVISORY: VMSA-2010-0006: http://lists.vmware.com/pipermail/security-announce/2010/000089.html OTHER REFERENCES: SA35539: http://secunia.com/advisories/35539/ SA36893: http://secunia.com/advisories/36893/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 21:08:10 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 06:08:10 +0200 Subject: [SEC] [SA39268] Debian update for netpbm-free Message-ID: <201004060408.o3648A1P017519@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Debian update for netpbm-free SECUNIA ADVISORY ID: SA39268 VERIFY ADVISORY: http://secunia.com/advisories/39268/ DESCRIPTION: Debian has issued an update for netpbm-free. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA38530 SOLUTION: Apply updated packages. -- Debian (stable) -- Source archives: http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0-12+lenny1.dsc Size/MD5 checksum: 1170 fa9aeb6e0fea3225fd5052b0ec0367a1 http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0.orig.tar.gz Size/MD5 checksum: 1926538 985e9f6d531ac0b2004f5cbebdeea87d http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm-free_10.0-12+lenny1.diff.gz Size/MD5 checksum: 50581 1c11ea48609ce48dd8033e076d5600a4 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_alpha.deb Size/MD5 checksum: 85754 ee6a4c6985623b01251b2eea34f3b0ed http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_alpha.deb Size/MD5 checksum: 77066 3f446c0ba741db2fa3bcfd23d364dd49 http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_alpha.deb Size/MD5 checksum: 1418402 ae06867d12399db5347715dc4ec2a7a9 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_alpha.deb Size/MD5 checksum: 138666 7a9f884eb231e458af1ecf0f3eccfa95 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_alpha.deb Size/MD5 checksum: 139220 815b677ff56f0ca1d565f9d0ae0fd783 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_amd64.deb Size/MD5 checksum: 1316736 fcc0ee53a1e98cdd555bf64082dff7de http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_amd64.deb Size/MD5 checksum: 121202 7b8458cfacab39974af0455f6cd1d740 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_amd64.deb Size/MD5 checksum: 79746 56f418df417d027e2424d57ac6196718 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_amd64.deb Size/MD5 checksum: 71600 0f9251a5ac278afd7c9ac0def7f542aa http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_amd64.deb Size/MD5 checksum: 121328 efaf769ff3769c8253af36a20facd612 arm architecture (ARM) http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_arm.deb Size/MD5 checksum: 110038 de55f1c7285508902453d36280a3473a http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_arm.deb Size/MD5 checksum: 70448 9258f240185bff2f2aeb6e2acf7abe07 http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_arm.deb Size/MD5 checksum: 1289442 e2155667bdef26b4a56082d1954aede2 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_arm.deb Size/MD5 checksum: 62610 88cb6d123e7585524c455f84cf7eee06 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_arm.deb Size/MD5 checksum: 109408 cb72adb5662a710cb95884cb7c7c3486 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_armel.deb Size/MD5 checksum: 1346838 74780ea09c6a52978e099966c7b082c8 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_armel.deb Size/MD5 checksum: 73150 69b0a60700bcfcf7dd2f4ff0fd9d3639 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_armel.deb Size/MD5 checksum: 111376 7a1c83e484415ed1612f7dbda0759a4b http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_armel.deb Size/MD5 checksum: 111524 26ce44e801847b99eb7ff4182a2ac513 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_armel.deb Size/MD5 checksum: 65690 424c79bb258ae1060dc3c162a6a224ff hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_hppa.deb Size/MD5 checksum: 128068 e89b255509ae53d3d471b3ea6b61a327 http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_hppa.deb Size/MD5 checksum: 1353520 91538d1fbce976a3da0fce0686d266d7 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_hppa.deb Size/MD5 checksum: 83408 d64f90b2130a88a04ed91743a6b8c80d http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_hppa.deb Size/MD5 checksum: 127756 1a0ef4c73e013fc76812421d62b4f725 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_hppa.deb Size/MD5 checksum: 73956 2d9790dbc1b51b84c13ee3655a8f9c5f i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_i386.deb Size/MD5 checksum: 71320 cd5419ceca00a00137544292cc81e65d http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_i386.deb Size/MD5 checksum: 112556 415cddd4ba07fa6c2d88728c6aa771ab http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_i386.deb Size/MD5 checksum: 65948 2bd2b8060fa1ad585f40c2b523e26ef2 http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_i386.deb Size/MD5 checksum: 1232756 4cdd10ae0b4fc3c29b8e48b22db4b2ab http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_i386.deb Size/MD5 checksum: 112684 0c1eba758b1e845e998ec05dd2a20184 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_ia64.deb Size/MD5 checksum: 151460 24ce4061a129d4b7487269b52bd981ad http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_ia64.deb Size/MD5 checksum: 102784 a11907eeb23bd601e1fd1fe6f6b5b97d http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_ia64.deb Size/MD5 checksum: 1801030 c2d3b4e5df13a19fc37d3eae936f4242 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_ia64.deb Size/MD5 checksum: 150852 0e92c75557c5abc011209f997511b529 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_ia64.deb Size/MD5 checksum: 93860 74dcc6fe263a10b582a9f3338ac5678f powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_powerpc.deb Size/MD5 checksum: 72810 9246b314de363fb063d622c8dda26ad5 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_powerpc.deb Size/MD5 checksum: 121484 aec4928130710350d2f27799cfc93199 http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_powerpc.deb Size/MD5 checksum: 1609076 8b142b29702b3b31772bbad6be09f667 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_powerpc.deb Size/MD5 checksum: 121488 32334965bde2c40bb1af211918884e6a http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_powerpc.deb Size/MD5 checksum: 85750 6fdf0f2c35f64a7828ac266d3cf32753 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/n/netpbm-free/netpbm_10.0-12+lenny1_sparc.deb Size/MD5 checksum: 1247660 f7a873f8aec06b1226adfd146ebd7582 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10_10.0-12+lenny1_sparc.deb Size/MD5 checksum: 64146 ad097ce36cc8b23357ad249a5faaad72 http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9_10.0-12+lenny1_sparc.deb Size/MD5 checksum: 70864 407a64c9358e99d5b827828a26b6affe http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm9-dev_10.0-12+lenny1_sparc.deb Size/MD5 checksum: 112638 b6e9adb2cb989bd992e962608ec58bfe http://security.debian.org/pool/updates/main/n/netpbm-free/libnetpbm10-dev_10.0-12+lenny1_sparc.deb Size/MD5 checksum: 113266 144e281cbbab19fd283d3f664b3bc2d6 ORIGINAL ADVISORY: DSA-2026-1: http://lists.debian.org/debian-security-announce/2010/msg00066.html OTHER REFERENCES: SA38530: http://secunia.com/advisories/38530/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 21:21:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 06:21:06 +0200 Subject: [SEC] [SA39338] Joomla! Picasa Component "controller" Local File Inclusion Vulnerability Message-ID: <201004060421.o364L6Uq004803@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! Picasa Component "controller" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39338 VERIFY ADVISORY: http://secunia.com/advisories/39338/ DESCRIPTION: A vulnerability has been discovered in the Picasa component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed to the "controller" parameter in index.php (if "option" is set to "com_joomlapicasa2") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks. The vulnerability is confirmed in version 2.0.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Vrs-hCk ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 21:43:59 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 06:43:59 +0200 Subject: [SEC] [SA39308] Debian update for xulrunner Message-ID: <201004060443.o364hxZg024662@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Debian update for xulrunner SECUNIA ADVISORY ID: SA39308 VERIFY ADVISORY: http://secunia.com/advisories/39308/ DESCRIPTION: Debian has issued an update for xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system. For more information: SA37242 SA39136 SOLUTION: Apply updated packages. -- Debian GNU/Linux 5.0 alias lenny -- Source archives: http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-1.diff.gz Size/MD5 checksum: 116550 6c9e415004f27291e49f84e90d1d0131 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-1.dsc Size/MD5 checksum: 1755 e04cb5b6bd5b8b7f9add59c8a806e3c8 Architecture independent packages: http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-1_all.deb Size/MD5 checksum: 1465282 ce022b6790d6e14f4b788c308653dab8 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_alpha.deb Size/MD5 checksum: 9484100 a782bd0ed837f3432c71a109dd98d045 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_alpha.deb Size/MD5 checksum: 223290 ecb8f397d3e6c7463b1c24c0a8ee3675 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_alpha.deb Size/MD5 checksum: 433032 7eec73671d538f485671874579557bc5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_alpha.deb Size/MD5 checksum: 51124160 1a6dcf57c7d1185c6d95ea4d8bad1f12 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_alpha.deb Size/MD5 checksum: 165330 ee07c899e85d144a8f04ecb462e1c780 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_alpha.deb Size/MD5 checksum: 113322 ac5b08d50ccb70971bb42f44dd938eb3 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_alpha.deb Size/MD5 checksum: 3356812 f445e0ef422d18b9428ee8190810eb5f http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_alpha.deb Size/MD5 checksum: 72410 b6055fee3f283a3b4f299398d156a21a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_alpha.deb Size/MD5 checksum: 940016 fc6778b3d408736e10d43b5f30d2469a amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_amd64.deb Size/MD5 checksum: 70096 59959a92c5cd12582b36000575b81b98 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_amd64.deb Size/MD5 checksum: 223180 7b656ca6976ca0bc5e5dac21a2566807 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_amd64.deb Size/MD5 checksum: 890448 643a3817476fd091dca841dfcefd4584 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_amd64.deb Size/MD5 checksum: 101702 96847a84ad24da47f98b4b332870c6bb http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_amd64.deb Size/MD5 checksum: 374384 85617766ed0a0ac960db1664b51f7891 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_amd64.deb Size/MD5 checksum: 152132 edcab736e161e97cf9738f43aecf2272 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_amd64.deb Size/MD5 checksum: 50350940 d38916e2024e9dc46dc40a30da643f2a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_amd64.deb Size/MD5 checksum: 3290136 7b32902cd2a92a45a4b8f7163b684ad9 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_amd64.deb Size/MD5 checksum: 7730682 b4f1fc1f804898e1e6e787c1e826dfcf arm architecture (ARM) http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_arm.deb Size/MD5 checksum: 140840 9213b7e72b0a4089d5e9220a3c2d1c59 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_arm.deb Size/MD5 checksum: 815414 c2ecc249eaaf006274019578d9325467 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_arm.deb Size/MD5 checksum: 84082 5a539ed642fe58a23f7e36046d6880f7 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_arm.deb Size/MD5 checksum: 222238 67145776fd90e6218a1b75e6c6b7c3d9 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_arm.deb Size/MD5 checksum: 49312054 9aa19e14aacb0afaced2067f9923ea0b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_arm.deb Size/MD5 checksum: 6798174 3706217040f237a960bc122fc7fee5dd http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_arm.deb Size/MD5 checksum: 350754 1d4d221f446d90b0d6e4b6b86f4fedbd http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_arm.deb Size/MD5 checksum: 3583612 899a0b80111ae54cf2f97ba747f7e90f http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_arm.deb Size/MD5 checksum: 68406 941ade1edf2e875e257b65334c85ad57 armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_armel.deb Size/MD5 checksum: 84618 8b9e421b08f62fa826d4d4559d65657a http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_armel.deb Size/MD5 checksum: 353042 3ad84aaa456eef02cf30301ffcbcb331 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_armel.deb Size/MD5 checksum: 142304 a1d731a41a4c20089cdb96eeeb52b82c http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_armel.deb Size/MD5 checksum: 822678 6f6677d15e6995acc40b2a01867a8dff http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_armel.deb Size/MD5 checksum: 3583134 257b1b81c726f5e62968119519bbe0a6 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_armel.deb Size/MD5 checksum: 223240 c0c70b778f57a1fb6fa56a4d10a04757 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_armel.deb Size/MD5 checksum: 6959862 9484bbf6d85604dc0bbadb10f2205795 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_armel.deb Size/MD5 checksum: 70574 1ff9b320aa648dbeebf3558cdf33d266 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_armel.deb Size/MD5 checksum: 50147836 73702b83786ef3b8313edb56b29359f1 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_hppa.deb Size/MD5 checksum: 412450 a484d05bdf756bf3c4f11d47d7d9b0ae http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_hppa.deb Size/MD5 checksum: 223022 0d4a5aa91ed4938685cbc2dc946b1624 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_hppa.deb Size/MD5 checksum: 106090 ae7211d323ac2cf55efb86320d24f1d9 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_hppa.deb Size/MD5 checksum: 51231378 0a89533b5c3cb6b30f86fc9305ba3699 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_hppa.deb Size/MD5 checksum: 71534 b28b5e9086c3c714e41cb291caafb5e1 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_hppa.deb Size/MD5 checksum: 158976 00d4f5c739aad8069d677d83424e523e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_hppa.deb Size/MD5 checksum: 898452 63b29a8fee489017233085ef111deff4 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_hppa.deb Size/MD5 checksum: 3623488 b11650685105902470f644985c3ee4fb http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_hppa.deb Size/MD5 checksum: 9517850 ef0a7bab2097c89458e1df4712bfe818 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_i386.deb Size/MD5 checksum: 68224 d79dbbd49ccd869fbb75ba6a6463e824 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_i386.deb Size/MD5 checksum: 140848 8a2c2187f946dcee05fcb6a8ea7b2348 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_i386.deb Size/MD5 checksum: 3569760 2fcc2fff9a8622c93849bcd52a95d66b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_i386.deb Size/MD5 checksum: 851994 10cebc4ce2b519229be78e0cb5b6bf24 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_i386.deb Size/MD5 checksum: 350988 81024ae846f8ef96e317c2f9fc732420 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_i386.deb Size/MD5 checksum: 222056 206b45fc3245d48c117b09ff9cf90f3b http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_i386.deb Size/MD5 checksum: 82716 22d5b3764a6dcd3bc35b5577a5de7bc0 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_i386.deb Size/MD5 checksum: 49523498 54a2e4f0ed19be5b0978ace5a379cb26 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_i386.deb Size/MD5 checksum: 6604388 7b0276ee4f8bb91d7900af2b437aa15b ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_ia64.deb Size/MD5 checksum: 11307954 5f41a2e3292471699098a71dc7e07d86 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_ia64.deb Size/MD5 checksum: 223272 53b380b4a2206b8e08239317210490db http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_ia64.deb Size/MD5 checksum: 811282 b2bb56fb4744608c5a6d9adaa11ac956 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_ia64.deb Size/MD5 checksum: 121662 87ae39bfee9b50c9530d8b862d0ec8ab http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_ia64.deb Size/MD5 checksum: 542262 a490459aa56a72227d746771c7e4fd38 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_ia64.deb Size/MD5 checksum: 49705360 fbf406c88d94e9df58b20c3860368a2f http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_ia64.deb Size/MD5 checksum: 3399446 e35b0acdbbe8ea41549c5408b3c994e4 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_ia64.deb Size/MD5 checksum: 180336 94e52072a9edeefebb3639b78e0906b9 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_ia64.deb Size/MD5 checksum: 76664 2d9a7ae2827fb63f192a4a19b4b52dff powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 3592586 55c062ecc411207bd989b0c90043e669 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 152718 0588b69278fa88cc4e46ee06b556b0c1 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 363498 8f3cf54da3915e67381812b1b6443dd1 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 888474 0ef63edd8c0adbe499bd669910e1e801 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 94508 96f25e720c7fd9afef7b5f6307c7ce2c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 7305390 3fb096941c22e896f65de9d05feab1e5 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 51430576 13d14a97056d060ef434c2371396b7eb http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 73504 94ef4eceab50e6bc4189abee7b5a4e02 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_powerpc.deb Size/MD5 checksum: 223302 3129fdf4c4ac144ea9dd2eac197b810a sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-1_sparc.deb Size/MD5 checksum: 49375616 86a3efe68f31cd50c54cd732d1969869 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-1_sparc.deb Size/MD5 checksum: 69526 9b077b92e08e5c424d3dda70bf9e0221 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-1_sparc.deb Size/MD5 checksum: 350202 9add4dc2667d1e66bfcecf3c51b20446 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-1_sparc.deb Size/MD5 checksum: 143276 90f5793e4ef8289563a2aa0412d8f1f3 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-1_sparc.deb Size/MD5 checksum: 821462 70e73a7be0077bea49846ef049ec1a14 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-1_sparc.deb Size/MD5 checksum: 7173522 752cec72a8bc6f013a0e5ae4798fb9fa http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-1_sparc.deb Size/MD5 checksum: 88382 b0abf523058087e5f96d9acf0a8adb07 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-1_sparc.deb Size/MD5 checksum: 222434 42ac86dea6c9bfbb986192440b6cf936 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-1_sparc.deb Size/MD5 checksum: 3569660 af4abe4b40d62e158ee09c4e6c908720 ORIGINAL ADVISORY: DSA-2027-1: http://lists.debian.org/debian-security-announce/2010/msg00067.html OTHER REFERENCES: SA37242: http://secunia.com/advisories/37242/ SA39136: http://secunia.com/advisories/39136/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 5 22:07:16 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 6 Apr 2010 07:07:16 +0200 Subject: [SEC] [SA39301] Fedora update for viewvc Message-ID: <201004060507.o3657G5n012122@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Fedora update for viewvc SECUNIA ADVISORY ID: SA39301 VERIFY ADVISORY: http://secunia.com/advisories/39301/ DESCRIPTION: Fedora has issued an update for viewvc. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA38918 SOLUTION: Apply updated packages via the yum utility ("yum update viewvc"). ORIGINAL ADVISORY: FEDORA-2010-5507: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038456.html FEDORA-2010-5524: http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038420.html OTHER REFERENCES: SA38918: http://secunia.com/advisories/38918/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 8 19:41:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 9 Apr 2010 04:41:09 +0200 Subject: [SEC] [SA39298] MODx Cross-Site Scripting and SQL Injection Message-ID: <201004090241.o392f9Og004090@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: MODx Cross-Site Scripting and SQL Injection SECUNIA ADVISORY ID: SA39298 VERIFY ADVISORY: http://secunia.com/advisories/39298/ DESCRIPTION: Some vulnerabilities have been reported in MODx CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions prior to 1.0.3. SOLUTION: Update to version 1.0.3. PROVIDED AND/OR DISCOVERED BY: JVN credits Takeshi Terada of Mitsui Bussan Secure Directions, Inc. ORIGINAL ADVISORY: MODx CMS: http://modxcms.com/forums/index.php/topic,47759.0.html JVN: http://jvn.jp/en/jp/JVN46669729/index.html http://jvn.jp/en/jp/JVN19774883/index.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 9 05:54:33 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 9 Apr 2010 14:54:33 +0200 Subject: [SEC] [SA39046] Pulse CMS Multiple Vulnerabilities Message-ID: <201004091254.o39CsXYt004832@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Pulse CMS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39046 VERIFY ADVISORY: http://secunia.com/advisories/39046/ DESCRIPTION: Secunia Research has discovered some vulnerabilities in Pulse CMS, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site request forgery attacks. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete image files or create blocks if a logged-in user visits a malicious web site. The vulnerability is confirmed in versions 1.2.2 and 1.2.3. Prior versions may also be affected. 2) An error in the validation of uploaded image files can be exploited to upload files with an arbitrary extension to a folder within the web root. This can be exploited to upload and execute arbitrary PHP code. Successful exploitation of this vulnerability requires authentication. The vulnerability is confirmed in versions 1.2.2 and 1.2.3. Prior versions may also be affected. While version 1.2.4 implements fixes related to the image upload functionality, it can still be exploited to execute arbitrary PHP code by uploading a malicious PHP script with multiple extensions (e.g. "shell.php.gif") if Apache is not configured to handle the mime-type for media files with e.g. "gif" extensions. SOLUTION: Update to version 1.2.4, which fixes vulnerability #1 and partially fixes vulnerability #2. PROVIDED AND/OR DISCOVERED BY: Secunia Research ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2010-46/ http://secunia.com/secunia_research/2010-47/ Pulse CMS: http://pulsecms.com/blog.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 9 20:23:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 10 Apr 2010 05:23:38 +0200 Subject: [SEC] [SA39287] TYPO3 Unspecified Command Execution Vulnerability Message-ID: <201004100323.o3A3NcqG005768@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: TYPO3 Unspecified Command Execution Vulnerability SECUNIA ADVISORY ID: SA39287 VERIFY ADVISORY: http://secunia.com/advisories/39287/ DESCRIPTION: A vulnerability has been reported in TYPO3, which can be exploited by malicious people to compromise a vulnerable system. Certain unspecified input passed to the autoloader is not properly sanitised before being used. This can be exploited to execute arbitrary PHP code. Successful exploitation requires that "register_globals", "allow_url_include", and "allow_url_fopen" are enabled. The vulnerability is reported in versions 4.3.0, 4.3.1, and 4.3.2. SOLUTION: Update to version 4.3.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Christian B?lter and Bastian Heiser. ORIGINAL ADVISORY: TYPO3-SA-2010-008: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-008/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Apr 10 06:32:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 10 Apr 2010 15:32:39 +0200 Subject: [SEC] [SA39206] VMware Products Multiple Vulnerabilities Message-ID: <201004101332.o3ADWdVM012950@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: VMware Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39206 VERIFY ADVISORY: http://secunia.com/advisories/39206/ DESCRIPTION: Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system. 1) Two errors in the VMware Tools package for Windows can be exploited to execute arbitrary code or potentially gain escalated privileges. For more information: SA39198 2) An error in the USB service can be exploited to gain escalated privileges on host systems by placing a malicious executable at a certain location on the host. NOTE: This vulnerability cannot be exploited without administrative privileges on recent Windows versions (e.g. Windows XP and Windows Vista). 3) An error in libpng can be exploited to disclose uninitialised memory via a specially crafted image. For more information: SA35346 4) A boundary error and two integer truncation errors in the VMnc codec can be exploited to potentially execute arbitrary code. For more information: SA36712 5) An error in the VMware Authorization Service ("vmware-authd") can be exploited to cause a crash. For more information: SA36988 6) An error in the virtual networking stack can be exploited to disclose potentially sensitive information. For more information: SA39203 7) A format string error in "vmrun" can be exploited to potentially gain escalated privileges. For more information: SA39201 SOLUTION: Update to a fixed version. VMware Workstation 6.5.x: Update to version 6.5.4 build 246459 or later. VMware Workstation 7.0: Update to version 7.0.1 build 227600 or later. VMware Player 2.5.x: Update to version 2.5.4 build 246459 or later. VMware Player 3.0: Update to version 3.0.1 build 227600 or later. VMware ACE 2.5.x: Update to version 2.5.4 build 246459 or later. VMware ACE 2.6: Update to version 2.6.1 build 227600 or later. VMware Fusion 2.x: Update to version 2.0.6 build 246742 or later. PROVIDED AND/OR DISCOVERED BY: 4) Alin Rad Pop, Secunia Research The vendor also credits: 1) Jure Skofic and Mitja Kolsek of ACROS Security 2) Thierry Zoller 4) iDefense and Sebastien Renaud of Vupen 6) Johann MacDonagh 7) Thomas Toth-Steiner ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/ OTHER REFERENCES: SA35346: http://secunia.com/advisories/35346/ SA36712: http://secunia.com/advisories/36712/ SA36988: http://secunia.com/advisories/36988/ SA39198: http://secunia.com/advisories/39198/ SA39201: http://secunia.com/advisories/39201/ SA39203: http://secunia.com/advisories/39203/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Apr 10 19:57:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 11 Apr 2010 04:57:15 +0200 Subject: [SEC] [SA39215] VMware Server Multiple Vulnerabilities Message-ID: <201004110257.o3B2vFIx027524@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: VMware Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39215 VERIFY ADVISORY: http://secunia.com/advisories/39215/ DESCRIPTION: Some vulnerabilities have been reported in VMware Server, which can be exploited by malicious, local users to disclose sensitive information or gain escalated privileges, and by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a user's system. For more information see vulnerabilities #3 through #7 in: SA39206 SOLUTION: Restrict local access to trusted users only. Do not open untrusted images or video files. ORIGINAL ADVISORY: VMSA-2010-0007: http://lists.vmware.com/pipermail/security-announce/2010/000090.html OTHER REFERENCES: SA39206: http://secunia.com/advisories/39206/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Apr 11 06:41:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 11 Apr 2010 15:41:45 +0200 Subject: [SEC] [SA39110] VMware Remote Console Plugin Format String Vulnerability Message-ID: <201004111341.o3BDfjLr003826@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: VMware Remote Console Plugin Format String Vulnerability SECUNIA ADVISORY ID: SA39110 VERIFY ADVISORY: http://secunia.com/advisories/39110/ DESCRIPTION: A vulnerability has been reported in VMware Remote Console, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a format string error in the VMware Remote Console (VMrc) plugin and can be exploited to potentially corrupt memory via a specially crafted web page. Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to a fixed version by visiting WebAccess on an updated vCenter 4.0 or ESX 4.0 system. Please see the vendor's advisory for more information. PROVIDED AND/OR DISCOVERED BY: The vendor credits Alexey Sintsov, Digital Security Research Group. ORIGINAL ADVISORY: VMSA-2010-0007: http://lists.vmware.com/pipermail/security-announce/2010/000090.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Apr 11 20:16:42 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 12 Apr 2010 05:16:42 +0200 Subject: [SEC] [SA39203] VMware Fusion 3 Virtual Networking Information Disclosure Message-ID: <201004120316.o3C3GgSM020634@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: VMware Fusion 3 Virtual Networking Information Disclosure SECUNIA ADVISORY ID: SA39203 VERIFY ADVISORY: http://secunia.com/advisories/39203/ DESCRIPTION: A vulnerability has been reported in VMware Fusion, which can be exploited by malicious, local users to disclose potentially sensitive information. The vulnerability is caused due to an error in the implementation of the virtual networking stack. This can be exploited from a guest operating system to disclose certain memory from the host "vmware-vmx" process. SOLUTION: Update to version 3.0.1 build 232708 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Johann MacDonagh. ORIGINAL ADVISORY: VMSA-2010-0007: http://lists.vmware.com/pipermail/security-announce/2010/000090.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 12 06:59:00 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 12 Apr 2010 15:59:00 +0200 Subject: [SEC] [SA36712] VMware Workstation Movie Decoder VMnc Multiple Vulnerabilities Message-ID: <201004121359.o3CDx0lH029328@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: VMware Workstation Movie Decoder VMnc Multiple Vulnerabilities SECUNIA ADVISORY ID: SA36712 VERIFY ADVISORY: http://secunia.com/advisories/36712/ DESCRIPTION: Secunia Research has discovered some vulnerabilities in VMware Workstation Movie Decoder, which can be exploited by malicious people to compromise a user's system. 1) A boundary error in the VMnc codec when processing HexTile encoded video chunks can be exploited to cause a heap-based buffer overflow. 2) Two integer truncation errors in the VMnc codec when processing HexTile encoded video chunks can be exploited to cause a heap-based buffer overflow. Successful exploitation of the vulnerabilities may allow execution of arbitrary code by tricking a user into opening a specially crafted AVI file. The vulnerabilities are confirmed in vmnc.dll version 6.5.3.8888 included in VMware Workstation Movie Decoder version 6.5.3 build 185404. Other versions may also be affected. SOLUTION: Update to version 6.5.4 Build 246459. http://download3.vmware.com/software/wkst/VMware-moviedecoder-6.5.4-246459.exe PROVIDED AND/OR DISCOVERED BY: Alin Rad Pop, Secunia Research The vendor also credits iDefense and Sebastien Renaud of Vupen. ORIGINAL ADVISORY: VMware (VMSA-2010-0007): http://lists.vmware.com/pipermail/security-announce/2010/000090.html Secunia Research: http://secunia.com/secunia_research/2009-36/ http://secunia.com/secunia_research/2009-37/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Apr 12 20:35:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 13 Apr 2010 05:35:22 +0200 Subject: [SEC] [SA39383] Garage Sale Arbitrary File Upload Security Issue Message-ID: <201004130335.o3D3ZMeW013688@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Garage Sale Arbitrary File Upload Security Issue SECUNIA ADVISORY ID: SA39383 VERIFY ADVISORY: http://secunia.com/advisories/39383/ DESCRIPTION: A security issue has been reported in Garage Sale, which can be exploited by malicious people to compromise a vulnerable system The security issue is caused due to the post.php script allowing the upload of files with arbitrary extensions to a folder inside the webroot while posting new ads. This can be exploited to upload arbitrary files inside the webroot and e.g. execute arbitrary PHP code. SOLUTION: Restrict access to the up_files directory (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: saidinh0 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Apr 13 06:56:48 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 13 Apr 2010 15:56:48 +0200 Subject: [SEC] [SA39258] Joomla tweetLA Component "controller" File Inclusion Vulnerability Message-ID: <201004131356.o3DDumsk021574@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla tweetLA Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39258 VERIFY ADVISORY: http://secunia.com/advisories/39258/ DESCRIPTION: A vulnerability has been discovered in the tweetLA component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_tweetla") is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12142 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Apr 13 20:41:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 05:41:09 +0200 Subject: [SEC] [SA39401] Joomla! Jvehicles Component "aid" SQL Injection Vulnerability Message-ID: <201004140341.o3E3f9hF014401@localhost.localdomain> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! Jvehicles Component "aid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39401 VERIFY ADVISORY: http://secunia.com/advisories/39401/ DESCRIPTION: Don Tukulesto has discovered a vulnerability in the Jvehicles component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "aid" parameter to index.php (when "option" is set to "com_jvehicles" and "task" is set to "agentlisting") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.1111. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Don Tukulesto ORIGINAL ADVISORY: http://www.indonesiancoder.org/joomla-component-jvehicles-aid-sql-injection-vulnerability ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 02:31:46 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 11:31:46 +0200 Subject: [SEC] [SA39098] Axon Virtual PBX Multiple Vulnerabilities Message-ID: <201004140931.o3E9VkEc013095@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Axon Virtual PBX Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39098 VERIFY ADVISORY: http://secunia.com/advisories/39098/ DESCRIPTION: Some vulnerabilities have been discovered in Axon Virtual PBX, which can be exploited by malicious users to manipulate certain data or disclose sensitive information and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed via the "id" parameter to /extensioninstruction is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete extensions if a logged-in administrative user visits a malicious web site. 3) Input passed via the "file" parameter to /logdelete is not properly verified before being used to delete files. This can be exploited to delete arbitrary files on the system via directory traversal attacks. Successful exploitation of this vulnerability requires authentication, but can also be exploited in combination with vulnerability #2. 4) Input passed via the "file" parameter to /logprop is not properly sanitised before being used to read files. This can be exploited to view content of arbitrary files on the system via directory traversal attacks. Successful exploitation of this vulnerability requires authentication. The vulnerabilities are confirmed in version 2.13. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences in a proxy. Grant only trusted users access to an affected system. Do not visit untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Ivan Markovic, reported via Secunia. ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 10:26:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 19:26:40 +0200 Subject: [SEC] [SA39422] Red Hat update for acroread Message-ID: <201004141726.o3EHQePT021722@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Red Hat update for acroread SECUNIA ADVISORY ID: SA39422 VERIFY ADVISORY: http://secunia.com/advisories/39422/ DESCRIPTION: Red Hat has issued an update for acroread. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system. For more information: SA39272 SOLUTION: Updated packages are available via Red Hat Network. http://rhn.redhat.com ORIGINAL ADVISORY: RHSA-2010:0349-1: https://rhn.redhat.com/errata/RHSA-2010-0349.html OTHER REFERENCES: SA39272: http://secunia.com/advisories/39272/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 11:26:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 20:26:40 +0200 Subject: [SEC] [SA39434] Sun Solaris Trusted Extensions Privilege Escalation Vulnerability Message-ID: <201004141826.o3EIQeXZ011633@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Sun Solaris Trusted Extensions Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA39434 VERIFY ADVISORY: http://secunia.com/advisories/39434/ DESCRIPTION: A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an unspecified error in the Trusted Extensions component. No more information is currently available. SOLUTION: Apply patches. -- SPARC Platform -- Solaris 10: Apply patches 119906-15, 122212-36, 120460-16, 120094-25, 122470-03, and 125533-15 or later. -- x86 Platform -- Solaris 10: Apply patches 119907-15, 122213-36, 120461-16, 120095-25, 122471-03, and 125534-15 or later. PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for April 2010 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://sunsolve.sun.com/search/document.do?assetkey=1-66-263689-1 http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2010.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 12:26:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 21:26:32 +0200 Subject: [SEC] [SA39377] Microsoft Windows Media Services Buffer Overflow Vulnerability Message-ID: <201004141926.o3EJQWnZ001463@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Media Services Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39377 VERIFY ADVISORY: http://secunia.com/advisories/39377/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in handling of transport information network packets in Windows Media Unicast Service (nsum.exe) and can be exploited to cause a stack-based buffer overflow via a specially crafted packet. Successful exploitation allows execution of arbitrary code. NOTE: Windows Media Services is an optional component and is not installed by default. SOLUTION: Apply patch. Microsoft Windows 2000 Server SP4: http://www.microsoft.com/downloads/details.aspx?familyid=73B3D681-26BB-49C1-849E-1F72484CB978 PROVIDED AND/OR DISCOVERED BY: The vendor credits Fabien Perigaud, CERT-LEXSI. ORIGINAL ADVISORY: MS10-025 (KB980858): http://www.microsoft.com/technet/security/bulletin/MS10-025.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 13:26:34 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 22:26:34 +0200 Subject: [SEC] [SA39374] Microsoft Windows Kernel Denial of Service Vulnerabilities Message-ID: <201004142026.o3EKQY50023822@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Kernel Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA39374 VERIFY ADVISORY: http://secunia.com/advisories/39374/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service). 1) An error in the Windows kernel due to the improper validation of the relocation section of image files can be exploited to restart the system. 2) Two vulnerabilities in the Windows kernel can be exploited to cause a DoS. For more information see vulnerabilities #1 and #6 in: SA39373 SOLUTION: Apply patches. Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=25E3CE7F-53A0-4049-A65C-011D2143C4C2 Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=8B99E54D-955B-4A06-9A04-B2F4596EFD72 Windows Server 2008 for Itanium-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=B1F9746D-61A2-406F-B707-60646BD5B5BB Windows 7 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=FF58D80C-33CE-4D9E-AAA5-0B1841458931 Windows 7 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=7F1DC055-2EC9-407A-9E69-DA12338587E3 Windows Server 2008 R2 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=28389C1D-2A12-4BEF-A59B-726BB6449C8B Windows Server 2008 R2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=D4EA3984-5183-47F1-814E-29CB6C90AE06 PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Martin Tofall of Obsidium Software. ORIGINAL ADVISORY: MS10-021 (KB979683): http://www.microsoft.com/technet/security/Bulletin/MS10-021.mspx OTHER REFERENCES: SA39373: http://secunia.com/advisories/39373/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 14:20:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 23:20:30 +0200 Subject: [SEC] [SA39253] Microsoft Exchange Server 2000 Information Disclosure Vulnerability Message-ID: <201004142120.o3ELKUjE013559@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Exchange Server 2000 Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA39253 VERIFY ADVISORY: http://secunia.com/advisories/39253/ DESCRIPTION: A vulnerability has been reported in Microsoft Exchange Server 2000, which can be exploited by malicious people to gain knowledge of certain sensitive information. The vulnerability is caused due to a memory allocation error in the SMTP component when interpreting SMTP responses. This can be exploited to disclose random e-mail message fragments by sending invalid commands followed by the STARTTLS command. SOLUTION: Apply patches. Microsoft Exchange Server 2000 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=e47c90a0-c9c8-43b7-bec7-34107ddde294 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-024 (KB976703, KB981832): http://www.microsoft.com/technet/security/bulletin/MS10-024.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 14:41:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 23:41:29 +0200 Subject: [SEC] [SA39381] Microsoft Office Visio Two Memory Corruption Vulnerabilities Message-ID: <201004142141.o3ELfT1i001644@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Office Visio Two Memory Corruption Vulnerabilities SECUNIA ADVISORY ID: SA39381 VERIFY ADVISORY: http://secunia.com/advisories/39381/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Visio, which can be exploited by malicious people to compromise a user's system. 1) An error in the validation of certain attributes can be exploited to corrupt memory. 2) An error when calculating certain indexes can be exploited to corrupt memory. Successful exploitation of the vulnerabilities may allow execution of arbitrary code by tricking a user into opening a specially crafted Visio file. SOLUTION: Apply patches. Microsoft Office Visio 2002 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=2d563cbc-d8f7-486b-8c54-25d168085376 Microsoft Office Visio 2003 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=803a7ea0-a9da-46dd-9548-0177d3774be7 Microsoft Office Visio 2007 SP1: http://www.microsoft.com/downloads/details.aspx?familyid=56fe020f-4444-4a43-aa98-e99a622f6a69 Microsoft Office Visio 2007 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=56fe020f-4444-4a43-aa98-e99a622f6a69 PROVIDED AND/OR DISCOVERED BY: The vendor credits Bing Liu, Fortinet's FortiGuard Labs. ORIGINAL ADVISORY: MS10-028 (KB980094, KB979356, KB979364, KB979365) http://www.microsoft.com/technet/security/bulletin/MS10-028.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 14:53:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 14 Apr 2010 23:53:31 +0200 Subject: [SEC] [SA39385] Joomla! SermonSpeaker Component "id" SQL Injection Vulnerabilities Message-ID: <201004142153.o3ELrV4j021832@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! SermonSpeaker Component "id" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA39385 VERIFY ADVISORY: http://secunia.com/advisories/39385/ DESCRIPTION: Some vulnerabilities have been reported in the SermonSpeaker component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "option" is set to "com_sermonspeaker" and "task" is set to e.g. "latest_sermons" or "speakerpopup") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: Other parameters may also be affected. The vulnerabilities are reported in versions prior to 3.2.1. SOLUTION: Update to version 3.2.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Samara Hart. ORIGINAL ADVISORY: http://joomlacode.org/gf/project/sermon_speaker/news/?action=NewsThreadView&id=2549 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 15:06:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 00:06:52 +0200 Subject: [SEC] [SA39414] Joomla Online Exam Component "controller" File Inclusion Vulnerability Message-ID: <201004142206.o3EM6qrP009625@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Online Exam Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39414 VERIFY ADVISORY: http://secunia.com/advisories/39414/ DESCRIPTION: A vulnerability has been discovered in the Online Exam component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_onlineexam") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.5.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 15:20:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 00:20:27 +0200 Subject: [SEC] [SA39415] Joomla My Files Component "controller" File Inclusion Vulnerability Message-ID: <201004142220.o3EMKRdw029846@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla My Files Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39415 VERIFY ADVISORY: http://secunia.com/advisories/39415/ DESCRIPTION: A vulnerability has been discovered in the My Files component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_myfiles") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 15:41:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 00:41:31 +0200 Subject: [SEC] [SA39416] Joomla Digital Diary Component "controller" File Inclusion Vulnerability Message-ID: <201004142241.o3EMfVae017991@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Digital Diary Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39416 VERIFY ADVISORY: http://secunia.com/advisories/39416/ DESCRIPTION: A vulnerability has been discovered in the Digital Diary component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_diary") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.5.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 15:53:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 00:53:31 +0200 Subject: [SEC] [SA39417] Joomla JoomMail Component "controller" File Inclusion Vulnerability Message-ID: <201004142253.o3EMrVhs005722@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla JoomMail Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39417 VERIFY ADVISORY: http://secunia.com/advisories/39417/ DESCRIPTION: A vulnerability has been discovered in the JoomMail component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_joommail") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 16:06:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 01:06:30 +0200 Subject: [SEC] [SA39392] Joomla! World Rates Component "controller" Local File Inclusion Vulnerability Message-ID: <201004142306.o3EN6Ujv025908@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! World Rates Component "controller" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39392 VERIFY ADVISORY: http://secunia.com/advisories/39392/ DESCRIPTION: A vulnerability has been discovered in the World Rates component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed via the "controller" parameter to index.php (when "option" is set to "com_worldrates") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 16:20:44 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 01:20:44 +0200 Subject: [SEC] [SA39413] Joomla Arcade Games Component "controller" File Inclusion Vulnerability Message-ID: <201004142320.o3ENKilo013745@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Arcade Games Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39413 VERIFY ADVISORY: http://secunia.com/advisories/39413/ DESCRIPTION: A vulnerability has been discovered in the Arcade Games component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_arcadegames") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 16:41:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 01:41:45 +0200 Subject: [SEC] [SA39373] Microsoft Windows Kernel Privilege Escalation and Denial of Service Vulnerabilities Message-ID: <201004142341.o3ENfjYJ001830@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Kernel Privilege Escalation and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA39373 VERIFY ADVISORY: http://secunia.com/advisories/39373/ DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges. 1) An error in the Windows kernel due to insufficient validation of registry keys passed to a Windows kernel system call can be exploited to restart the system. 2) An error in the Windows kernel when handling symbolic links can be exploited to cause the system to restart. 3) A memory allocation error in the Windows kernel when extracting the destination key of a symbolic-link type registry key can be exploited to execute arbitrary code with kernel privileges. 4) The Windows kernel does not properly restrict creation of symbolic links between untrusted and trusted registry hives, which can be exploited to execute arbitrary code with escalated privileges. 5) An error in the Windows kernel when validating registry keys can be exploited to cause the system to restart. 6) An error exists in the Windows kernel when resolving the real path for a registry key from its virtual path, which can be exploited to cause the system to restart. 7) An error in the Windows kernel when handling certain exceptions can be exploited to cause the system to restart. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=C5F4577E-7546-40E9-8BCD-BE11C1B260A6 Windows XP SP2 / SP3: http://www.microsoft.com/downloads/details.aspx?familyid=142710FD-9CD4-4DD0-AABA-2AACE03C008F Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=3C0CB02E-3484-4CDF-8C64-C697AD3E2889 Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=0A7EA2D0-61CE-4B68-AD82-D917B1A56F9D Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=1FC66F54-260A-4219-A0B4-056BA9DD0ABE Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=8DCB8BE8-FB78-4518-AA7E-F8B17F7DFB86 Windows Vista: http://www.microsoft.com/downloads/details.aspx?familyid=86D7B054-AF4F-4D8A-9873-CB5246466374 Windows Vista SP1 / SP2: http://www.microsoft.com/downloads/details.aspx?familyid=86D7B054-AF4F-4D8A-9873-CB5246466374 Windows Vista x64 Edition: http://www.microsoft.com/downloads/details.aspx?familyid=7C84AA24-6331-427A-969C-27F7D39DB3D7 Windows Vista x64 Edition SP1 / SP2: http://www.microsoft.com/downloads/details.aspx?familyid=7C84AA24-6331-427A-969C-27F7D39DB3D7 PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1-5) Matthew 'j00ru' Jurczyk and Gynvael Coldwind of Hispasec Virustotal 6, 7) Tavis Ormandy of Google, Inc. ORIGINAL ADVISORY: MS10-021 (KB979683): http://www.microsoft.com/technet/security/Bulletin/MS10-021.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 16:53:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 01:53:23 +0200 Subject: [SEC] [SA39400] openUrgence Vaccin File Inclusion Vulnerabilities Message-ID: <201004142353.o3ENrNq1021999@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: openUrgence Vaccin File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA39400 VERIFY ADVISORY: http://secunia.com/advisories/39400/ DESCRIPTION: Some vulnerabilities have been discovered in openUrgence Vaccin, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system. 1) Input passed to the "path_om" parameter in collectivite.class.php, injection.class.php, utilisateur.class.php, droit.class.php, laboratoire.class.php, vaccin.class.php, effetsecondaire.class.php, medecin.class.php, individu.class.php, and profil.class.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or remote resources. 2) Input passed to the "dsn[phptype]" parameter in scr/soustab.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. Successful exploitation of both vulnerabilities requires that "register_globals" is enabled. The vulnerabilities are confirmed in version 1.03. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: cr4wl3r ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 17:06:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 02:06:29 +0200 Subject: [SEC] [SA39371] Microsoft Windows Authentication Verification Two Vulnerabilities Message-ID: <201004150006.o3F06T3Z009790@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Authentication Verification Two Vulnerabilities SECUNIA ADVISORY ID: SA39371 VERIFY ADVISORY: http://secunia.com/advisories/39371/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. 1) An error exists within the Windows Authenticode Signature Verification function when processing certain fields of the file digest of portable executable (PE) and cabinet file formats. This can be exploited to inject arbitrary code into a signed executable without making the signature of the file invalid. 2) An error exists in the Windows Authenticode Signature verification for cabinet (.cab) file formats when processing certain fields of the file digest. This can be exploited to inject arbitrary code into a cabinet file without making the signature of the file invalid. Successful exploitation requires that a user is tricked into opening or viewing a specially crafted file. SOLUTION: Apply patches. -- Microsoft Windows 2000 SP4 -- Authenticode Signature Verification 5.1: http://www.microsoft.com/downloads/details.aspx?familyid=D7538166-35EE-4C6B-BE8C-E83A1FC6CD77 Cabinet File Viewer Shell Extension 5.1: http://www.microsoft.com/downloads/details.aspx?familyid=13846177-F25F-4DD4-9FE9-AC43E1D4D73D -- Windows XP SP2 / SP3 -- Authenticode Signature Verification 5.1: http://www.microsoft.com/downloads/details.aspx?familyid=2A01DDF0-F3EA-47C8-ADA2-E69F6C1B5F96 Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=6C3AC102-2107-4726-98BE-4FBF6B858BFB -- Windows XP Professional x64 Edition SP2 -- Authenticode Signature Verification 5.1: http://www.microsoft.com/downloads/details.aspx?familyid=9BBFF00C-F8F4-4A44-98F2-18A868986AE1 Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=E64E487E-2727-4396-B0C9-6EAF000214D2 -- Windows Server 2003 SP2 -- Authenticode Signature Verification 5.1: http://www.microsoft.com/downloads/details.aspx?familyid=0E7E3DEB-F078-4953-9642-675EC69267F2 Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=7AE9B1D0-0DBE-4ABD-B315-10CEA4CECCD7 -- Windows Server 2003 x64 Edition SP2 -- Authenticode Signature Verification 5.1: http://www.microsoft.com/downloads/details.aspx?familyid=99A3F6DA-728F-421C-AB41-C4C4751934A4 Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=1709FD4E-D7C6-4CBB-8B71-A96B8D6EEE58 -- Windows Server 2003 with SP2 for Itanium-based Systems -- Authenticode Signature Verification 5.1: http://www.microsoft.com/downloads/details.aspx?familyid=06832599-1E9B-4792-8C7B-7B5B3A3D6277 Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=811A2B28-655D-4B5D-821E-5A90D556DBA3 -- Windows Vista (optionally with SP1 / SP2) -- Authenticode Signature Verification 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=A52225A7-6005-4F2B-8291-DB20558F23F8 Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=6145E2B2-36FD-4360-BD5B-2BD11890FC52 -- Windows Vista x64 Edition (optionally with SP1 / SP2) -- Authenticode Signature Verification 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=9BA7468C-23A4-4994-9A5A-22E96EF586F3 Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=5B7EFA82-0FEB-413A-9F8E-212E7432CD99 -- Windows Server 2008 for 32-bit Systems (optionally with SP2) -- Authenticode Signature Verification 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=97FFEEC8-8B6D-4A30-97B0-4BFF2BA5E91D Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=F111735B-68B0-4BCC-9DD8-818A5ECA3400 -- Windows Server 2008 for x64-based Systems (optionally with SP2) -- Authenticode Signature Verification 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=49F9F740-023A-4291-BECF-838A1D282321 Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=91C08251-0085-44CB-9E9C-9A1A84374CAF -- Windows Server 2008 for Itanium-based Systems (optionally with SP2) -- Authenticode Signature Verification 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=BD60779A-8BB1-4107-A344-9B09A50E96FF Cabinet File Viewer Shell Extension 6.0: http://www.microsoft.com/downloads/details.aspx?familyid=EB116688-1D6E-4E20-948E-1D347AF5D985 -- Windows 7 for 32-bit Systems -- Authenticode Signature Verification 6.1: http://www.microsoft.com/downloads/details.aspx?familyid=8D4A6C65-E171-4570-8F3F-118F06910BAF Cabinet File Viewer Shell Extension 6.1: http://www.microsoft.com/downloads/details.aspx?familyid=F0DBAC52-0F0E-40BC-9371-17FA594424D5 -- Windows 7 for x64-based Systems -- Authenticode Signature Verification 6.1: http://www.microsoft.com/downloads/details.aspx?familyid=CF8C6721-05C2-4680-93B4-BE36F09C6D15 Cabinet File Viewer Shell Extension 6.1: http://www.microsoft.com/downloads/details.aspx?familyid=B23EFE7D-BCA4-4D49-9104-6AE39DC5DAA9 -- Windows Server 2008 R2 for x64-based Systems -- Authenticode Signature Verification 6.1: http://www.microsoft.com/downloads/details.aspx?familyid=94DFDAAE-8464-4DE6-A401-7EB70B3BB34F Cabinet File Viewer Shell Extension 6.1: http://www.microsoft.com/downloads/details.aspx?familyid=A2979C02-2A80-4B84-BF6C-4798064BDF28 -- Windows Server 2008 R2 for Itanium-based Systems -- Authenticode Signature Verification 6.1: http://www.microsoft.com/downloads/details.aspx?familyid=40F622D2-48E7-4EB2-9430-BBD218CB5208 Cabinet File Viewer Shell Extension 6.1: http://www.microsoft.com/downloads/details.aspx?familyid=5E416D4B-5DE7-4688-80C6-245DE159E0CE PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-019 (KB981210, KB978601, KB979309) http://www.microsoft.com/technet/security/Bulletin/MS10-019.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 17:20:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 02:20:28 +0200 Subject: [SEC] [SA39353] Atlassian JIRA Two Vulnerabilities Message-ID: <201004150020.o3F0KSg2030011@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Atlassian JIRA Two Vulnerabilities SECUNIA ADVISORY ID: SA39353 VERIFY ADVISORY: http://secunia.com/advisories/39353/ DESCRIPTION: Two vulnerabilities have been reported in Atlassian JIRA, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks. 1) An unspecified error can potentially be exploited to gain operating system account privileges to the server infrastructure. Successful exploitation of this vulnerability requires administrative privileges. 2) Unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 3.12.3, 3.13.5, 4.0.2, and 4.1. Other versions may also be affected. NOTE: The vulnerabilities are reportedly being exploited in the wild. SOLUTION: Apply the patches. http://jira.atlassian.com/browse/JRA-20994 http://jira.atlassian.com/browse/JRA-20995 PROVIDED AND/OR DISCOVERED BY: Discovered in the wild. ORIGINAL ADVISORY: Atlassian JIRA: http://jira.atlassian.com/browse/JRA-20994 http://jira.atlassian.com/browse/JRA-20995 OTHER REFERENCES: https://blogs.apache.org/infra/entry/apache_org_04_09_2010 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 17:41:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 02:41:21 +0200 Subject: [SEC] [SA39382] Microsoft Windows ISATAP Component IP Address Spoofing Vulnerability Message-ID: <201004150041.o3F0fLlF018153@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Windows ISATAP Component IP Address Spoofing Vulnerability SECUNIA ADVISORY ID: SA39382 VERIFY ADVISORY: http://secunia.com/advisories/39382/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to an error in the ISATAP component in the way the inner packet's IPv6 source address in a tunneled ISATAP packet is checked. This can be exploited to spoof an IP address thereby bypassing edge or host firewalls and gain knowledge of certain information in responses. SOLUTION: Apply patches. Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=9DC3E1C2-2E9D-4D86-9FCE-446C409AD613 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=D872BD77-F491-4706-8FF5-081AC0BF3D6F Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=CD007A6C-04B3-490C-AFF4-D5AF3E69D477 Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=19CFDDFE-E8DA-4564-9730-BABFAE4A3EBB Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=916F1B09-E79E-4347-9FBC-C0CF07DE397D Windows Vista (optionally with SP1/SP2): http://www.microsoft.com/downloads/details.aspx?familyid=196055A6-15D1-4DA8-B33D-501E69BF5176 Windows Vista x64 Edition (optionally with SP1/SP2): http://www.microsoft.com/downloads/details.aspx?familyid=7C1D1622-1B67-438D-AAE4-1A3954974A36 Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=61ECE7BC-E9FA-4EDE-BA7D-9E5A4C64B9BE Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=72E7C7EA-55EF-457B-A03A-49AA9DEA2E84 Windows Server 2008 for Itanium-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=8C48302C-A1D6-41BC-AD24-7CE7332D4842 PROVIDED AND/OR DISCOVERED BY: The vendor credits Gabi Nakibly, National EW Research & Simulation Center. CHANGELOG: 2010-04-14: Added link to "Original Advisory" section. ORIGINAL ADVISORY: MS10-029 (KB978338): http://www.microsoft.com/technet/security/Bulletin/MS10-029.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 17:53:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 02:53:22 +0200 Subject: [SEC] [SA39380] Windows Media Player Hosted Media Content Handling Vulnerability Message-ID: <201004150053.o3F0rMvg005886@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Windows Media Player Hosted Media Content Handling Vulnerability SECUNIA ADVISORY ID: SA39380 VERIFY ADVISORY: http://secunia.com/advisories/39380/ DESCRIPTION: A vulnerability has been reported in Windows Media Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a use-after-free error in the Windows Media Player ActiveX control when retrieving a codec for an unknown fourCC compression code. This can be exploited by tricking a user into accessing a web page hosting media content where the control is removed from the page while the codec is requested from Microsoft. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=C0B8B362-A321-4AC9-BE98-15C71BB7A043 Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?familyid=5C748C6D-84D1-45A9-8A33-9372EB5504D5 Windows XP SP3: http://www.microsoft.com/downloads/details.aspx?familyid=9E4277B4-2DC5-4163-A6AA-7E07DD32B721 PROVIDED AND/OR DISCOVERED BY: An anonymous person via ZDI. CHANGELOG: 2010-04-14: Added additional information provided by ZDI. ORIGINAL ADVISORY: MS10-027 (KB979402): http://www.microsoft.com/technet/security/bulletin/MS10-027.mspx ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-070/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 18:06:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 03:06:21 +0200 Subject: [SEC] [SA39410] Joomla Easy Ad Banner Component "controller" File Inclusion Vulnerability Message-ID: <201004150106.o3F16LcX026075@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Easy Ad Banner Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39410 VERIFY ADVISORY: http://secunia.com/advisories/39410/ DESCRIPTION: A vulnerability has been discovered in the Easy Ad Banner component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_advertising") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 0.25. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 18:20:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 03:20:22 +0200 Subject: [SEC] [SA39409] Joomla Online Market Component "controller" File Inclusion Vulnerability Message-ID: <201004150120.o3F1KM32013903@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Online Market Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39409 VERIFY ADVISORY: http://secunia.com/advisories/39409/ DESCRIPTION: A vulnerability has been discovered in the Online Market component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_market") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 18:41:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 03:41:21 +0200 Subject: [SEC] [SA39285] Joomla Preventive & Reservation Component "controller" File Inclusion Vulnerability Message-ID: <201004150141.o3F1fLhR001989@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Preventive & Reservation Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39285 VERIFY ADVISORY: http://secunia.com/advisories/39285/ DESCRIPTION: A vulnerability has been discovered in the Preventive & Reservation component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_preventive") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12147 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 18:53:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 03:53:30 +0200 Subject: [SEC] [SA39405] Joomla Web TV Component "controller" File Inclusion Vulnerability Message-ID: <201004150153.o3F1rUxH022174@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Web TV Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39405 VERIFY ADVISORY: http://secunia.com/advisories/39405/ DESCRIPTION: A vulnerability has been discovered in the Web TV component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_webtv") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 19:09:05 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 04:09:05 +0200 Subject: [SEC] [SA39262] Joomla Jfeedback Component "controller" File Inclusion Vulnerability Message-ID: <201004150209.o3F295N1010416@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Jfeedback Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39262 VERIFY ADVISORY: http://secunia.com/advisories/39262/ DESCRIPTION: A vulnerability has been discovered in the Jfeedback component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_jfeedback") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12145 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 19:20:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 04:20:28 +0200 Subject: [SEC] [SA39282] Joomla Jproject Manager Component "controller" File Inclusion Vulnerability Message-ID: <201004150220.o3F2KSeK030525@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Jproject Manager Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39282 VERIFY ADVISORY: http://secunia.com/advisories/39282/ DESCRIPTION: A vulnerability has been discovered in the Jproject Manager component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_jprojectmanager") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12146 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 19:41:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 04:41:23 +0200 Subject: [SEC] [SA39375] Microsoft Office Publisher File Parsing Buffer Overflow Vulnerability Message-ID: <201004150241.o3F2fNeP018651@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Office Publisher File Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39375 VERIFY ADVISORY: http://secunia.com/advisories/39375/ DESCRIPTION: A vulnerability has been reported in Microsoft Office Publisher, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the TextBox conversion functionality for Publisher 97 format files. This can be exploited to cause a buffer overflow via a specially crafted Publisher file. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Microsoft Office Publisher 2002 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=943b3830-70d5-46c5-bffc-1b494434b5f7 Microsoft Office Publisher 2003 SP3: http://www.microsoft.com/downloads/details.aspx?familyid=7c2f4610-77bb-4d72-847b-1a06c523b137 Microsoft Office Publisher 2007 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=10ca2f71-0ab2-4344-b7fd-bbbd6a783a96 PROVIDED AND/OR DISCOVERED BY: Lionel d'Hauenens via ZDI. CHANGELOG: 2010-04-14: Added additional information provided by ZDI. ORIGINAL ADVISORY: MS10-023 (KB980466, KB980469, KB980470): http://www.microsoft.com/technet/security/bulletin/MS10-023.mspx ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-069/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 19:53:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 04:53:37 +0200 Subject: [SEC] [SA39411] Joomla CV Maker Component "controller" File Inclusion Vulnerability Message-ID: <201004150253.o3F2rbhx006400@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla CV Maker Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39411 VERIFY ADVISORY: http://secunia.com/advisories/39411/ DESCRIPTION: A vulnerability has been discovered in the CV Maker component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_cvmaker") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 20:06:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 05:06:27 +0200 Subject: [SEC] [SA39378] MyBB Multiple Vulnerabilities Message-ID: <201004150306.o3F36RAs026567@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: MyBB Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39378 VERIFY ADVISORY: http://secunia.com/advisories/39378/ DESCRIPTION: Some vulnerabilities have been reported in MyBB, which can be exploited by malicious people to conduct cross-site request forgery attacks and bypass certain security restrictions. 1) The password reset functionality relies on an insecure random number generator to create password reset tokens. This can potentially be exploited to guess a generated token or password. Note: Successful exploitation may require that PHP processes are reused by the webserver. 2) Certain input passed via the URL to the password reset functionality is not properly sanitised before being used, which can be exploited to e.g. inject a "BCC:" header to the password reset email by tricking a user into following a specially crafted link. 3) The application allows users to perform certain actions via HTTP requests, without performing any validity checks to verify the request. This can be exploited by tricking a user into visiting a malicious site. SOLUTION: Update to version 1.4.12. PROVIDED AND/OR DISCOVERED BY: 1, 2) Stefan Esser 3) Labrocca ORIGINAL ADVISORY: http://blog.mybboard.net/2010/04/13/mybb-1-4-12-released-security-maintenance-update/ 1) http://www.sektioneins.com/en/advisories/advisory-022010-mybb-password-reset-weak-random-numbers-vulnerability/ 2) http://www.sektioneins.com/en/advisories/advisory-012010-mybb-password-reset-email-bcc-injection-vulnerability/ 3) http://dev.mybboard.net/issues/852 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 20:20:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 05:20:28 +0200 Subject: [SEC] [SA39379] Microsoft Windows MPEG Layer-3 Codecs Buffer Overflow Message-ID: <201004150320.o3F3KSoR014392@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Windows MPEG Layer-3 Codecs Buffer Overflow SECUNIA ADVISORY ID: SA39379 VERIFY ADVISORY: http://secunia.com/advisories/39379/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the MPEG Layer-3 codecs and can be exploited to cause a stack-based buffer overflow when decoding an AVI file containing a specially crafted MPEG Layer-3 audio stream. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=F6394FC2-B9D0-46CF-9265-A0D4AEB1448F Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=B1582A74-4A7B-4540-BEB1-7C89C86EAE87 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=8AFCA317-A647-44AA-A771-5D85CD5D62EA Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=9F89746C-181E-4177-A851-EC1826E78B6D Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=B97E7EA1-A163-4CE4-8CBC-5F933773C4B2 Windows Vista (optionally with SP1/SP2): http://www.microsoft.com/downloads/details.aspx?familyid=0E7140BB-42D3-48B3-9F4B-D55B17770DE8 Windows Vista x64 Edition (optionally with SP1/SP2): http://www.microsoft.com/downloads/details.aspx?familyid=B885AEF4-3A5D-4C3E-BEF6-5EFEF2965752 Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=8E9C04C9-898F-4ED2-949D-F4343CC0D9F6 Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=D6F2E1AE-48D3-4D2C-B329-32CFF00AFEE5 PROVIDED AND/OR DISCOVERED BY: The vendor credits Yamata Li, Palo Alto Networks. ORIGINAL ADVISORY: MS10-026 (KB977816): http://www.microsoft.com/technet/security/bulletin/MS10-026.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 20:41:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 05:41:28 +0200 Subject: [SEC] [SA39388] Joomla! Sweety Keeper Component "controller" Local File Inclusion Vulnerability Message-ID: <201004150341.o3F3fSFJ002493@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! Sweety Keeper Component "controller" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39388 VERIFY ADVISORY: http://secunia.com/advisories/39388/ DESCRIPTION: A vulnerability has been discovered in the Sweety Keeper component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed via the "controller" parameter to index.php (when "option" is set to "com_sweetykeeper") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 20:53:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 05:53:19 +0200 Subject: [SEC] [SA39412] Joomla AddressBook Component "controller" File Inclusion Vulnerability Message-ID: <201004150353.o3F3rJFK022656@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla AddressBook Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39412 VERIFY ADVISORY: http://secunia.com/advisories/39412/ DESCRIPTION: A vulnerability has been discovered in the AddressBook component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_addressbook") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.5.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 21:06:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 06:06:39 +0200 Subject: [SEC] [SA39407] Joomla Online Flash Games Component "controller" File Inclusion Vulnerability Message-ID: <201004150406.o3F46dvw010465@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Online Flash Games Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39407 VERIFY ADVISORY: http://secunia.com/advisories/39407/ DESCRIPTION: A vulnerability has been discovered in the Online Flash Games component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_flashgames") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.5.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 21:20:33 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 06:20:33 +0200 Subject: [SEC] [SA39406] Joomla Daily Horoscope Component "controller" File Inclusion Vulnerability Message-ID: <201004150420.o3F4KXK0030667@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Daily Horoscope Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39406 VERIFY ADVISORY: http://secunia.com/advisories/39406/ DESCRIPTION: A vulnerability has been discovered in the Daily Horoscope component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_horoscope") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.5.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 21:41:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 06:41:27 +0200 Subject: [SEC] [SA39408] Joomla Memory Book Component "controller" File Inclusion Vulnerability Message-ID: <201004150441.o3F4fRwv018809@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Memory Book Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39408 VERIFY ADVISORY: http://secunia.com/advisories/39408/ DESCRIPTION: A vulnerability has been discovered in the Memory Book component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_memory") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.5.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 21:53:42 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 06:53:42 +0200 Subject: [SEC] [SA39219] Joomla JA JobBoard Component Two File Inclusion Vulnerabilities Message-ID: <201004150453.o3F4rgdR006546@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla JA JobBoard Component Two File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA39219 VERIFY ADVISORY: http://secunia.com/advisories/39219/ DESCRIPTION: Two vulnerabilities have been reported in the JA JobBoard component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" and "view" parameters in index.php (when "option" is set to "com_jajobboard") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerabilities are reported in version 1.4.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12144 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Apr 14 22:06:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 07:06:26 +0200 Subject: [SEC] [SA39376] Microsoft Exchange / Windows SMTP Service Two Vulnerabilities Message-ID: <201004150506.o3F56QAD026729@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Microsoft Exchange / Windows SMTP Service Two Vulnerabilities SECUNIA ADVISORY ID: SA39376 VERIFY ADVISORY: http://secunia.com/advisories/39376/ DESCRIPTION: Some vulnerabilities have been reported in Microsoft Windows and Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or gain knowledge of sensitive information. 1) An error in the SMTP service when parsing DNS Mail Exchanger (MX) records can be exploited to cause the service to stop responding until a specially crafted message is removed from the queue and the service is restarted. 2) A memory allocation error in the SMTP component when interpreting SMTP responses can be exploited to disclose random e-mail message fragments by sending invalid commands followed by the STARTTLS command. SOLUTION: Apply patches. Microsoft Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=88A0E872-01DE-495B-8EEC-D105A970DAA7 Windows XP SP2/SP3: http://www.microsoft.com/downloads/details.aspx?familyid=DE447B76-EC89-426B-AC54-3AE3855D1159 Windows XP Professional x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=4F9A696D-2712-4777-A642-E78A38336E8A Windows Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=F781E9E4-87D4-4243-9D44-256424D75FEC Windows Server 2003 x64 Edition SP2: http://www.microsoft.com/downloads/details.aspx?familyid=644FF070-237B-4A73-B2E2-9FFFDAFA3927 Windows Server 2003 with SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=56C8238D-8B04-4AA5-8719-40550CD7325C Windows Server 2008 for 32-bit Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=E29EAD69-000A-4982-A25C-F3981EDA381A Windows Server 2008 for x64-based Systems (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=8F922E64-E3A6-46FE-9A81-B2813EA6A330 Windows Server 2008 R2 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=EB27CD2B-D514-4405-8650-259A42E35155 Microsoft Exchange Server 2003 SP2: http://www.microsoft.com/downloads/details.aspx?familyid=bc8391f8-5335-496b-ad4c-bae38509be4a PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-024 (KB976323, KB976702, KB981407, KB981832): http://www.microsoft.com/technet/security/bulletin/MS10-024.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 10:26:34 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 19:26:34 +0200 Subject: [SEC] [SA39463] SecureSphere Web Application and Database Firewall Security Bypass Message-ID: <201004151726.o3FHQYio008026@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: SecureSphere Web Application and Database Firewall Security Bypass SECUNIA ADVISORY ID: SA39463 VERIFY ADVISORY: http://secunia.com/advisories/39463/ DESCRIPTION: A vulnerability has been reported in SecureSphere Web Application and Database Firewall, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability exists due to improper filtering of web requests, which can be exploited to bypass the firewall's filtering protection by appending large data to the request. The vulnerability is reported in version 7.0.0.7078, 7.0.0.7061, 6.2.0.6463, 6.2.0.6442, 6.0.6.6302, 6.0.6.6274, 6.0.5.6238, 6.0.5.6230, 6.0.4.6128, 5.0.0.5082, 6.0.4.6128 on XOS 8.0/5, and 7.0.0.7078 on XOS 8.5.3. SOLUTION: Apply patches (please see the vendor advisory for details). PROVIDED AND/OR DISCOVERED BY: Scott Miles and Greag Johnson, Clear Skies Security. ORIGINAL ADVISORY: SecureSphere: http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html Clear Skies Security: http://www.clearskies.net/documents/css-advisory-css1001-imperva.php ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 11:26:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 20:26:31 +0200 Subject: [SEC] [SA39467] Joomla wgPicasa Component "controller" File Inclusion Vulnerability Message-ID: <201004151826.o3FIQVP7030314@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla wgPicasa Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39467 VERIFY ADVISORY: http://secunia.com/advisories/39467/ DESCRIPTION: A vulnerability has been discovered in the wgPicasa component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_wgpicasa") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12230 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 12:26:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 21:26:35 +0200 Subject: [SEC] [SA39470] Joomla MT Fire Eagle Component "controller" File Inclusion Vulnerability Message-ID: <201004151926.o3FJQZRP020207@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla MT Fire Eagle Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39470 VERIFY ADVISORY: http://secunia.com/advisories/39470/ DESCRIPTION: A vulnerability has been discovered in the MT Fire Eagle component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_mtfireeagle") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12233 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 13:26:33 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 22:26:33 +0200 Subject: [SEC] [SA39468] Joomla S5 Clan Roster Component Two File Inclusion Vulnerabilities Message-ID: <201004152026.o3FKQX4q010104@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla S5 Clan Roster Component Two File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA39468 VERIFY ADVISORY: http://secunia.com/advisories/39468/ DESCRIPTION: Two vulnerabilities have been reported in the S5 Clan Roster component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" and "view" parameters in index.php (when "option" is set to "com_s5clanroster") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12231 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 14:20:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 23:20:32 +0200 Subject: [SEC] [SA39471] Joomla Love Factory Component "controller" File Inclusion Vulnerability Message-ID: <201004152120.o3FLKWIf032218@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Love Factory Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39471 VERIFY ADVISORY: http://secunia.com/advisories/39471/ DESCRIPTION: A vulnerability has been reported in the Love Factory component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_lovefactory") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is reported in version 1.3.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12235 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 14:41:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 23:41:36 +0200 Subject: [SEC] [SA39472] Joomla JA Comment Component "view" File Inclusion Vulnerability Message-ID: <201004152141.o3FLfaul020348@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla JA Comment Component "view" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39472 VERIFY ADVISORY: http://secunia.com/advisories/39472/ DESCRIPTION: A vulnerability has been reported in the JA Comment component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "view" parameter in index.php (when "option" is set to "com_jacomment") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12236 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 14:53:41 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 15 Apr 2010 23:53:41 +0200 Subject: [SEC] [SA39469] Joomla Photo Battle Component "view" File Inclusion Vulnerability Message-ID: <201004152153.o3FLrfYe008077@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Photo Battle Component "view" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39469 VERIFY ADVISORY: http://secunia.com/advisories/39469/ DESCRIPTION: A vulnerability has been reported in the Photo Battle component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "view" parameter in index.php (when "option" is set to "com_photobattle") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is reported in version 1.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12232 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 15:06:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 00:06:52 +0200 Subject: [SEC] [SA39473] Joomla Deluxe Blog Factory Component "controller" File Inclusion Vulnerability Message-ID: <201004152206.o3FM6q7Z028244@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Deluxe Blog Factory Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39473 VERIFY ADVISORY: http://secunia.com/advisories/39473/ DESCRIPTION: A vulnerability has been reported in the Deluxe Blog Factory component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_blogfactory") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is reported in version 1.1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12238 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 15:20:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 00:20:26 +0200 Subject: [SEC] [SA39427] Joomla! Intellectual Property Component "id" SQL Injection Vulnerability Message-ID: <201004152220.o3FMKQAK016034@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! Intellectual Property Component "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39427 VERIFY ADVISORY: http://secunia.com/advisories/39427/ DESCRIPTION: A vulnerability has been reported in the Intellectual Property component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (if "option" is set to "com_iproperty" and "view" is set to "agentproperties") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary code. The vulnerability is reported in version 1.5.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: v3n0m ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 15:41:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 00:41:29 +0200 Subject: [SEC] [SA39458] Momche YUI Image Upload Script Arbitrary File Upload Vulnerability Message-ID: <201004152241.o3FMfTJJ004166@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Momche YUI Image Upload Script Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA39458 VERIFY ADVISORY: http://secunia.com/advisories/39458/ DESCRIPTION: A vulnerability has been discovered in Momche YUI Image Upload Script, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the upload.php script allowing the upload of files with arbitrary extensions to a folder inside the webroot. This can be exploited to e.g. execute arbitrary PHP code by uploading a PHP script that contains "jpg", "png", "gif", or "jpeg" in the file name. SOLUTION: Restrict access to the upload.php script (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: Mr.P3rfekT ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 15:53:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 00:53:39 +0200 Subject: [SEC] [SA39387] netKar Two Vulnerabilities Message-ID: <201004152253.o3FMrdZa024292@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: netKar Two Vulnerabilities SECUNIA ADVISORY ID: SA39387 VERIFY ADVISORY: http://secunia.com/advisories/39387/ DESCRIPTION: Luigi Auriemma has reported two vulnerabilities in netKar, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. 1) A boundary error in the processing of JOIN requests can be exploited to cause a stack-based buffer overflow by sending a specially crafted request to the server. Successful exploitation may allow execution of arbitrary code. 2) A NULL-pointer dereference error in the creation of user files can be exploited to cause a crash by sending a specially crafted request to the server. The vulnerabilities are reported in version 1.1. Other versions may also be affected. SOLUTION: Use the product only in a trusted network environment. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/netkarbof-adv.txt ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 16:06:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 01:06:31 +0200 Subject: [SEC] [SA39460] Apache OFBiz Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201004152306.o3FN6VPm012065@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Apache OFBiz Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA39460 VERIFY ADVISORY: http://secunia.com/advisories/39460/ DESCRIPTION: Lucas Apa has reported some vulnerabilities in Apache OFBiz, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "productStoreId" parameter to the "Export Product Listing" section, via the "partyId" parameter to the "View Profile" section, via the "start" parameter to the "Show Portal Page" section, via the URL when requesting a nonexistent file through the ControlServlet, via the "contentId" parameter to ecommerce/control/ViewBlogArticle, and via the "entityName" parameter to the "Web Tools" section is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via various parameters (e.g. via the "subject" and "content" parameters to the "ecommerce/control/contactus" section) is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrator's browser session in context of an affected site when the malicious data is being viewed. SOLUTION: Update to a version downloaded after 2010-04-15. PROVIDED AND/OR DISCOVERED BY: Lucas Apa, Bonsai Information Security ORIGINAL ADVISORY: http://www.bonsai-sec.com/en/research/vulnerabilities/apacheofbiz-multiple-xss-0103.php http://mail-archives.apache.org/mod_mbox/ofbiz-user/201004.mbox/ajax/%3c2BE92A28-09BA-4C2B-B1E4-DFA3D5A850A5 at apache.org%3e ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 16:20:16 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 01:20:16 +0200 Subject: [SEC] [SA39390] Tex Live "predospecial()" Integer Overflow Vulnerability Message-ID: <201004152320.o3FNKG0r032269@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Tex Live "predospecial()" Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA39390 VERIFY ADVISORY: http://secunia.com/advisories/39390/ DESCRIPTION: A vulnerability has been reported in Tex Live, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error in the "predospecial()" function in dospecial.c when handling .dvi files. This can potentially be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code if a user is tricked into processing a specially crafted .dvi file. SOLUTION: Fixed in the SVN repository. http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/dospecial.c?r1=16465&r2=17559 PROVIDED AND/OR DISCOVERED BY: Red Hat credits Marc Schoenefeld. ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=572941 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 16:41:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 01:41:26 +0200 Subject: [SEC] [SA39452] Almnzm "id" SQL Injection Vulnerability Message-ID: <201004152341.o3FNfQ7m020397@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Almnzm "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39452 VERIFY ADVISORY: http://secunia.com/advisories/39452/ DESCRIPTION: A vulnerability has been reported in Almnzm, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "id" parameter in index.php (if "a" is set to "pages") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 2.1. Other versions may also be affected. SOLUTION: Filter malicious requests using a proxy. PROVIDED AND/OR DISCOVERED BY: NeX HaCkEr ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 16:53:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 01:53:28 +0200 Subject: [SEC] [SA39465] SUSE update for Mozilla Products Message-ID: <201004152353.o3FNrSTx008125@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: SUSE update for Mozilla Products SECUNIA ADVISORY ID: SA39465 VERIFY ADVISORY: http://secunia.com/advisories/39465/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, seamonkey, and mozilla-nss. This fixes multiple vulnerabilities, which can be exploited by malicious people to manipulate certain data, bypass certain security restrictions, disclose sensitive information, and potentially compromise a user's system. For more information: SA38608 SA39136 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2010:021: http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00003.html OTHER REFERENCES: SA38608: http://secunia.com/advisories/38608/ SA39136: http://secunia.com/advisories/39136/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 17:06:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 02:06:30 +0200 Subject: [SEC] [SA39369] Media In Spot CMS "page" Local File Inclusion Vulnerability Message-ID: <201004160006.o3G06U3u028296@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Media In Spot CMS "page" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39369 VERIFY ADVISORY: http://secunia.com/advisories/39369/ DESCRIPTION: A vulnerability has been reported in Media In Spot CMS, which can be exploited by malicious people to disclose sensitive information. Input passed to the "page" parameter in view/lang/index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Amoo Arash ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 17:20:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 02:20:25 +0200 Subject: [SEC] [SA39448] HP-UX update for OpenSSL Message-ID: <201004160020.o3G0KPdL016103@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: HP-UX update for OpenSSL SECUNIA ADVISORY ID: SA39448 VERIFY ADVISORY: http://secunia.com/advisories/39448/ DESCRIPTION: HP has issued an update for OpenSSL in HP-UX. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service). For more information: SA37291 SA38200 SA38807 The vulnerabilities are reported in HP-UX B.11.11, B.11.23, and B.11.31 running OpenSSL. SOLUTION: Apply updated packages. B.11.11 PA (32 and 64): Apply OpenSSL_A.00.09.08n.001_HP-UX_B.11.11_32+64.depot B.11.23 (PA and IA): Apply OpenSSL_A.00.09.08n.002_HP-UX_B.11.23_IA-PA.depot B.11.31 (PA and IA): Apply OpenSSL_A.00.09.08n.003_HP-UX_B.11.31_IA-PA.depot ORIGINAL ADVISORY: HPSBUX02517 SSRT100058: https://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02079216 OTHER REFERENCES: SA37291: http://secunia.com/advisories/37291/ SA38200: http://secunia.com/advisories/38200/ SA38807: http://secunia.com/advisories/38807/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 17:41:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 02:41:24 +0200 Subject: [SEC] [SA39279] Helix Server and Helix Mobile Server Multiple Vulnerabilities Message-ID: <201004160041.o3G0fOke004228@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Helix Server and Helix Mobile Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39279 VERIFY ADVISORY: http://secunia.com/advisories/39279/ DESCRIPTION: Some vulnerabilities have been reported in Helix Server and Helix Mobile Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. 1) An unspecified error within the NTLM authentication in Helix Server related to invalid base64 encodings can be exploited to cause a heap overflow. 2) An unspecified error in AgentX++ can be exploited to cause a stack-based buffer overflow and execute of arbitrary code. 3) An integer overflow error in in AgentX++ can be exploited to execute arbitrary code. SOLUTION: Upgrade to version 14.0.0, which fixes the vulnerabilities. PROVIDED AND/OR DISCOVERED BY: The vendor credits Manuel Santamarina Suarez, Joshua J. Drake, and other anonymous contributors. ORIGINAL ADVISORY: http://www.realnetworks.com/uploadedFiles/Support/helix-support/SecurityUpdate041410HS.pdf ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 17:53:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 02:53:28 +0200 Subject: [SEC] [SA39418] RPM Select / Elite "lfFaceName" Buffer Overflow Vulnerability Message-ID: <201004160053.o3G0rSWb024349@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: RPM Select / Elite "lfFaceName" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39418 VERIFY ADVISORY: http://secunia.com/advisories/39418/ DESCRIPTION: mr_me has discovered a vulnerability in RPM Select / Elite, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error when trying to modify transform settings, which can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted configuration file containing an overly long "lfFaceName" element and then modifying the malicious transform. The vulnerability is confirmed in RPM Elite version 5.0.70.6. Other versions may also be affected. SOLUTION: Do not open untrusted configuration files. PROVIDED AND/OR DISCOVERED BY: mr_me ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-024-rpm-selectelite-local-buffer-overflow/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 18:06:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 03:06:24 +0200 Subject: [SEC] [SA39444] GNU nano Two Security Issues Message-ID: <201004160106.o3G16OLF012110@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: GNU nano Two Security Issues SECUNIA ADVISORY ID: SA39444 VERIFY ADVISORY: http://secunia.com/advisories/39444/ DESCRIPTION: Some security issues have been reported in GNU nano, which can be exploited by malicious, local users to perform certain actions with escalated privileges. 1) The application does not properly verify if the file currently being edited has been changed outside the context of the current editing session before writing to it, which can be exploited to e.g. overwrite arbitrary files via symlink attacks. 2) A race condition exists when creating backup files, which can be exploited to take the ownership of arbitrary files via e.g. symlink attacks. Successful exploitation requires that the victim is tricked into editing files owned by the attacker and that the backup functionality is enabled. SOLUTION: Update to version 2.2.4. PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: http://drosenbe.blogspot.com/2010/03/nano-as-root.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 18:20:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 03:20:21 +0200 Subject: [SEC] [SA39426] Apple Mac OS X Apple Type Services Indexing Vulnerability Message-ID: <201004160120.o3G1KLLZ032318@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Apple Mac OS X Apple Type Services Indexing Vulnerability SECUNIA ADVISORY ID: SA39426 VERIFY ADVISORY: http://secunia.com/advisories/39426/ DESCRIPTION: A vulnerability has been reported in Apple Mac OS X, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an indexing error in Apple Type Services within the "TType1ParsingContext::SpecialEncoding()" method in libFontParser.dylib when parsing embedded fonts. This can be exploited to corrupt memory e.g. via a specially crafted PDF file opened in Preview. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in Mac OS X Server 10.5, Mac OS X 10.5, Mac OS X 10.6, and Mac OS X Server 10.6. SOLUTION: Apply Security Update 2010-003. Security Update 2010-003 (Snow Leopard): http://support.apple.com/kb/DL1029 Security Update 2010-003 (Leopard-Client): http://support.apple.com/kb/DL1027 Security Update 2010-003 (Leopard-Server): http://support.apple.com/kb/DL1028 PROVIDED AND/OR DISCOVERED BY: Charlie Miller, reported via ZDI. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4131 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-076/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 18:41:33 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 03:41:33 +0200 Subject: [SEC] [SA39459] Cisco Secure Desktop CSDWebInstaller ActiveX Control Vulnerability Message-ID: <201004160141.o3G1fXvh020467@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Cisco Secure Desktop CSDWebInstaller ActiveX Control Vulnerability SECUNIA ADVISORY ID: SA39459 VERIFY ADVISORY: http://secunia.com/advisories/39459/ DESCRIPTION: A vulnerability has been reported in Cisco Secure Desktop, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the CSDWebInstaller ActiveX control failing to properly verify the integrity of an executable file during the installation process. This can exploited to execute arbitrary code when a user visits a malicious web page containing a specially crafted package. The vulnerability is reported in versions prior to 3.5.841. SOLUTION: Update to version 3.5.841 or later. PROVIDED AND/OR DISCOVERED BY: An anonymous person, reported via ZDI. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20100414-csd.shtml ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-072/ OTHER REFERENCES: Cisco: http://www.cisco.com/warp/public/707/cisco-amb-20100414-csd.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 18:53:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 03:53:26 +0200 Subject: [SEC] [SA39255] Joomla RokModule Component Two SQL Injection Vulnerabilities Message-ID: <201004160153.o3G1rQeX008175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla RokModule Component Two SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA39255 VERIFY ADVISORY: http://secunia.com/advisories/39255/ DESCRIPTION: Two vulnerabilities have been discovered in the RokModule component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "module" and "moduleid" parameters to index.php (when "option" is set to "com_rokmodule") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12148 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 19:12:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 04:12:43 +0200 Subject: [SEC] [SA39269] Multi Profit Websites File Enumeration Security Issue Message-ID: <201004160212.o3G2ChpB028945@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Multi Profit Websites File Enumeration Security Issue SECUNIA ADVISORY ID: SA39269 VERIFY ADVISORY: http://secunia.com/advisories/39269/ DESCRIPTION: H4CK3R Crew has reported a security issue in Multi Profit Websites, which can be exploited by malicious users to enumerate files on an affected system. Input passed to the "id" parameter in page.php is not properly sanitised before being used. This can be exploited to enumerate existing files via directory traversal sequences. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: H4CK3R Crew ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0131.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 19:41:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 04:41:23 +0200 Subject: [SEC] [SA39250] Joomla AlphaUserPoints Component "view" File Inclusion Vulnerability Message-ID: <201004160241.o3G2fNUt017409@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla AlphaUserPoints Component "view" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39250 VERIFY ADVISORY: http://secunia.com/advisories/39250/ DESCRIPTION: A vulnerability has been discovered in the AlphaUserPoints component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "view" parameter in index.php (when "option" is set to "com_alphauserpoints") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.5.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12150 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 19:53:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 04:53:24 +0200 Subject: [SEC] [SA39288] Joomla! Freestyle FAQ Lite Component "faqid" SQL Injection Vulnerability Message-ID: <201004160253.o3G2rO5r005127@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla! Freestyle FAQ Lite Component "faqid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39288 VERIFY ADVISORY: http://secunia.com/advisories/39288/ DESCRIPTION: A vulnerability has been reported in the Freestyle FAQ Lite component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to via the "faqid" parameter to index.php (when "option" is set to "com_fsf", "view" is set to "faq", and "tmpl" is set to "component") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 1.2. SOLUTION: Update to version 1.2. PROVIDED AND/OR DISCOVERED BY: Chip D3 Bi0s ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 20:06:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 05:06:20 +0200 Subject: [SEC] [SA39254] Joomla TRAVELbook Component "controller" File Inclusion Vulnerability Message-ID: <201004160306.o3G36KhK025296@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla TRAVELbook Component "controller" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA39254 VERIFY ADVISORY: http://secunia.com/advisories/39254/ DESCRIPTION: A vulnerability has been discovered in the TRAVELbook component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "controller" parameter in index.php (when "option" is set to "com_travelbook") is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is confirmed in version 1.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12151 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 20:20:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 05:20:20 +0200 Subject: [SEC] [SA39275] TANDBERG Video Communication Server Multiple Vulnerabilities Message-ID: <201004160320.o3G3KKd9013111@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: TANDBERG Video Communication Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA39275 VERIFY ADVISORY: http://secunia.com/advisories/39275/ DESCRIPTION: Some vulnerabilities have been reported in TANDBERG Video Communication Server, which can be exploited by malicious users to disclose sensitive information, and by malicious people to conduct hijacking attacks and potentially compromise a vulnerable appliance. 1) The same pair of known SSH host keys is used for all installations. This can be exploited to potentially hijack an already established SSH session via Man-in-the-Middle (MitM) attacks. 2) Input passed to the "page" parameter in helppage.php and /user/helppage.php is not properly sanitised before being used to read files. This can be exploited to read arbitrary files from local resources via directory traversal attacks. 3) The cookie used for identifying a user to the web interface is insecurely generated from predictable values. This can be exploited to gain administrative access to the web interface and potentially execute arbitrary code by applying a custom software update. SOLUTION: Update the firmware to version x5.1.1. Vulnerability #3 was reportedly first fixed in version x4.3.0. PROVIDED AND/OR DISCOVERED BY: 1, 2) Jon Hart, Virtual Security Research 3) Jon Hart and Timothy D. Morgan, Virtual Security Research ORIGINAL ADVISORY: Virtual Security Research: http://www.vsecurity.com/resources/advisory/20100409-1/ http://www.vsecurity.com/resources/advisory/20100409-2/ http://www.vsecurity.com/resources/advisory/20100409-3/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 20:41:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 05:41:26 +0200 Subject: [SEC] [SA39365] irssi Denial of Service and SSL Hostname Verification Vulnerabilities Message-ID: <201004160341.o3G3fQ10001180@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: irssi Denial of Service and SSL Hostname Verification Vulnerabilities SECUNIA ADVISORY ID: SA39365 VERIFY ADVISORY: http://secunia.com/advisories/39365/ DESCRIPTION: Some vulnerabilities have been reported in irssi, which can be exploited by malicious people to cause a DoS (Denial of Service) and bypass certain security restrictions. 1) The application does not properly verify the hostname of the server when using SSL connections. This can be exploited to e.g. conduct Man-in-the-Middle (MitM) attacks. 2) An unspecified error can be exploited to cause a crash. SOLUTION: Update to version 0.8.15. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.irssi.org/news ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 20:53:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 05:53:23 +0200 Subject: [SEC] [SA39238] Joomla Agenda Address Book Component "id" SQL Injection Message-ID: <201004160353.o3G3rNWx021354@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Joomla Agenda Address Book Component "id" SQL Injection SECUNIA ADVISORY ID: SA39238 VERIFY ADVISORY: http://secunia.com/advisories/39238/ DESCRIPTION: A vulnerability has been reported in the Agenda Address Book component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "option" is set to "com_agenda" and "view" is set to "detail") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.0.1. Other versions may also be affected. SOLUTION: Apply patch. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: v3n0m ORIGINAL ADVISORY: Agenda Address Book: http://www.joomlanetprojects.com/index.php/es/joomla-projects-descargas/joomla-1/joomla-1/42-comagenda.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 21:06:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 06:06:28 +0200 Subject: [SEC] [SA39128] Webessence CMS Cross-Site Scripting and Request Forgery Vulnerabilities Message-ID: <201004160406.o3G46SPV009130@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Webessence CMS Cross-Site Scripting and Request Forgery Vulnerabilities SECUNIA ADVISORY ID: SA39128 VERIFY ADVISORY: http://secunia.com/advisories/39128/ DESCRIPTION: Russ McRee has discovered some vulnerabilities in Webessence CMS, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1) Input passed to the "type" parameter in webessence/admin/media.php is not properly sanitised before being displayed to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete pages or users by tricking an administrative user into visiting a malicious web site. The vulnerabilities are confirmed in version 1.0. Other versions may also be affected. SOLUTION: Update to version 1.0.2. PROVIDED AND/OR DISCOVERED BY: Reported by Russ McRee, HolisticInfoSec via Secunia. ORIGINAL ADVISORY: Webessence CMS: http://php.opensourcecms.com/news/details.php?newsid=699 HolisticInfoSec: http://holisticinfosec.org/content/view/140/45/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 21:20:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 06:20:20 +0200 Subject: [SEC] [SA39370] Trellian FTP PASV Response Buffer Overflow Vulnerability Message-ID: <201004160420.o3G4KKTU029319@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Trellian FTP PASV Response Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39370 VERIFY ADVISORY: http://secunia.com/advisories/39370/ DESCRIPTION: A vulnerability has been discovered in Trellian FTP, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing FTP responses. This can be exploited to cause a stack-based buffer overflow via an overly long PASV response. Successful exploitation allows execution of arbitrary code, but requires that the user is tricked into connecting to a malicious FTP server. The vulnerability is confirmed in version 3.1.3.1789. Other versions may also be affected. SOLUTION: Do not connect to untrusted FTP servers. PROVIDED AND/OR DISCOVERED BY: zombiefx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 21:41:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 06:41:28 +0200 Subject: [SEC] [SA39396] F-Secure Products Archive Files Detection Bypass Message-ID: <201004160441.o3G4fSsR017462@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: F-Secure Products Archive Files Detection Bypass SECUNIA ADVISORY ID: SA39396 VERIFY ADVISORY: http://secunia.com/advisories/39396/ DESCRIPTION: A weakness has been reported in F-Secure products, which can be exploited by malware to bypass the scanning functionality. The weakness is caused due to an error in the handling of 7Z, GZIP, CAB, and RAR files and can be exploited to bypass the anti-virus scanning functionality via a specially crafted archive file. The weakness affects the following products: * Solutions based on F-Secure Protection Service for Business - E-mail and Server security version 9 and earlier * F-Secure Anti-Virus for Microsoft Exchange 9 and earlier * F-Secure Internet Gatekeeper for Windows 6.61 and earlier * F-Secure Internet Gatekeeper for Linux 4.02 and earlier * F-Secure Anti-Virus for MIMEsweeper 5.61 and earlier * F-Secure Internet Security 2010 and earlier * F-Secure Anti-Virus 2010 and earlier * F-Secure Home Server Security 2009 * Solutions based on F-Secure Protection Service for Consumers version 9 and earlier * Solutions based on F-Secure Protection Service for Business - Workstation security version 9 and earlier * Solutions based on F-Secure Protection Service for Business - Server Security version 8 and earlier * Services based on F-Secure Mac Protection build 8060 and earlier * F-Secure Client Security 9 and earlier * F-Secure Anti-Virus for Workstations 9 and earlier * F-Secure Anti-Virus for Windows Servers 9 and earlier * F-Secure Linux Security 7.03 and earlier * F-Secure Anti-Virus Linux Client Security 5.54 and earlier * F-Secure Anti-Virus Linux Server Security 5.54 and earlier * F-Secure Anti-Virus for Linux Servers 4.65 * F-Secure Anti-Virus for Citrix Servers 9 and earlier SOLUTION: Fixes are distributed via the update channel. For products that do not support automatic updates, apply the patches (please see the vendor advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits ReversingLabs. ORIGINAL ADVISORY: F-Secure: http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 21:53:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 06:53:29 +0200 Subject: [SEC] [SA39368] xbtit "uid" Cookie SQL Injection Vulnerability Message-ID: <201004160453.o3G4rTYn005177@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: xbtit "uid" Cookie SQL Injection Vulnerability SECUNIA ADVISORY ID: SA39368 VERIFY ADVISORY: http://secunia.com/advisories/39368/ DESCRIPTION: A vulnerability has been discovered in xbtit, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "uid" cookie to the "userlogin()" function in include/functions.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.0.0 revision 559. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: InATeam ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12140 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Apr 15 22:06:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 07:06:28 +0200 Subject: [SEC] [SA39260] Sun Java Deployment Toolkit Argument Injection Vulnerability Message-ID: <201004160506.o3G56SRl025328@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Sun Java Deployment Toolkit Argument Injection Vulnerability SECUNIA ADVISORY ID: SA39260 VERIFY ADVISORY: http://secunia.com/advisories/39260/ DESCRIPTION: A vulnerability has been discovered in Sun Java, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input sanitation error in the Java Deployment Toolkit browser plugin. This can be exploited to pass arbitrary arguments to javaw.exe and e.g. execute a JAR file placed on a network share in a privileged context. Successful exploitation allows execution of arbitrary code by tricking a user into visiting a malicious web page. The vulnerability is confirmed in JRE version 6 Update 19. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links. Set the kill-bit for affected ActiveX controls. PROVIDED AND/OR DISCOVERED BY: Independently discovered by Tavis Ormandy and Ruben Santamarta. CHANGELOG: 2010-04-13: Added link to US-CERT. ORIGINAL ADVISORY: Tavis Ormandy: http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0122.html Ruben Santamarta: http://www.reversemode.com/index.php?option=com_content&task=view&id=67&Itemid=1 OTHER REFERENCES: US-CERT VU#886582: http://www.kb.cert.org/vuls/id/886582 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 10:26:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 19:26:38 +0200 Subject: [SEC] [SA39507] IBM Lotus Notes SURunAs.exe Password Disclosure Security Issue Message-ID: <201004161726.o3GHQcv7013514@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: IBM Lotus Notes SURunAs.exe Password Disclosure Security Issue SECUNIA ADVISORY ID: SA39507 VERIFY ADVISORY: http://secunia.com/advisories/39507/ DESCRIPTION: A security issue has been reported in IBM Lotus Notes, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the SURunAs.exe executable storing the username and password of a local administrative account in clear text. This can be exploited to gain administrative privileges by reading the stored credentials. The security issue is reported in versions 7.0, 8.0, and 8.5. Other versions may also be affected. SOLUTION: Do not distribute the SURunAs.exe executable to untrusted users. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www-01.ibm.com/support/docview.wss?uid=swg21427073 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 11:26:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 20:26:36 +0200 Subject: [SEC] [SA39450] Archive Searcher ZIP Archive Processing Buffer Overflow Vulnerability Message-ID: <201004161826.o3GIQa1w003398@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Archive Searcher ZIP Archive Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA39450 VERIFY ADVISORY: http://secunia.com/advisories/39450/ DESCRIPTION: Lincoln has discovered a vulnerability in Archive Searcher, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing ZIP archives, which can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into searching in a specially crafted ZIP archive. The vulnerability is confirmed in version 2.1. Other versions may also be affected. SOLUTION: Do not search in untrusted ZIP archives or directories containing untrusted ZIP archives. PROVIDED AND/OR DISCOVERED BY: Lincoln, Corelan Team ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-025-archive-searcher-2-1-zip-stack-bof-seh/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 12:26:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 21:26:52 +0200 Subject: [SEC] [SA39449] Ubuntu update for irssi Message-ID: <201004161926.o3GJQqIG025696@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Ubuntu update for irssi SECUNIA ADVISORY ID: SA39449 VERIFY ADVISORY: http://secunia.com/advisories/39449/ DESCRIPTION: Ubuntu has issued an update for irssi. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and bypass certain security restrictions. For more information: SA39365 SOLUTION: Apply updated packages. -- Ubuntu 8.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-3ubuntu3.2.diff.gz Size/MD5: 28157 9e57c160ead8a8f142d1f5a43832bffc http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-3ubuntu3.2.dsc Size/MD5: 997 9f0486989f51939747bb1ebb06954a27 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12.orig.tar.gz Size/MD5: 1335967 ddf717a430e1c13a272f528c4f529430 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi-dev_0.8.12-3ubuntu3.2_amd64.deb Size/MD5: 271404 2664da06403587d736c64f3898c79051 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-3ubuntu3.2_amd64.deb Size/MD5: 1161962 11312c219e59952d0206a1ed7d8553e9 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi-dev_0.8.12-3ubuntu3.2_i386.deb Size/MD5: 271416 0b59bc801928039d1d29c91b2782c8e9 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-3ubuntu3.2_i386.deb Size/MD5: 1078574 671dde03e0b04451ff3a892aa9a5cf6f lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-3ubuntu3.2_lpia.deb Size/MD5: 271406 54901decae93ac7e52dbbb15b5fc0f33 http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-3ubuntu3.2_lpia.deb Size/MD5: 1072996 dd328dcfa7d15e9b53f7597aae3ea10e powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-3ubuntu3.2_powerpc.deb Size/MD5: 271442 fee46f9950eda248f0fe8c7e3790275b http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-3ubuntu3.2_powerpc.deb Size/MD5: 1167876 54e4578993515f2b51d885164d28103a sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-3ubuntu3.2_sparc.deb Size/MD5: 271448 915ace3ae584bcde4a22860aef20a929 http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-3ubuntu3.2_sparc.deb Size/MD5: 1103464 ebf0a5d0f88876642df1d54199c00cb2 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-4ubuntu2.2.diff.gz Size/MD5: 22949 05b1027b8cbc7893794a86a1ce3c9477 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-4ubuntu2.2.dsc Size/MD5: 1391 c447723cf0848e4494b966a88a07ed6d http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12.orig.tar.gz Size/MD5: 1335967 ddf717a430e1c13a272f528c4f529430 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi-dev_0.8.12-4ubuntu2.2_amd64.deb Size/MD5: 272438 5fe32ea72f73f8e69f0738632fb97a66 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-4ubuntu2.2_amd64.deb Size/MD5: 1167370 0274792126c82c923b446104a0786a99 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi-dev_0.8.12-4ubuntu2.2_i386.deb Size/MD5: 272432 136f63c9c9f91e785d9e1b7bdbda0252 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-4ubuntu2.2_i386.deb Size/MD5: 1084792 bc52dd214d16cefe050848baf968d7a5 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-4ubuntu2.2_lpia.deb Size/MD5: 272426 77755898ad90b14c5b152ac8dfa5010f http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-4ubuntu2.2_lpia.deb Size/MD5: 1075496 459ef8280bde35183d0e21d78d6a4606 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-4ubuntu2.2_powerpc.deb Size/MD5: 272444 5cf2f918096e94c73a89d27caccdb15a http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-4ubuntu2.2_powerpc.deb Size/MD5: 1165512 cf6f51526b9c12e76f8d55c28b55b696 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-4ubuntu2.2_sparc.deb Size/MD5: 272446 5717f7fbb9834883b20a445d044fd60b http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-4ubuntu2.2_sparc.deb Size/MD5: 1098222 8edff97bb03c513aa1d301454d63caaa -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-6ubuntu1.2.diff.gz Size/MD5: 24807 caae22ec37b9db5ade9c4b23215f6b82 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-6ubuntu1.2.dsc Size/MD5: 1391 960eaacca58feaaa6291c03f4faa8848 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12.orig.tar.gz Size/MD5: 1335967 ddf717a430e1c13a272f528c4f529430 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi-dev_0.8.12-6ubuntu1.2_amd64.deb Size/MD5: 272834 6206f3ed4d7a95f4e6a78fb2dd71b742 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-6ubuntu1.2_amd64.deb Size/MD5: 1168224 ec603d2e45db6232b9c70c0425175a63 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi-dev_0.8.12-6ubuntu1.2_i386.deb Size/MD5: 272838 84a9b57d67e73e0f5153c417195b5895 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.12-6ubuntu1.2_i386.deb Size/MD5: 1085950 eb89e6913556df69492d55e6e85d650a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-6ubuntu1.2_lpia.deb Size/MD5: 272822 ae2a9f697f3c05f6c8ec68eeff0fa1d1 http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-6ubuntu1.2_lpia.deb Size/MD5: 1076648 c77d2166f9e67bbbed1ff1dac0bf840a powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-6ubuntu1.2_powerpc.deb Size/MD5: 272846 6a9798a074b66a3da167005c1b33ba9c http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-6ubuntu1.2_powerpc.deb Size/MD5: 1166560 5a7ed4e30436205b92696d40bd2cbe4c sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.12-6ubuntu1.2_sparc.deb Size/MD5: 272840 d3e2191b24c540c374615be95ce950ee http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.12-6ubuntu1.2_sparc.deb Size/MD5: 1098618 7978ca96b1a957bb4cef7d816b56950f -- Ubuntu 9.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.14-1ubuntu1.1.diff.gz Size/MD5: 21546 f4a8783034ccf63328c297664a47d3b3 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.14-1ubuntu1.1.dsc Size/MD5: 1391 7845487e0d0a1a5b186e626afd235ee3 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.14.orig.tar.gz Size/MD5: 1356130 7d9437f53209a61af4fe4c9c5528ffa7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi-dev_0.8.14-1ubuntu1.1_amd64.deb Size/MD5: 292894 126864465b69816317fe43fe09b2ada6 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.14-1ubuntu1.1_amd64.deb Size/MD5: 1171216 e6b17e846b9abe48a80db10014d4186f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi-dev_0.8.14-1ubuntu1.1_i386.deb Size/MD5: 292922 362c22be48ab7bc8297f8c82e95ccb39 http://security.ubuntu.com/ubuntu/pool/main/i/irssi/irssi_0.8.14-1ubuntu1.1_i386.deb Size/MD5: 1090006 992162b6d1b43ab6eb593bed99df191d lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.14-1ubuntu1.1_lpia.deb Size/MD5: 292906 f1317ff5f2ad9218fb837fff0b7f33be http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.14-1ubuntu1.1_lpia.deb Size/MD5: 1087934 1e1722ca6efaf3d2da61ecf2bc0a048c powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.14-1ubuntu1.1_powerpc.deb Size/MD5: 292926 65f49b5e355f8412b97cc0bd727f6a42 http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.14-1ubuntu1.1_powerpc.deb Size/MD5: 1154230 d38cee976915374aa583b38d429ee7e5 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/i/irssi/irssi-dev_0.8.14-1ubuntu1.1_sparc.deb Size/MD5: 292932 dcd75d80b3f2f33b3ad1a2462e7c674b http://ports.ubuntu.com/pool/main/i/irssi/irssi_0.8.14-1ubuntu1.1_sparc.deb Size/MD5: 1098308 16a61331376a050d5c5882846399b3d1 ORIGINAL ADVISORY: USN-929-1: http://www.ubuntu.com/usn/USN-929-1 OTHER REFERENCES: SA39365: http://secunia.com/advisories/39365/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 13:26:33 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 22:26:33 +0200 Subject: [SEC] [SA39423] Debian update for ejabberd Message-ID: <201004162026.o3GKQXs3015565@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Debian update for ejabberd SECUNIA ADVISORY ID: SA39423 VERIFY ADVISORY: http://secunia.com/advisories/39423/ DESCRIPTION: Debian has issued an update for ejabberd. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA38337 SOLUTION: Apply updated packages. -- Debian GNU/Linux 5.0 -- Source: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2.diff.gz http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2.dsc http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1.orig.tar.gz Alpha: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_alpha.deb AMD64: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_amd64.deb ARM: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_arm.deb ARM EABI: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_armel.deb Intel IA-32: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_i386.deb Intel IA-64: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_ia64.deb Little-endian MIPS: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_mipsel.deb PowerPC: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_powerpc.deb IBM S/390: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_s390.deb Sun Sparc: http://security.debian.org/pool/updates/main/e/ejabberd/ejabberd_2.0.1-6+lenny2_sparc.deb ORIGINAL ADVISORY: DSA-2033-1: http://www.debian.org/security/2010/dsa-2033 OTHER REFERENCES: SA38337: http://secunia.com/advisories/38337/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 14:20:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 23:20:27 +0200 Subject: [SEC] [SA39453] Siestta Cross-Site Scripting and Local File Inclusion Vulnerabilities Message-ID: <201004162120.o3GLKROq005274@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Siestta Cross-Site Scripting and Local File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA39453 VERIFY ADVISORY: http://secunia.com/advisories/39453/ DESCRIPTION: Some vulnerabilities have been discovered in Siestta, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. 1) Input passed to the "usuario" parameter in carga_foto_al.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "idioma" parameter in login.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences. Successful exploitation requires that "register_globals" is enabled. The vulnerabilities are confirmed in version 2.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. PROVIDED AND/OR DISCOVERED BY: Jose Luis Gongora Fernandez 'aka' JosS ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 14:41:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 23:41:30 +0200 Subject: [SEC] [SA39462] gource Insecure Temporary Files Security Issue Message-ID: <201004162141.o3GLfU0x025801@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: gource Insecure Temporary Files Security Issue SECUNIA ADVISORY ID: SA39462 VERIFY ADVISORY: http://secunia.com/advisories/39462/ DESCRIPTION: A security issue has been reported in gource, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the application using temporary files in an insecure manner, which can be exploited to e.g. overwrite arbitrary files via symlink attacks. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported in a Debian bug by Sven Joachim. ORIGINAL ADVISORY: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577958 http://github.com/acaudwell/Gource/commit/a1ac241ae41fb7e5f4deaa0d71037ad2a8e3167c http://github.com/acaudwell/Gource/commit/c9e90a9ed9286b19a07bf4f8fc988a9fdf900cd2 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 14:54:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 16 Apr 2010 23:54:02 +0200 Subject: [SEC] [SA39474] Ubuntu update for sudo Message-ID: <201004162154.o3GLs2Cs013545@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Ubuntu update for sudo SECUNIA ADVISORY ID: SA39474 VERIFY ADVISORY: http://secunia.com/advisories/39474/ DESCRIPTION: Ubuntu has issued an update for sudo. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA39384 SOLUTION: Apply updated packages. -- Ubuntu 6.06 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p12-1ubuntu6.2.diff.gz Size/MD5: 36735 c7e6e0987a98c0039c7367e55be06b77 http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p12-1ubuntu6.2.dsc Size/MD5: 618 cee46b55595f3a4417831ca93a413a57 http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p12.orig.tar.gz Size/MD5: 585643 b29893c06192df6230dd5f340f3badf5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p12-1ubuntu6.2_amd64.deb Size/MD5: 177410 81101533cbcef2f0e124a629309ba736 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.8p12-1ubuntu6.2_amd64.deb Size/MD5: 189300 929042e125a96fb9f9d07121a2ab0d87 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p12-1ubuntu6.2_i386.deb Size/MD5: 162998 7394076ea85b56f928622b7241ff5da4 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.8p12-1ubuntu6.2_i386.deb Size/MD5: 174410 31f17e264d588a418772b2553b588983 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p12-1ubuntu6.2_powerpc.deb Size/MD5: 171604 7655e64f2b75c14638a64b4b343e9fe6 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.8p12-1ubuntu6.2_powerpc.deb Size/MD5: 183772 3d1cb111899646f7eb0d392ff33c4d22 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.8p12-1ubuntu6.2_sparc.deb Size/MD5: 167692 4be5d3e92d8ea5334b6e84835683a2c1 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.8p12-1ubuntu6.2_sparc.deb Size/MD5: 180246 3fa1cb8b677210e2c74090b9b35c8206 -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p10-1ubuntu3.7.diff.gz Size/MD5: 29618 7567e0be6446f17b254221b739c07996 http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p10-1ubuntu3.7.dsc Size/MD5: 702 07693cd03ca8e11d8af469148bfa18c2 http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p10.orig.tar.gz Size/MD5: 579302 16db2a1213159a1fac8239eab58108f5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p10-1ubuntu3.7_amd64.deb Size/MD5: 188426 8bebb97bd861d824b370f528d74638b0 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.9p10-1ubuntu3.7_amd64.deb Size/MD5: 200104 bda49af159988c625cc8540389a542e6 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p10-1ubuntu3.7_i386.deb Size/MD5: 176658 2ef5c88a84bfefc024de8c98522c547e http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.9p10-1ubuntu3.7_i386.deb Size/MD5: 187508 f9809828e32255a635051f2bf2fd52e3 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p10-1ubuntu3.7_lpia.deb Size/MD5: 177722 5ade363457ea20b36843aec86c43e6ec http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p10-1ubuntu3.7_lpia.deb Size/MD5: 188506 07007824b823228ab9e3cb71d9c3d1b8 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p10-1ubuntu3.7_powerpc.deb Size/MD5: 188648 745940413991a88100764e10329fc200 http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p10-1ubuntu3.7_powerpc.deb Size/MD5: 202516 64131bfedf6b879abae928de17709847 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p10-1ubuntu3.7_sparc.deb Size/MD5: 182610 2b4d2e4d66ae5a98d81b20ec068e06ca http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p10-1ubuntu3.7_sparc.deb Size/MD5: 193706 aa4d90f564809d2c52c409ee08f7ec7d -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu2.3.diff.gz Size/MD5: 26703 53450aae72fd4ff5ef1b67bdb7aa0810 http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu2.3.dsc Size/MD5: 1098 92f13b0ab92f0288622c34089570390c http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17.orig.tar.gz Size/MD5: 593534 60daf18f28e2c1eb7641c4408e244110 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu2.3_amd64.deb Size/MD5: 191376 01e4d7cca5da5d736e375a5d653be2f6 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu2.3_amd64.deb Size/MD5: 202366 c5ed35feb2c9d7c1ea115610e8500662 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu2.3_i386.deb Size/MD5: 179492 70490bcbb5a3e7950e31c2493754a94f http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu2.3_i386.deb Size/MD5: 188950 de9624a340c588706b912d091a29395a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu2.3_lpia.deb Size/MD5: 180568 aa481c3c998a882ec39ff624a17c470b http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu2.3_lpia.deb Size/MD5: 189796 3110116a57d79f31075c1747b5fdc998 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu2.3_powerpc.deb Size/MD5: 188868 ed1514de1313f0fd81b6c252cacc65dc http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu2.3_powerpc.deb Size/MD5: 201376 efd41e0313475db360a1f48d6359c632 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu2.3_sparc.deb Size/MD5: 184318 fd96f1f61d6b3d0c26bed40784beaeda http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu2.3_sparc.deb Size/MD5: 194048 5ee93d6e457b541fb4ac89e0bd059820 -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu3.2.diff.gz Size/MD5: 26708 75f28b3212a9d34a3c1ea84e8dc421de http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu3.2.dsc Size/MD5: 1098 82922ad2f30bdc41b29192335f28f084 http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17.orig.tar.gz Size/MD5: 593534 60daf18f28e2c1eb7641c4408e244110 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu3.2_amd64.deb Size/MD5: 191362 e2c3970a3358d127cb5482749e48cc13 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu3.2_amd64.deb Size/MD5: 202358 44f639898ae4f40527f8627468c1988a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu3.2_i386.deb Size/MD5: 179514 47fbc07f6827ecc074e3dc6e59328fa7 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu3.2_i386.deb Size/MD5: 188976 1058bce621e5f89a951cae5e0f59fce8 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu3.2_lpia.deb Size/MD5: 180604 ba821107abd87a9fb846db64ad81dc86 http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu3.2_lpia.deb Size/MD5: 189826 9bd642aa06abe3a56cb38ae624f18c95 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu3.2_powerpc.deb Size/MD5: 188868 294ef55b0a3f5b3880d54e3130bac961 http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu3.2_powerpc.deb Size/MD5: 201382 4acdc25ff7a93ced1a514697bcf2546b sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.6.9p17-1ubuntu3.2_sparc.deb Size/MD5: 184224 107e2c84d28f90073a71d7d45e6dabe2 http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu3.2_sparc.deb Size/MD5: 193928 d283f60b4cf782e724309528a5c37c1f -- Ubuntu 9.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.7.0-1ubuntu2.2.diff.gz Size/MD5: 23991 d7ed14666b7725c1c90ee5373e6b493b http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.7.0-1ubuntu2.2.dsc Size/MD5: 1117 90f89205701115986ad94c234fec88de http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.7.0.orig.tar.gz Size/MD5: 744311 5fd96bba35fe29b464f7aa6ad255f0a6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.7.0-1ubuntu2.2_amd64.deb Size/MD5: 310330 f7ed720332dc09e94f3caeb5cfd61a23 http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.7.0-1ubuntu2.2_amd64.deb Size/MD5: 334118 6b5c29f330189dc0c96e90a8c724114e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.7.0-1ubuntu2.2_i386.deb Size/MD5: 297788 275954f47eee1e3070a6ed4a8f88a44a http://security.ubuntu.com/ubuntu/pool/universe/s/sudo/sudo-ldap_1.7.0-1ubuntu2.2_i386.deb Size/MD5: 319396 5b0df976b974fb357dcc96b9eba19a84 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.7.0-1ubuntu2.2_lpia.deb Size/MD5: 298004 a6fc0c417840fe291f4850c2902c5157 http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.7.0-1ubuntu2.2_lpia.deb Size/MD5: 319820 12199da9bf6a388eaf395a009f7b1025 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.7.0-1ubuntu2.2_powerpc.deb Size/MD5: 306012 72df477368ee2b5b88d10bf3f4a04130 http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.7.0-1ubuntu2.2_powerpc.deb Size/MD5: 328996 e9a0fb7fcdfea28faa433472f77b50d1 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/s/sudo/sudo_1.7.0-1ubuntu2.2_sparc.deb Size/MD5: 301610 ed2dc9787c8c3c523fc384668e8ee498 http://ports.ubuntu.com/pool/universe/s/sudo/sudo-ldap_1.7.0-1ubuntu2.2_sparc.deb Size/MD5: 323674 16f40c45f8ad7679606c5559aba18b70 ORIGINAL ADVISORY: USN-928-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-April/001080.html OTHER REFERENCES: SA39384: http://secunia.com/advisories/39384/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 15:07:05 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 17 Apr 2010 00:07:05 +0200 Subject: [SEC] [SA39478] Ubuntu update for cmake Message-ID: <201004162207.o3GM753d001251@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Ubuntu update for cmake SECUNIA ADVISORY ID: SA39478 VERIFY ADVISORY: http://secunia.com/advisories/39478/ DESCRIPTION: Ubuntu has issued an update for cmake. This fixes some weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA36425 SA38231 SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1.diff.gz Size/MD5: 19304 4847577a13e831bf4c9362c095c57469 http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1.dsc Size/MD5: 754 2c34c737d1e386a07a5c76a7dd13a944 http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7.orig.tar.gz Size/MD5: 2600960 4476c423b8f74266136964e42ea88028 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_amd64.deb Size/MD5: 4898346 b9e4db27145fa5221400abf495d3a13e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_i386.deb Size/MD5: 4807750 f19cd2ee80eb82fb0ae8bf141052b412 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_lpia.deb Size/MD5: 4932126 400097697c5d46f1495598be78ada933 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_powerpc.deb Size/MD5: 5022506 447f8cda06dc9951cc16dbac30936bf9 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.4.7-1ubuntu0.1_sparc.deb Size/MD5: 5218650 55ff806b82d2388df3cbbbe42aac6773 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1.diff.gz Size/MD5: 154440 0ecd99b1f92f8074a00b35f724285c60 http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1.dsc Size/MD5: 1209 a588561c8c0c8b452502684165f10cb4 http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0.orig.tar.gz Size/MD5: 3460096 e95ae003672dfc6c8151a1ee49a0d4a6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_amd64.deb Size/MD5: 7620672 8f60ccfa287b26094722152989cbf68d http://security.ubuntu.com/ubuntu/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_amd64.deb Size/MD5: 1772702 8e12e02b3614acc99bdb53feb1b746e1 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_i386.deb Size/MD5: 7501566 dc6ea30046469b047921ac7c390fdaf5 http://security.ubuntu.com/ubuntu/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_i386.deb Size/MD5: 1742578 207d27cfebb112d24bdbf65437c11a34 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_lpia.deb Size/MD5: 7620894 3c4841d74f829b790d68facb4289d124 http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_lpia.deb Size/MD5: 1770858 22a3eeef881a72ebb5e28463df324bc2 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_powerpc.deb Size/MD5: 7694198 3f6a00a9deae3edda8c19c2c645be864 http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_powerpc.deb Size/MD5: 1792360 60da0c6cdc7fc11dfac10ef4b00aa588 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.0-4ubuntu2.1_sparc.deb Size/MD5: 7696576 7725dd1c71b483b6d57b6ff9e2e16655 http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.0-4ubuntu2.1_sparc.deb Size/MD5: 1789250 7dace86e239c8e71290eca7e4c29126a -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1.diff.gz Size/MD5: 28215 1aa2652fdd0711a9c58614fcf13b73c5 http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1.dsc Size/MD5: 1241 a001577d3d45df9bd41d6fb80307561f http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2.orig.tar.gz Size/MD5: 3543548 9e82aa3beb991aa8e5797cf330618d42 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_amd64.deb Size/MD5: 8007590 9c2ac087a4ac56485388575feb92fdf6 http://security.ubuntu.com/ubuntu/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_amd64.deb Size/MD5: 1822586 f70ed4aa0602d577d2715cbe0080fe30 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_i386.deb Size/MD5: 7881542 cb66a414801daf0b4f470cdd1b086954 http://security.ubuntu.com/ubuntu/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_i386.deb Size/MD5: 1790112 50a29ca0d173992162b348b24ef45f5c lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_lpia.deb Size/MD5: 8004730 246213701cf12b36577a6e9076e0d219 http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_lpia.deb Size/MD5: 1819698 1cf8173dbc8f14e17f2a63510a29f7da powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_powerpc.deb Size/MD5: 8077794 e5bf93fad8f4335ba748a6f7244ffb70 http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_powerpc.deb Size/MD5: 1840362 ef93012a5d74ae00b323396db61e1d98 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/c/cmake/cmake_2.6.2-1ubuntu1.1_sparc.deb Size/MD5: 8066556 61e07c3d66649dd2f56a81a1a9d5b4a2 http://ports.ubuntu.com/pool/universe/c/cmake/cmake-gui_2.6.2-1ubuntu1.1_sparc.deb Size/MD5: 1834274 889b932bc20c732ffb887fc88eb1a215 ORIGINAL ADVISORY: USN-890-6: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-April/001081.html OTHER REFERENCES: SA36425: http://secunia.com/advisories/36425/ SA38231: http://secunia.com/advisories/38231/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 15:21:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 17 Apr 2010 00:21:20 +0200 Subject: [SEC] [SA39271] Ubuntu update for firefox and xulrunner Message-ID: <201004162221.o3GMLKHO021521@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Ubuntu update for firefox and xulrunner SECUNIA ADVISORY ID: SA39271 VERIFY ADVISORY: http://secunia.com/advisories/39271/ DESCRIPTION: Ubuntu has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system. For more information: SA39240 SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.04.1.diff.gz Size/MD5: 106784 17f50b50fa9740c6fcf82c1feb3cd2de http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.04.1.dsc Size/MD5: 2387 33644ec48d3ef7a34135f12bfc6d30ef http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly.orig.tar.gz Size/MD5: 11605275 b1e129a58d29379376f04be1959b8268 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.04.1.diff.gz Size/MD5: 79855 2ce4812dc10be1191daa98476f468cb1 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.04.1.dsc Size/MD5: 2438 4f71c33a06184499d8ff99b1efb78d66 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly.orig.tar.gz Size/MD5: 42005942 92a0017fe802a917e67dbf5d05216d6f Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66558 f8afcac074ad9969983db51e54f61c16 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66568 378667968d1ed3f4345ba25a854930d4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66534 145cc5ce4f031f08fb8515cce1ad9a05 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66520 e681baa33f03eb2e8cf35b542cb36a09 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66676 04ee6cea1699facb138145aed452c8c9 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-dom-inspector_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66578 574947764c813c2ce224ac3a85b2663f http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-venkman_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66526 56d1455d499d3088331019dd795f68dd http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-dom-inspector_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8972 97a10a0d4ffb7a01bb2c02e9930ee577 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-dom-inspector_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8966 50907c31fa9665a503fa14ad81b64478 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66548 e55e8b6bf06b416823d7494b3d9ea552 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66522 27f9171b5224f5bd6c17d252cac25bd6 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66508 69703c2f93d0c0fd95aa84fde87dc75c http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-dom-inspector_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8946 ccd991ef963a2d1a96798c7a8fe8a064 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66536 a40ba721a9b6285c0f0402cb457c99e1 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-venkman_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8936 6cd2038b4eac0050dfb17426f296da75 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66510 f14506c31f49b5921209cdac3f1b2b5a http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-dom-inspector_1.9.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 126188 1ae529bfe91b33f95e44a4ee709f08ab http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-venkman_1.9.0.19+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 236190 7f20f43e359f8925a8a3f14748572034 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 9026 51286be33fd0b350172b0d6ab00bc7e2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 29574 6ed498c9a9382a653e2abf6ff93164c1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 1092668 0c7d16ed9e29cebfb667f2bea833d654 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 4656006 3eb14c8ad6400233e074939f64832e4e http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 48654 d811e2ac8b5b35c88f1c0e3edc0949c6 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 9092792 e4bfb37879deac3628bc4962076cf46e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 9024 6427bbcfcc9099e49d02d147a7b8b054 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 25728 5ac8ab17d23f6f768b73bacfc2ade69a http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 1071868 16a24ddaa972cf050d77444e79721977 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 4631778 0b818bb628bafdf2bc07044448fac728 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 38518 8c2c4604b148e1ca7530e2dbfe1e9f41 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 7816176 c5082abc0cd64272089cff04f283caf7 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 9026 9ae636be2e61522b9e1e25f38eed6d10 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 25348 a369e0be1b7af5bf27de08bbb94a69d2 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 1068486 09fe846b9b0630f59fef9bd4d223290e http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 4627532 86a16b696e2c68504a15f5f0dbd8e7a2 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 37604 c2dd02152203877b52d487ab941b387b http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 7703392 ca9e4f85f7714728b9a155938133f659 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 9030 1591a612ddaa6c2b7cd442a39afc201a http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 27504 103e2796df1e0bb7015afd94a2e82f88 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 1085836 676dadf17da1edb2655125546c61ca6d http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 4622250 ea5066ba5bf66d498f280fb73750eeec http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 43682 9736a376b8ebfd57fe177c793a8194d9 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 8666720 b556046886c845218e250dcfdf2a5c77 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.10.1.diff.gz Size/MD5: 124728 996ab9bc1fcb885beddb9592bbfc2fdd http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.10.1.dsc Size/MD5: 2442 c991301be13dd741e3c00a08677700a7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly.orig.tar.gz Size/MD5: 11605275 b1e129a58d29379376f04be1959b8268 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.10.1.diff.gz Size/MD5: 251611 401979fefc8f8408f51496a4d0ac9d58 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.10.1.dsc Size/MD5: 2456 a3237bd26be0ece8d71336ae91bee61e http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly.orig.tar.gz Size/MD5: 42005942 92a0017fe802a917e67dbf5d05216d6f Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69424 00189df22363e66a6fa43bb88023ff16 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69324 726531e158060f1942e82a479fa20273 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69336 19fef2021b31195190c9f88ccab1667e http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69302 815140884be1bbe03df8a537b43bcfe6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69286 bb9a79f0899b47c4ab173d157423b785 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69410 45b539f4b0ee77c043ea483daa35c097 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-dom-inspector_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69346 578b3be24e82de92711a2acfc565ccf3 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-venkman_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69296 9e0e9ec6da12349c8506ab08bf5e016b http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-dom-inspector_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8974 a1f260c7a2727ce93251af5adb7e29bd http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-dom-inspector_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8960 8b4d2fb9e55628dd3dd667ec9e611133 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69316 56312d23ab375d83a76a2b18170662da http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69286 2fdd782a7d762f1b26fa6d1017231525 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69276 0a6761398b10de9c5334e25d24b737bf http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-dom-inspector_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8946 a4ebc4f3905d37e716291de57bd4631e http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69302 dba8723aa1447fb40285d8277a4f1b5c http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-venkman_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8936 11f44ba48a8f3a0900f0f4a3c30643b7 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69266 c05926f1405b740d1f42765b5ac44032 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-dom-inspector_1.9.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 128150 26def3b41e6f3ecb386d685a1deb09cd http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-venkman_1.9.0.19+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 237960 fd4a0904728449f69c3d5e696870b2d7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 204008 139007bcc0e5b4ee9f2551e5d6cc8aea http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 202450 dbe3431f5f55ef925361426b8dfe6c4d http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 69384 f903802986f8defb5131f4d8b2eb9278 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 88816 9414e8d1bac7d69722adcf99a584bb38 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 905594 992671ff08b18b33801e916ae1c3c1f4 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 4574622 03b3f9c2f3c66abc7cc7c6f11ee595b9 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 47102 49df5880d57a04afd9624d76a484a2b1 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 8736290 f215fd7cf6f0eae815175da4afc253be http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 23040 04ae20775f87b416152ed0c41bc6fd7a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 204012 4bfa33bf00fcf8b0a2d235c62abdef74 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 202454 19ed2152e37c893d7b1fc672fff8f067 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 69384 df13810c42507fdb74081a5dccd073e0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 84856 c22297314f24af36e42492ac64aa58eb http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 887918 6b2812b744a2c132c572527575cafd53 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 4551202 87cbd90098de35e3881d8de84b18772b http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 39374 eeccab2e3f712a680f34f6712b8b7c4f http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 7566518 47c8ec0c31f819a96ab58219dd4b0406 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 23044 05d4ef2cc4d1bce857ada4e0795cc463 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 204004 3e4d0a85ad528e8a9d02b5b66a74b205 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 202464 02d935fe53e4fd51a04a2a935f40dd65 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 69384 353b6368bb2843946b33e7466407c452 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 84278 c573a3c6172b6d33111b7e409ecdc506 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 885154 a0cbb1f35e82a6ae9cfd85535d85fca9 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 4546866 5af0e82f20d32146a18624d580d19873 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 38408 51812428ffcc6f95f748819157974e24 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 7461080 b9c7abba12f816f69030e7e4ca466a90 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 23034 f38c7ec8ea1baf321270eb68b99e3d27 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 204014 8b0804d844c84a3651bd1eed86c824ab http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 202458 29b1e34ead4a5f514afffef1ae02ac27 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 69386 33ef00c0cc607eb50744cd015d765954 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 86252 6ef5574511ca40acf74db39f63074d60 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 899434 1bfb8d53ff1a7e6a42ca53112b1d6f63 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 4542448 0cb7557572ff4da46363848adf0cc6f1 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 42418 3f4f0561a6cad005e9f3170115c56026 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 8303536 7813b30fb6271277b10d04d4adb80415 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 23044 e228038dea6afd1441c9b1154cfc89f7 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 204014 4392a2fdc8b409a84e7c0c5bca254f99 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 202468 f3233d30454aaa9a9336e2e9e9ad7da5 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 69384 5bad444844640b97831a203fed06bd2c http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 83932 76f0db813f639059ff82d388864231bb http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 887548 2ca54a32cd7f8f207e307e7810fc3a4b http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 4529148 56f93e8074721690ef7d8c03ecc794ed http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 37876 1b04cc888d0cd2eca48d13245cfe80e8 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 8124698 92cdb8cedaf0ae4288ddc200ea2f8b0c http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 23044 18ecea2308b55f848c67744046814870 -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.9.04.1.diff.gz Size/MD5: 124905 d2f8a34bf4f0b990d039c660300abc45 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.9.04.1.dsc Size/MD5: 2442 07877c2260e85f595a5f94a065571ef0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly.orig.tar.gz Size/MD5: 11605275 b1e129a58d29379376f04be1959b8268 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.9.04.1.diff.gz Size/MD5: 252603 ab8bb7e4b8e9c3a1f33097586f49b525 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.9.04.1.dsc Size/MD5: 2456 f3046d5f41813b2b264fb981d1016b0a http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly.orig.tar.gz Size/MD5: 42005942 92a0017fe802a917e67dbf5d05216d6f Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69620 05df085147b9822b0e63c2792f10cf82 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69522 41d88b941d8fcc0c3e8e1803ccd8d149 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69536 04b431fcc46fff10b0afe46af355aa29 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69498 87ceb80cbb9e9dd3dea541a6ba2de73c http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69482 b3e9420372f7a860f7f23339505f98b7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69610 14a81d8e252059dc063252d7d95205db http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-dom-inspector_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69542 9e1cb9d7fd6032bd5adc73bdaf66eefd http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-venkman_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69492 f4938de9643edf0c21b851323b02614f http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-dom-inspector_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 8978 6f4e86f66ef1032449fc9e47e350fbc4 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-dom-inspector_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 8954 0d41338cf0e60de72b056dd9e38fc35c http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69516 0c02160e5d8c2480722f15c6546a04ff http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69484 0baed24648d37e016210875ffa3e8daa http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69480 2e1576d68f6c64b037e96ea53dd27c49 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-dom-inspector_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 8948 4186964e1e7d2f0f49035c1b93a967cc http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69500 456effb08e1c05310c7ecf8dc2105919 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-venkman_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 8938 42dfef2c820ba224bb928b62a1248f2e http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 69468 bb1826830e1f6306dac17c73c4a9998c http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-dom-inspector_1.9.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 128466 2fcb06c753d886d68fac586101e1fb8a http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-venkman_1.9.0.19+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 238388 c1ecd57e8e8130e6d919310672fadff5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 204164 b74f4f97aa85200f3851542da3d92592 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 202676 16e8650cd899e5c00539fbf6609988e7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 69584 c17dec14b23034b55eee15d89ad03d06 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 89010 c23889755ff02e297de3407b2bd5105e http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 905558 0aa4321cd6eb3d4bd0702c645b18b952 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 4574494 bed53990a11e9b74445d196828bbbaa5 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 47108 30a350ec9de3f71beba3551ef8260333 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 8737564 bdbcea80252b21bb594f5733c0628a6c http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 23296 ddeebc2dd8e74d441e4555468ca26b7a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 204162 23d3fa892f1956939e8ce13c306aec9a http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 202670 a785465906543d241ac3edba054d3a1d http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 69578 2fd31849c863f9e072af0b5a92eb36fb http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 85074 69f452eafb93f6d83fbd5e2ccbaf5411 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 887928 526c8bab179f1c037f37b18dc5d9cd3c http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 4550930 ae1c504fb6732bbfeb624933498b92c1 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 39374 a5f5057f65ffc169ad6cf40061b211fb http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 7567504 1a9899ef280e39ba7b43a0c9d31ff855 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 23300 05b93958f9b04281413730ebb5006242 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 204160 0b27608d1f94a960b930733f049d5843 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 202660 ea616f518b55fef24f09202b68474f32 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 69580 c89f816c8f32f618bf76ccf37c13f2ad http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 84482 68b512e1493f379440b8c2a408e521af http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 885180 437696d11f0ada95369b18a123d7eb94 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 4546686 ee2825f3240fa65d84eebc0f87eba28c http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 38388 3ccf831d7f034c4daeccbfc355741233 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 7463756 3e08cff20ad54a2f141b04f493a4a465 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 23300 2447aba1182c9b0962d51e056deee8e5 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 204168 7d9496c66bfde3f932cbd193fce3ddb8 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 202668 44272dfdb46c1c48b8fa373993f74695 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 69586 5dd858d4645b5a3dd68eb68bf554c855 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 86466 bf31124f983edc34b468ba51e1dd3a78 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 899372 c648478879e2aca8de3ff4c47d1efabb http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 4542198 0b1187d0e9399ca899d2b362b5c54b34 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 42412 e2500ebae84956e326ee8071908e548b http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 8304936 8a36dd5c4dd027d827df6ed9a20ad7e7 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 23300 9ae1d05089d702c468c53fb36c14d262 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 204164 fbeeddc9cf0f8c46cf0bc757406a0947 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-branding_3.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 202676 6b8d436225aac6c7199373606f588833 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 69584 96bd7f6a63eb488623124f486b671ff5 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 84106 4f182cb2289796829f2e8ac0e899d0b2 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 887410 565f708d5d25f57c41e2ff976d918a92 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 4528934 7dcb1287739057f38104aee6e3e6e560 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 37806 ad03a7cacb21fd3f29c3586b5dff0884 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 8125086 6580167a227ecd90ca143373e065ac63 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-dev_1.9.0.19+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 23302 59396e66be59a8e5ea2d8b971e0cff0d ORIGINAL ADVISORY: USN-920-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-April/001077.html OTHER REFERENCES: SA39240: http://secunia.com/advisories/39240/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 15:41:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 17 Apr 2010 00:41:22 +0200 Subject: [SEC] [SA39386] DWG Windows FTP Server Authentication Bypass Vulnerability Message-ID: <201004162241.o3GMfMl5009607@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: DWG Windows FTP Server Authentication Bypass Vulnerability SECUNIA ADVISORY ID: SA39386 VERIFY ADVISORY: http://secunia.com/advisories/39386/ DESCRIPTION: A vulnerability has been discovered in DWG Windows FTP Server, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the application not properly restricting access to various FTP commands after a failed login attempt, which can be exploited to bypass the login mechanism. The vulnerability is confirmed in version 1.4. Other versions may also be affected. SOLUTION: Use a firewall to restrict access to trusted computers only. PROVIDED AND/OR DISCOVERED BY: chap0 ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/12119 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 15:53:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 17 Apr 2010 00:53:52 +0200 Subject: [SEC] [SA39367] Debian update for krb5 Message-ID: <201004162253.o3GMrqN2029740@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Debian update for krb5 SECUNIA ADVISORY ID: SA39367 VERIFY ADVISORY: http://secunia.com/advisories/39367/ DESCRIPTION: Debian has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA39315 SOLUTION: Apply updated packages. -- Debian GNU/Linux 5.0 -- Source: http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny3.dsc http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1.orig.tar.gz http://security.debian.org/pool/updates/main/k/krb5/krb5_1.6.dfsg.4~beta1-5lenny3.diff.gz Architecture-independent component: http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.6.dfsg.4~beta1-5lenny3_all.deb Alpha: http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_alpha.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_alpha.deb AMD64: http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_amd64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_amd64.deb ARM: http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_arm.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_arm.deb ARM EABI: http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_armel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_armel.deb HP Precision: http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_hppa.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_hppa.deb Intel IA-32: http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_i386.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_i386.deb Intel IA-64: http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_ia64.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_ia64.deb Little-endian MIPS: http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_mipsel.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_mipsel.deb PowerPC: http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_powerpc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_powerpc.deb IBM S/390: http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_s390.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_s390.deb Sun Sparc: http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dbg_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-pkinit_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.6.dfsg.4~beta1-5lenny3_sparc.deb http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc-ldap_1.6.dfsg.4~beta1-5lenny3_sparc.deb ORIGINAL ADVISORY: DSA-2031-1: http://www.debian.org/security/2010/dsa-2031 OTHER REFERENCES: SA39315: http://secunia.com/advisories/39315/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 16:06:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 17 Apr 2010 01:06:26 +0200 Subject: [SEC] [SA39256] JustSystems Ichitaro Document Processing Vulnerability Message-ID: <201004162306.o3GN6Qk7017487@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: JustSystems Ichitaro Document Processing Vulnerability SECUNIA ADVISORY ID: SA39256 VERIFY ADVISORY: http://secunia.com/advisories/39256/ DESCRIPTION: A vulnerability has been reported in JustSystems Ichitaro, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error when processing font information in documents and can be exploited to potentially execute arbitrary code. SOLUTION: Update to a fixed version if available. Please see the vendor's advisory for details. Do not process untrusted documents. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: JustSystems: http://www.justsystems.com/jp/info/js10001.html JVN: http://jvn.jp/en/jp/JVN98467259/index.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 16:20:57 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 17 Apr 2010 01:20:57 +0200 Subject: [SEC] [SA39278] Ubuntu update for nss Message-ID: <201004162320.o3GNKvBo005319@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia CSI + Microsoft SCCM ----------------------- = Extensive Patch Management http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ ---------------------------------------------------------------------- TITLE: Ubuntu update for nss SECUNIA ADVISORY ID: SA39278 VERIFY ADVISORY: http://secunia.com/advisories/39278/ DESCRIPTION: Ubuntu has issued an update for nss. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA38400 SOLUTION: Apply updated packages (also apply updated thunderbird packages to fix a regression). -- Ubuntu 9.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.9.10.2.diff.gz Size/MD5: 36659 1c82d002115ed4a76dc98d33ef5c839c http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6-0ubuntu0.9.10.2.dsc Size/MD5: 1651 41544d2843858123ad5852de1587744c http://security.ubuntu.com/ubuntu/pool/main/n/nss/nss_3.12.6.orig.tar.gz Size/MD5: 5947630 da42596665f226de5eb3ecfc1ec57cd1 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_amd64.deb Size/MD5: 3235700 8227d9d710a9784750fc541f82d85101 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_amd64.deb Size/MD5: 1234558 f8db18eb4fec7df4387e5e546ea99871 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_amd64.deb Size/MD5: 263208 692167e64c00a9990af72a28299b4fbb http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_amd64.deb Size/MD5: 17854 f9fa214108ab20d8fe4d61567a86d7c0 http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_amd64.deb Size/MD5: 313212 4ae57dcb06572bcdc1e311977a965c55 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_i386.deb Size/MD5: 3178422 4a141b3f01631497184c0bb260a212f3 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_i386.deb Size/MD5: 1119994 8e4bfbd067aa051603306ce57949ce51 http://security.ubuntu.com/ubuntu/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_i386.deb Size/MD5: 260530 c61feb6f65d7419f93f355a5f0755917 http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_i386.deb Size/MD5: 17856 05ac21be0089e816c076f8707d41d21b http://security.ubuntu.com/ubuntu/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_i386.deb Size/MD5: 299834 26d317dc29710b27dd0d0b7a36b6c2a1 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_lpia.deb Size/MD5: 3216556 9230b137f92129c304dddfc5c67853fe http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_lpia.deb Size/MD5: 1095892 9566ecb3416bd99ba0e6288505626fe9 http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_lpia.deb Size/MD5: 259484 0236cb25267ac3ca1b3bfd586d14d26d http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_lpia.deb Size/MD5: 17858 ecb362aec61c87f1cfc4e86cd2dec5cb http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_lpia.deb Size/MD5: 298510 2977f41a1b2fcf7ca25b331336f7dc8f powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_powerpc.deb Size/MD5: 3325490 ac9caf32bab4d4b911d1c54112583b65 http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_powerpc.deb Size/MD5: 1207122 99b17d40842c1804ee23d19e4a7ffaa0 http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_powerpc.deb Size/MD5: 261820 f46b59e90bf4ff07ca79b5d404f372ed http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_powerpc.deb Size/MD5: 17858 dca2efb9e1426ff39c55008eaf942926 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_powerpc.deb Size/MD5: 311022 da3a483c19347cd667c11d8a989d15aa sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d-dbg_3.12.6-0ubuntu0.9.10.2_sparc.deb Size/MD5: 2967780 e3456024e64ee1d14b5b754a93840ac7 http://ports.ubuntu.com/pool/main/n/nss/libnss3-1d_3.12.6-0ubuntu0.9.10.2_sparc.deb Size/MD5: 1074620 202e630d20824b2d4e2614d11d86c2c4 http://ports.ubuntu.com/pool/main/n/nss/libnss3-dev_3.12.6-0ubuntu0.9.10.2_sparc.deb Size/MD5: 257422 fa69b29c59fe334d65d433ab11febbed http://ports.ubuntu.com/pool/universe/n/nss/libnss3-0d_3.12.6-0ubuntu0.9.10.2_sparc.deb Size/MD5: 17856 287ae523a22a8049d3d1c802d5760b83 http://ports.ubuntu.com/pool/universe/n/nss/libnss3-tools_3.12.6-0ubuntu0.9.10.2_sparc.deb Size/MD5: 299970 ed1b8755bc1e9da16a08c82ebfecf0fd Updated thunderbird packages: Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2.diff.gz Size/MD5: 134402 4f55d904c22d00c1423fcdf778237df3 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2.dsc Size/MD5: 2362 5fbf0ab8c09988462ffad652d5724ec1 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.24+build1+nobinonly.orig.tar.gz Size/MD5: 36467375 a952c9895cc90b89f160c4b3694de834 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird-dev_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_all.deb Size/MD5: 62220 92dafa6f0a04d064a0c96199ce9faef6 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_all.deb Size/MD5: 62208 0e785915e1142f3bb25573651cd2a76b amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_amd64.deb Size/MD5: 3738538 5d00b51452f0a5ada7aa859d4e073536 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_amd64.deb Size/MD5: 62562 5f4e424d427833b1490f28ec3a5073e5 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_amd64.deb Size/MD5: 12558830 ea6aea8f8aea5a22927a33fa3d49e69a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_i386.deb Size/MD5: 3722604 00383caa32265845d431ba1c41370e51 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_i386.deb Size/MD5: 62562 72a659110cc3ce2a8321c0a2f9475de6 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_i386.deb Size/MD5: 11177860 de57f8a625ed43983853b3f1f1bbf567 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_lpia.deb Size/MD5: 3720600 dd62f203c661fdf8da663f6c5d53445e http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_lpia.deb Size/MD5: 62564 79e32137bc4bc26ab33b3fd9c8db6067 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_lpia.deb Size/MD5: 11025166 649235af94da5615278de12fd8ea4005 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_powerpc.deb Size/MD5: 3729730 a90d7dd672e198674a46a4c0f9e9dba1 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_powerpc.deb Size/MD5: 62562 6137b40f8bf9012911479830602ef04d http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_powerpc.deb Size/MD5: 12297146 45dae3dadc5ab90e41dc8e61ca30f67b sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_sparc.deb Size/MD5: 3725800 0e080e766d6631585cd3d3569e4c1d56 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_sparc.deb Size/MD5: 62568 f4ad15ef0907e0a3efa47595a9e6f33f http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.24+build1+nobinonly-0ubuntu0.9.10.2_sparc.deb Size/MD5: 11193490 9eae6654fbe5ff0a7b3bbc5521c4f60e ORIGINAL ADVISORY: USN-927-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-April/001075.html USN-927-2: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-April/001078.html USN-927-3: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-April/001079.html OTHER REFERENCES: SA38400: http://secunia.com/advisories/38400/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Apr 16 16:41:25 20