From sec-adv at secunia.com Wed Sep 1 10:27:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Sep 2010 19:27:40 +0200 Subject: [SEC] [SA41230] BS Contact Insecure Library Loading Vulnerability Message-ID: <201009011727.o81HRepP024780@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: BS Contact Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41230 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41230/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41230 RELEASE DATE: 2010-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/41230/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41230/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41230 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in WinMerge, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc90u.dll, which loads libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a VRML file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 7.218 for Windows. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 11:27:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Sep 2010 20:27:35 +0200 Subject: [SEC] [SA41228] DVDFab Insecure Library Loading Vulnerability Message-ID: <201009011827.o81IRZxe014977@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: DVDFab Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41228 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41228/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41228 RELEASE DATE: 2010-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/41228/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41228/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41228 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in DVDFab, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc90.dll, which loads libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a dvdfab6 file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 7.0.4.0 and confirmed in version 8.0.0.5. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 12:27:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Sep 2010 21:27:29 +0200 Subject: [SEC] [SA41223] IBM Lotus Notes Insecure Library Loading Vulnerability Message-ID: <201009011927.o81JRTLq005152@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM Lotus Notes Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41223 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41223/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41223 RELEASE DATE: 2010-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/41223/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41223/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41223 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. nnoteswc.dll, nlsxbe.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening vCard (.vcf) or iCalendar (.vcs and .ics) files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 8.5. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Mister Teatime OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 13:27:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Sep 2010 22:27:37 +0200 Subject: [SEC] [SA41198] Atlantis Studio Insecure Library Loading Vulnerability Message-ID: <201009012027.o81KRb5M027775@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Atlantis Studio Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41198 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41198/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41198 RELEASE DATE: 2010-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/41198/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41198/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41198 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Atlantis Studio, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling vulnerable versions of mfc90.dll and mfc90u.dll, which load libraries (e.g. dwmapi.dll, mfc90enu.dll, mfc90loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening .atl or .aof files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.0.3. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Mister Teatime OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 14:21:33 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Sep 2010 23:21:33 +0200 Subject: [SEC] [SA41184] Nokia PC Suite Insecure Library Loading Vulnerability Message-ID: <201009012121.o81LLXgs017716@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Nokia PC Suite Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41184 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41184/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41184 RELEASE DATE: 2010-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/41184/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41184/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41184 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Nokia PC Suite, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of QtCore4.dll, which loads libraries (e.g. wintab32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a vCard (.vcf) or Content Copier file (.nbu) located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 7.1.51.0. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 14:42:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Sep 2010 23:42:37 +0200 Subject: [SEC] [SA41224] HTTrack Insecure Library Loading Vulnerability Message-ID: <201009012142.o81Lgb4I006156@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HTTrack Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41224 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41224/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41224 RELEASE DATE: 2010-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/41224/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41224/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41224 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in HTTrack, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. httrack-plugin.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a WHTT file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.43-9. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 15:01:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 00:01:51 +0200 Subject: [SEC] [SA41164] Sound Forge Pro Insecure Library Loading Vulnerability Message-ID: <201009012201.o81M1pc7027017@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Sound Forge Pro Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41164 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41164/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41164 RELEASE DATE: 2010-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/41164/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41164/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41164 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Sound Forge Pro, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. MtxParhVegasPreview.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a SFW file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 10.0b Build 474. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 15:25:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 00:25:37 +0200 Subject: [SEC] [SA41231] ArchiCAD Insecure Library Loading Vulnerability Message-ID: <201009012225.o81MPbsU015582@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ArchiCAD Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41231 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41231/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41231 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41231/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41231/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41231 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ArchiCAD, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. srcsrv.dll, GSAutoTester.DLL) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a .2df file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in versions 13 and 14. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 15:45:48 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 00:45:48 +0200 Subject: [SEC] [SA41226] GFI Backup Insecure Library Loading Vulnerability Message-ID: <201009012245.o81Mjm6P003965@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: GFI Backup Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41226 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41226/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41226 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41226/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41226/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41226 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in GFI Backup, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. ArmAccess.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a GBC and GBT files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.1 (Build 20100730) 2009 Home Edition. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 16:12:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 01:12:08 +0200 Subject: [SEC] [SA41188] NetStumbler Insecure Library Loading Vulnerability Message-ID: <201009012312.o81NC8U4025076@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: NetStumbler Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41188 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41188/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41188 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41188/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41188/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41188 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in NetStumbler, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc71.dll, which loads libraries (e.g. mfc71enu.dll and mfc71loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a NS1 file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 0.4.0 (Build 554). Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 16:46:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 01:46:40 +0200 Subject: [SEC] [SA41219] MPLAB IDE Insecure Library Loading Vulnerability Message-ID: <201009012346.o81NkewW014121@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MPLAB IDE Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41219 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41219/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41219 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41219/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41219/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41219 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MPLAB IDE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc71.dll, which loads libraries (e.g. mfc71enu.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening MCP or MCW files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 8.56.00.00. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 17:11:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 02:11:45 +0200 Subject: [SEC] [SA41207] Arno's IPTABLES Firewall IPv6 Detection Security Issue Message-ID: <201009020011.o820Bjs3002724@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Arno's IPTABLES Firewall IPv6 Detection Security Issue SECUNIA ADVISORY ID: SA41207 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41207 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41207/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41207/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41207 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Arno's IPTABLES Firewall, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the script not properly detecting IPv6 connectivity, which can result in IPv6 traffic not being restricted by the firewall. The security issue is reported in versions prior to 1.9.2l. SOLUTION: Update to version 1.9.2l. PROVIDED AND/OR DISCOVERED BY: Tim Small ORIGINAL ADVISORY: Tim Small: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594326 Announcement of version 1.9.2l: http://rocky.eld.leidenuniv.nl/pipermail/firewall/2010-August/001749.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 17:44:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 02:44:38 +0200 Subject: [SEC] [SA41259] TortoiseSVN Insecure Library Loading Vulnerability Message-ID: <201009020044.o820icup024132@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: TortoiseSVN Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41259 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41259/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41259 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41259/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41259/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41259 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in TortoiseSVN, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc90u.dll, which loads libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a file associated with e.g. TortoiseProc or TortoiseMerge located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are opened in e.g. TortoiseProc or TortoiseMerge (by default no file types are associated with the applications). The vulnerability is confirmed in version 1.6.10. Other versions may also be affected. SOLUTION: Do not associate files with or open untrusted files in TortoiseProc or TortoiseMerge. PROVIDED AND/OR DISCOVERED BY: Nikhil Mittal ORIGINAL ADVISORY: Nikhil Mittal: http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653163 TortoiseSVN: http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653202 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 18:09:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 03:09:32 +0200 Subject: [SEC] [SA41143] WinMerge Insecure Library Loading Vulnerability Message-ID: <201009020109.o8219WGi012748@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: WinMerge Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41143 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41143/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41143 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41143/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41143/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41143 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in WinMerge, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc71u.dll, which loads libraries (e.g. mfc71enu.dll and mfc71loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a WINMERGE file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.12.4.0. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 18:23:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 03:23:27 +0200 Subject: [SEC] [SA41234] Linux Kernel "irda_bind()" Object Cleanup Vulnerability Message-ID: <201009020123.o821NRum000813@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel "irda_bind()" Object Cleanup Vulnerability SECUNIA ADVISORY ID: SA41234 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41234/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41234 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41234/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41234/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41234 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to an error within the "irda_bind()" function in net/irda/af_irda.c when trying to free certain objects. This can be exploited to e.g. cause a NULL pointer dereference by trying to bind an AF_IRDA socket and causing an error. SOLUTION: Fixed in David Miller's GIT repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy ORIGINAL ADVISORY: http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=628e300cccaa628d8fb92aa28cb7530a3d5f2257 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 18:44:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 03:44:17 +0200 Subject: [SEC] [SA41215] Pthreads-win32 Insecure Library Loading Vulnerability Message-ID: <201009020144.o821iHNE021712@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Pthreads-win32 Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41215 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41215/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41215 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41215/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41215/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41215 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Pthreads-win32, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to the "pthread_win32_process_attach_np()" function in pthreadGC2.dll loading libraries (e.g. quserex.dll) in an insecure manner. This can be exploited to load arbitrary libraries when an application using this library e.g. opens a file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.8.0. Other versions may also be affected. SOLUTION: Do not open untrusted files with an application using this library. PROVIDED AND/OR DISCOVERED BY: Originally reported in Inkscape by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 19:14:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 04:14:02 +0200 Subject: [SEC] [SA41196] VMware ESX Server Multiple Vulnerabilities Message-ID: <201009020214.o822E2Hu011042@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VMware ESX Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41196 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41196/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41196 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41196/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41196/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41196 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service), malicious users to cause a DoS, and malicious people to bypass certain security restrictions and potentially compromise a vulnerable system. For more information: SA18251 SA38836 SA39762 SA40049 SA40145 SOLUTION: Apply patches if available. Restrict local and network access to trusted users only. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: VMSA-2010-0013: http://lists.vmware.com/pipermail/security-announce/2010/000103.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 19:42:48 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 04:42:48 +0200 Subject: [SEC] [SA41222] Inkscape Insecure Library Loading Vulnerability Message-ID: <201009020242.o822gmHS032222@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Inkscape Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41222 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41222/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41222 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41222/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41222/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41222 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Inkscape, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the Pthreads-win32 library, which loads libraries (e.g. quserex.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening SVG or SVGZ files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. For more information: SA41215 The vulnerability is confirmed in version 0.48.0 r9654 running on Windows. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 19:54:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 04:54:52 +0200 Subject: [SEC] [SA41261] HP Insight Diagnostics Online Edition Unspecified Cross-Site Scripting Message-ID: <201009020254.o822sqDY020256@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP Insight Diagnostics Online Edition Unspecified Cross-Site Scripting SECUNIA ADVISORY ID: SA41261 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41261/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41261 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41261/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41261/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41261 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Insight Diagnostics Online Edition, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 8.4 and prior running on Linux. SOLUTION: Update to version 8.5.0-11 or later available from the HP ProLiant Support Pack 8.50 for Linux. PROVIDED AND/OR DISCOVERED BY: The vendor credits ProCheckUp Ltd. ORIGINAL ADVISORY: HPSBMA02571 SSRT100034: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02492472 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 20:07:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 05:07:51 +0200 Subject: [SEC] [SA41181] Ubuntu update for libwww-perl Message-ID: <201009020307.o8237pwk008344@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for libwww-perl SECUNIA ADVISORY ID: SA41181 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41181/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41181 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41181/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41181/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41181 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libwww-perl. This fixes a weakness, which can be exploited by malicious people to bypass certain security features. The weakness is caused due to lwp-download not properly checking filenames suggested via the "Content-Disposition" header when downloading files from an HTTP server. By suggesting a different filename than expected by the user, this can be exploited to e.g. overwrite hidden files in the current directory on a user's system by tricking the user into downloading a file with a seemingly harmless filename from a malicious HTTP server. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Hank Leininger and Solar Designer ORIGINAL ADVISORY: USN-981-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-August/001149.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 20:21:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 05:21:27 +0200 Subject: [SEC] [SA41133] Debian update for wireshark Message-ID: <201009020321.o823LRex028850@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for wireshark SECUNIA ADVISORY ID: SA41133 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41133/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41133 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41133/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41133/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41133 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA40783 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA 2101-1: http://lists.debian.org/debian-security-announce/2010/msg00147.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 20:42:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 05:42:39 +0200 Subject: [SEC] [SA41257] Fedora update for xorg-x11-xinit Message-ID: <201009020342.o823gdLO017292@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for xorg-x11-xinit SECUNIA ADVISORY ID: SA41257 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41257/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41257 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41257/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41257/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41257 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for xorg-x11-xinit. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the package installation script incorrectly setting the owner of certain executable files to the user "mockbuild". In case such a user exists, this can be exploited to modify the files with arbitrary content. SOLUTION: Apply updated packages via the yum utility ("yum update xorg-x11-xinit"). ORIGINAL ADVISORY: FEDORA-2010-13693: https://admin.fedoraproject.org/updates/xorg-x11-xinit-1.0.9-18.fc13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 20:54:54 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 05:54:54 +0200 Subject: [SEC] [SA41256] Fedora update for socat Message-ID: <201009020354.o823ssRw005334@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for socat SECUNIA ADVISORY ID: SA41256 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41256/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41256 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41256/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41256/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41256 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for socat. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA40806 SOLUTION: Apply updated packages via the yum utility ("yum update socat"). ORIGINAL ADVISORY: FEDORA-2010-13403: https://admin.fedoraproject.org/updates/socat-1.7.1.3-1.fc12 FEDORA-2010-13412: https://admin.fedoraproject.org/updates/socat-1.7.1.3-1.fc13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 21:07:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 06:07:58 +0200 Subject: [SEC] [SA41183] Ubuntu update for bogofilter Message-ID: <201009020407.o8247wsd025817@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for bogofilter SECUNIA ADVISORY ID: SA41183 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41183/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41183 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41183/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41183/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41183 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for bogofilter. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA40427 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-980-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-August/001148.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 21:21:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 06:21:58 +0200 Subject: [SEC] [SA41130] Adobe Premiere Pro Insecure Library Loading Vulnerability Message-ID: <201009020421.o824Lw0Q013951@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Adobe Premiere Pro Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41130 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41130/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41130 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41130/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41130/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41130 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Adobe Premiere Pro, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. nvcuda.dll in Adobe Premiere Pro CS5 and reportedly ibfs32.dll in Adobe Premiere CS4) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an Adobe Premiere project (.prproj) located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in Adobe Premiere Pro CS5 version 5.0.1 for Windows and is also reported in Adobe Premiere Pro CS4. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Glafkos Charalambous ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2010-08/0294.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 1 21:42:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 06:42:30 +0200 Subject: [SEC] [SA41262] VMware ESX Server Multiple Vulnerabilities Message-ID: <201009020442.o824gUuB002317@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VMware ESX Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41262 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41262/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41262 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41262/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41262/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41262 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service), malicious users to cause a DoS, and malicious people to bypass certain security restrictions and compromise a vulnerable system. For more information: SA18251 SA38836 SA39762 SA40049 SOLUTION: Restrict local and network access to trusted users only. ORIGINAL ADVISORY: VMSA-2010-0013: http://lists.vmware.com/pipermail/security-announce/2010/000103.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 10:35:59 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 19:35:59 +0200 Subject: [SEC] [SA41268] TYPO3 The official twitter tweet button for your page Extension Cross-Site Scripting Vulnerability Message-ID: <201009021735.o82HZxQ0018435@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: TYPO3 The official twitter tweet button for your page Extension Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41268 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41268/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41268 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41268/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41268/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41268 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the The official twitter tweet button for your page extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 1.0.4 and prior. SOLUTION: Update to version 1.0.5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: TYPO3-SA-2010-018: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-018/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 11:27:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 20:27:43 +0200 Subject: [SEC] [SA41197] PDF-XChange Viewer Insecure Library Loading Vulnerability Message-ID: <201009021827.o82IRhLN008248@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: PDF-XChange Viewer Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41197 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41197/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41197 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41197/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41197/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41197 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in PDF-XChange Viewer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wintab32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PDF file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.0 (Build 54.0). Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 12:27:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 21:27:38 +0200 Subject: [SEC] [SA41193] Moovida Insecure Library Loading Vulnerability Message-ID: <201009021927.o82JRcBj030821@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Moovida Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41193 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41193/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41193 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41193/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41193/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41193 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Moovida, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the Pthreads-win32 library, which loads libraries (e.g. quserex.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a F4V, FLV, IMG, and DV files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. For more information: SA41215 The vulnerability is confirmed in version 2.0.0.15. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 13:27:53 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 22:27:53 +0200 Subject: [SEC] [SA41270] KeePass Password Safe Insecure Library Loading Vulnerability Message-ID: <201009022027.o82KRrY8021014@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: KeePass Password Safe Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41270 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41270/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41270 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41270/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41270/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41270 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in KeePass Password Safe, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a KeePass Password Database (.kdb) file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in versions prior to 1.18. SOLUTION: Update to version 1.18. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: KeePass: http://keepass.info/news/n100902_1.18.html Peter Van Eeckhoutte: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 14:21:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 23:21:38 +0200 Subject: [SEC] [SA41269] TYPO3 XING Button Extension Cross-Site Scripting Vulnerability Message-ID: <201009022121.o82LLcJC010924@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: TYPO3 XING Button Extension Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41269 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41269/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41269 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41269/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41269/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41269 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the XING Button extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 1.0.1 and prior. SOLUTION: Update to version 1.0.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Alexander Kellner. ORIGINAL ADVISORY: TYPO3-SA-2010-018: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-018/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 14:42:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 23:42:35 +0200 Subject: [SEC] [SA41176] Pixia Insecure Library Loading Vulnerability Message-ID: <201009022142.o82LgZOg031742@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Pixia Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41176 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41176/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41176 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41176/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41176/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41176 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Pixia, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wintab32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PXA file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 4.70j. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 14:59:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Sep 2010 23:59:36 +0200 Subject: [SEC] [SA41204] Blackboard Transact "" Disclosure Security Issue Message-ID: <201009022159.o82LxarK020086@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Blackboard Transact "" Disclosure Security Issue SECUNIA ADVISORY ID: SA41204 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41204/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41204 RELEASE DATE: 2010-09-02 DISCUSS ADVISORY: http://secunia.com/advisories/41204/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41204/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41204 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Blackboard Transact, which can be exploited by malicious, local users to disclose sensitive information. The "BbtsConnection_Edit.exe" utility does not properly verify data before decrypting it. This can be exploited to decrypt data stored in the "" field in connection.xml by passing the encrypted value in another field e.g. "". Successful exploitation requires access to BbtsConnection_Edit.exe and connection.xml. The vulnerability is reported in versions prior to 3.6.0.2. SOLUTION: Update to version 3.6.0.2. PROVIDED AND/OR DISCOVERED BY: US-CERT credits John Fisher. ORIGINAL ADVISORY: US-CERT VU#204055: http://www.kb.cert.org/vuls/id/204055 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 15:25:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 00:25:28 +0200 Subject: [SEC] [SA41202] Microsoft Windows SDK for Windows 7 and .NET Framework 4 GraphEdit Insecure Library Loading Vulnerability Message-ID: <201009022225.o82MPSeN008736@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows SDK for Windows 7 and .NET Framework 4 GraphEdit Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41202 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41202/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41202 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41202/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41202/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41202 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Microsoft Windows SDK for Windows 7 and .NET Framework 4, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the GraphEdit application loading libraries (e.g. measure.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a Filter Graph (.grf) file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in Microsoft Windows SDK for Windows 7 and .NET Framework 4 version 7.1 (GraphEdit version 9). Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 15:45:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 00:45:40 +0200 Subject: [SEC] [SA41203] TANDBERG MXP Series Endpoint SNMP Denial of Service Vulnerability Message-ID: <201009022245.o82MjeP9029525@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: TANDBERG MXP Series Endpoint SNMP Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41203 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41203/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41203 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41203/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41203/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41203 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: David Klein has reported a vulnerability in TANDBERG MXP Series Endpoint, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to improper handling of SNMP packets and can be exploited to consume all memory which results in a reboot via a specially crafted packet. Successful exploitation does not require a valid community string. The vulnerability is reported in versions prior to F9.0. SOLUTION: Reportedly fixed in version F9.0. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: David Klein, IP Focus. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0381.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 16:11:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 01:11:20 +0200 Subject: [SEC] [SA41135] PGP Desktop Insecure Library Loading Vulnerability Message-ID: <201009022311.o82NBKTM018186@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: PGP Desktop Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41135 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41135/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41135 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41135/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41135/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41135 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in PGP Desktop, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. tvttsp.dll, tsp.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PGP file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in versions 9.9.0 Build 397 and 10.0.0 Build 2732. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 16:46:55 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 01:46:55 +0200 Subject: [SEC] [SA41263] Linux Kernel "keyctl_session_to_parent()" NULL Pointer Dereference Vulnerability Message-ID: <201009022346.o82NktPb007252@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel "keyctl_session_to_parent()" NULL Pointer Dereference Vulnerability SECUNIA ADVISORY ID: SA41263 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41263/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41263 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41263/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41263/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41263 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to an error within the "keyctl_session_to_parent()" function in security/keys/keyctl.c, which can be exploited to cause a NULL pointer dereference by e.g. calling "keyctl()" with KEYCTL_SESSION_TO_PARENT. Note: Successful exploitation may require that the distribution does not use pam_keyinit. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Tavis Ormandy ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2960 http://www.openwall.com/lists/oss-security/2010/09/02/1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 17:11:34 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 02:11:34 +0200 Subject: [SEC] [SA41211] Microsoft Windows Media Encoder Insecure Library Loading Vulnerability Message-ID: <201009030011.o830BY6j028250@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows Media Encoder Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41211 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41211/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41211 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41211/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41211/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41211 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Windows Media Encoder, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wmerrorDAN.dll, wininetDAN.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening Windows Media Profile (.prx) or Windows Media Encoder Session (.wme) files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 9.00.00.2980. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 17:44:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 02:44:37 +0200 Subject: [SEC] [SA41241] SUSE update for acroread Message-ID: <201009030044.o830ibb7017217@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for acroread SECUNIA ADVISORY ID: SA41241 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41241/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41241 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41241/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41241/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41241 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA40766 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2010:037: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00000.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 18:09:34 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 03:09:34 +0200 Subject: [SEC] [SA41220] SUSE update for kernel Message-ID: <201009030109.o8319Yna005832@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41220 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41220/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41220 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41220/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41220/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41220 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and disclose potentially sensitive information, and by malicious people to cause a DoS. For more information: SA27908 SA31366 SA35265 SA37590 SA38601 1) An error while copying memory from userspace can be exploited to disclose potentially sensitive information. 2) A use-after-free error exists within the "tcp_rcv_state_process()" function, which can be exploited to cause a kernel crash by e.g. sending a specially crafted IPv6 packet to a listening socket with the IPV6_RECVPKTINFO option enabled. 3) Errors within the implementation of the External Data Representation (XDR) for NFSv4 can be exploited to cause a kernel crash by sending specially crafted compound requests to the NFSv4 server. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:036: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 18:23:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 03:23:40 +0200 Subject: [SEC] [SA41149] Apple iTunes Multiple Vulnerabilities Message-ID: <201009030123.o831NeQE026347@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Apple iTunes Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41149 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41149/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41149 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41149/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41149/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41149 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to the use of vulnerable WebKit code. For more information: SA40664 SOLUTION: Upgrade to version 10. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4328 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 18:44:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 03:44:11 +0200 Subject: [SEC] [SA41106] Bentley Microstation Insecure Library Loading Vulnerability Message-ID: <201009030144.o831iBpL014762@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Bentley Microstation Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41106 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41106/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41106 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41106/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41106/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41106 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Bentley Microstation, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. mptools.dll, baseman.dll, wintab32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening HLN or RDL files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 7.1. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Kalyan ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0320.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 19:15:10 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 04:15:10 +0200 Subject: [SEC] [SA41097] TeamMate Audit Management Software Suite Insecure Library Loading Vulnerability Message-ID: <201009030215.o832FAWq004096@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: TeamMate Audit Management Software Suite Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41097 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41097/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41097 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41097/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41097/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41097 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in TeamMate Audit Management Software Suite, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. mfc71enu.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a TMX file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 8.0 patch 2 for Windows. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Beenu Arora ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/14747/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 2 19:44:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 04:44:24 +0200 Subject: [SEC] [SA41264] Blackboard Transact Database Credentials Information Disclosure Message-ID: <201009030244.o832iOQs025324@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Blackboard Transact Database Credentials Information Disclosure SECUNIA ADVISORY ID: SA41264 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41264/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41264 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41264/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41264/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41264 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Blackboard Transact, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to the application storing the username and password of the database in clear text in various backup scripts. Successful exploitation requires read access to the backup scripts. The vulnerability is reported in versions 3.6.0.2 and prior. SOLUTION: Restrict access to the backup scripts. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: US-CERT credits John Fisher. ORIGINAL ADVISORY: US-CERT VU#204055: http://www.kb.cert.org/vuls/id/204055 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 10:29:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 19:29:58 +0200 Subject: [SEC] [SA41254] NuSOAP Cross-Site Scripting Vulnerability Message-ID: <201009031729.o83HTwQd020350@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: NuSOAP Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41254 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41254/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41254 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41254/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41254/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41254 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in NuSOAP, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to nusoap.php is not properly sanitised before being displayed to the user. This can be exploited to execute HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 0.9.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Bogdan Calin ORIGINAL ADVISORY: NuSOAP bug report: http://sourceforge.net/projects/nusoap/forums/forum/193579/topic/3834005 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 11:29:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 20:29:39 +0200 Subject: [SEC] [SA41278] MantisBT Cross-Site Scripting Vulnerability Message-ID: <201009031829.o83ITdHH010515@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MantisBT Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41278 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41278/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41278 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41278/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41278/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41278 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MantisBT, which can be exploited by malicious people to conduct cross-site scripting attacks. The application bundles a vulnerable version of NuSOAP. For more information: SA41254 The vulnerability is confirmed in version 1.2.2. Other versions may also be affected. SOLUTION: A patch is available in the Git repository. PROVIDED AND/OR DISCOVERED BY: Bogdan Calin ORIGINAL ADVISORY: http://www.mantisbt.org/bugs/view.php?id=12312 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 12:29:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 21:29:52 +0200 Subject: [SEC] [SA41152] Roxio MyDVD Insecure Library Loading Vulnerability Message-ID: <201009031929.o83JTqi9000653@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Roxio MyDVD Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41152 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41152/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41152 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41152/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41152/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41152 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Roxio MyDVD, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. HomeUtils9.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening DMSD or DMSM files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 9. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: storm ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/14781/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 13:29:49 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 22:29:49 +0200 Subject: [SEC] [SA41189] Visinia Cross-Site Request Forgery and File Disclosure Vulnerabilities Message-ID: <201009032029.o83KTnQU023306@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Visinia Cross-Site Request Forgery and File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA41189 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41189/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41189 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41189/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41189/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41189 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in Visinia, which can be exploited by malicious people to conduct cross-site request forgery attacks and disclose sensitive information. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete arbitrary modules by tricking a logged in administrative user into visiting a malicious web site. 2) Input passed via the "picture" parameter to image.axd is not properly verified before being used to read files. This can be exploited to download arbitrary files from local resources via directory traversal sequences. The vulnerabilities are confirmed in version 1.3. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Abysssec OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 14:23:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 23:23:21 +0200 Subject: [SEC] [SA41277] HP Operations Agent Two Vulnerabilities Message-ID: <201009032123.o83LNLQU013202@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP Operations Agent Two Vulnerabilities SECUNIA ADVISORY ID: SA41277 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41277/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41277 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41277/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41277/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41277 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in HP Operations Agent, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to potentially compromise a vulnerable system. 1) An unspecified error can be exploited to gain escalated privileges. No further information is currently available. 2) An unspecified error can be exploited to execute arbitrary code. No further information is currently available. The vulnerabilities are reported in HP Operations Agent versions 7.36 and 8.6 running on Windows. SOLUTION: Apply hotfixes available via HP Software support channel. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Francis Provencher, Protek Research Labs. ORIGINAL ADVISORY: HPSBMA02572 SSRT100082: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02497800 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 14:44:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Sep 2010 23:44:35 +0200 Subject: [SEC] [SA41258] PhotoImpact Insecure DLL Library Loading Vulnerability Message-ID: <201009032144.o83LiZ6Q001596@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: PhotoImpact Insecure DLL Library Loading Vulnerability SECUNIA ADVISORY ID: SA41258 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41258/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41258 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41258/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41258/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41258 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in PhotoImpact, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. bwsconst.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening UFP or UFO files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in PhotoImpact X3 version 13.00.0000.0. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Peter Poorman OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 15:11:59 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 00:11:59 +0200 Subject: [SEC] [SA41266] 3Com H3C S9500E Switches Denial of Service Vulnerability Message-ID: <201009032211.o83MBxbn022873@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: 3Com H3C S9500E Switches Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41266 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41266/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41266 RELEASE DATE: 2010-09-03 DISCUSS ADVISORY: http://secunia.com/advisories/41266/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41266/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41266 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in 3Com H3C S9500E switches, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing SNMP requests for the "hh3cAclIPAclBasicCount" MIB and can be exploited to cause the device to reboot. Successful exploitation requires the device to be configured with a high amount of ACL rules (e.g. 8000). The vulnerability is reported in version 5.20 release 1233. SOLUTION: Update to version 5.20 release 1233P01. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HSD70355: http://support.3com.com/documents/H3C/switches/9500/H3C_S9500E_CMW5.20.R1233P01_Release_Notes.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 15:46:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 00:46:15 +0200 Subject: [SEC] [SA41280] SUSE update for kernel Message-ID: <201009032246.o83MkFuk011919@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41280 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41280/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41280 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41280/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41280/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41280 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to cause a DoS. For more information: SA40965 1) Errors within the implementation of the External Data Representation (XDR) for NFSv4 can be exploited to cause a kernel crash by sending specially crafted compound requests to the NFSv4 server. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:038: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 16:12:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 01:12:39 +0200 Subject: [SEC] [SA41167] KeePass Password Safe Insecure Library Loading Vulnerability Message-ID: <201009032312.o83NCdX0000531@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: KeePass Password Safe Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41167 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41167/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41167 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41167/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41167/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41167 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in KeePass Password Safe, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. DwmApi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a KeePass Password Database (.kdbx) file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.12. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 16:47:12 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 01:47:12 +0200 Subject: [SEC] [SA41267] Zope ZServer Denial of Service Vulnerability Message-ID: <201009032347.o83NlCL4022033@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Zope ZServer Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41267 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41267/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41267 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41267/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41267/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41267 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Zope, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in PluggableAuthService (PAS) when an anonymous user requests a private page. This can be exploited to terminate all worker threads via repetitive page requests. The vulnerability is reported in versions prior to 2.10.12 and prior to 2.11.7. SOLUTION: Update to version 2.10.12 and 2.11.7. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.zope.org/Products/Zope/2.10.12/zope-2.10.12-released http://www.zope.org/Products/Zope/2.11.7/zope-2.10.12-released OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 17:12:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 02:12:06 +0200 Subject: [SEC] [SA41214] Ubuntu update for wget Message-ID: <201009040012.o840C67p010645@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for wget SECUNIA ADVISORY ID: SA41214 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41214/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41214 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41214/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41214/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41214 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for wget. This fixes a weakness, which can be exploited by malicious people to bypass certain security features. For more information: SA40861 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-982-1: http://www.ubuntu.com/usn/usn-982-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 17:44:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 02:44:28 +0200 Subject: [SEC] [SA41192] Gentoo update for wxGTK Message-ID: <201009040044.o840iSDY031989@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo update for wxGTK SECUNIA ADVISORY ID: SA41192 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41192/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41192 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41192/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41192/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41192 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for wxGTK. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system. For more information: SA35351 SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: GLSA 201009-01: http://www.gentoo.org/security/en/glsa/glsa-201009-01.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 18:10:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 03:10:06 +0200 Subject: [SEC] [SA41242] Google Chrome Multiple Vulnerabilities Message-ID: <201009040110.o841A6db020628@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41242 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41242/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41242 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41242/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41242/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41242 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct spoofing attacks, and compromise a user's system. 1) Certain unspecified homographic sequences can be used to spoof the URL bar. 2) The application did not properly restrict access to the clipboard, which can be exploited to e.g. set the clipboard content. 3) A stale pointer error exists related to SVG filters. Further information is currently not available. 4) An unspecified error can be exploited to enumerate installed extensions. 5) A use-after-free error exists within the notification presenter. Further information is currently not available. 6) An unspecified error related to the notification permissions can be exploited to cause a memory corruption. 7) "Integer errors" exist related to WebSockets. Further information is currently not available. 8) An unspecified error related to counter nodes can be exploited to cause a memory corruption. 9) The application may store excessive autocomplete entries. Further information is currently not available. 10) A stale pointer error exists within the focus handling. Further information is currently not available. 11) An unspecified error exists within the sandbox parameter deserialisation. 12) An unspecified error can be exploited to conduct cross-origin image thefts. Note: Additionally, an error related to WebSockets can be exploited to cause a "NULL crash" and the pop-up blocker can be bypassed via blank frame targets. SOLUTION: Fixed in version 6.0.472.53. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Chris Weber, Casaba Security 2) Brook Novak 3) Tavis Ormandy, Google Security Team 4) Lostmon 5) Sergey Glazunov 6) Michal Zalewski, Google Security Team and SkyLined, Google Chrome Security Team 7) Cris Neckar, Google Chrome Security Team and Keith Campbell 8) kuzzcc 9) Inferno, Google Chrome Security Team 10) Vupen 11) Ashutosh Mehra and Vineet Batra, Adobe Reader Sandbox Team 12) Isaac Dawson The vendor also credits Marc Schoenefeld for his help regarding a workaround related to a Windows kernel vulnerability, which was previously incorrectly reported to be included in version 5.0.375.127. ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html Marc Schoenefeld: http://www.marc-schoenefeld.de/vulns.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 18:23:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 03:23:30 +0200 Subject: [SEC] [SA41275] Fedora update for rekonq Message-ID: <201009040123.o841NUmH008722@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for rekonq SECUNIA ADVISORY ID: SA41275 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41275/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41275 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41275/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41275/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41275 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for rekonq. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA40646 SOLUTION: Apply updated packages using the yum utility ("yum update rekonq"). ORIGINAL ADVISORY: FEDORA-2010-12255: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046939.html FEDORA-2010-12271: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046926.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 18:44:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 03:44:27 +0200 Subject: [SEC] [SA41253] L0phtCrack Insecure Library Loading Vulnerability Message-ID: <201009040144.o841iROU029529@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: L0phtCrack Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41253 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41253/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41253 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41253/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41253/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41253 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in L0phtCrack, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc90.dll, which loads libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an LCS file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 6.0.9. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 19:13:49 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 04:13:49 +0200 Subject: [SEC] [SA41273] Fedora update for sssd Message-ID: <201009040213.o842Dnq2018836@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for sssd SECUNIA ADVISORY ID: SA41273 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41273/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41273 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41273/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41273/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41273 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for sssd. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. Fore more information: SA41159 SOLUTION: Apply updated packages using the yum utility ("yum update sssd"). ORIGINAL ADVISORY: FEDORA-2010-13557: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046946.html FEDORA-2010-13549: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046955.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 19:44:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 04:44:40 +0200 Subject: [SEC] [SA41272] Fedora update for wireshark Message-ID: <201009040244.o842ieCU007697@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for wireshark SECUNIA ADVISORY ID: SA41272 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41272/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41272 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41272/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41272/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41272 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA40112 SOLUTION: Apply updated packages using the yum utility ("yum update wireshark"). ORIGINAL ADVISORY: FEDORA-2010-13427: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046962.html FEDORA-2010-13416: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046957.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 3 20:09:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Sep 2010 05:09:31 +0200 Subject: [SEC] [SA41274] Fedora update for kernel Message-ID: <201009040309.o8439VoW028703@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA41274 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41274/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41274 RELEASE DATE: 2010-09-04 DISCUSS ADVISORY: http://secunia.com/advisories/41274/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41274/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41274 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA41055 SOLUTION: Apply updated packages via the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2010-13903: https://admin.fedoraproject.org/updates/kernel-2.6.32.21-166.fc12 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 10:29:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Sep 2010 19:29:37 +0200 Subject: [SEC] [SA41296] MAGIX Samplitude Producer Insecure Library Loading Vulnerability Message-ID: <201009061729.o86HTbG5022393@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MAGIX Samplitude Producer Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41296 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41296/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41296 RELEASE DATE: 2010-09-06 DISCUSS ADVISORY: http://secunia.com/advisories/41296/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41296/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41296 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MAGIX Samplitude Producer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. PlayRIplA6.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a VIP file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 11. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by Mi4night. ORIGINAL ADVISORY: http://www.exploit-db.com/dll-hijacking-vulnerable-applications/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 11:28:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Sep 2010 20:28:08 +0200 Subject: [SEC] [SA41276] Entrust Identification and Entitlements Server XML Entity References Information Disclosure Message-ID: <201009061828.o86IS8q9012529@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Entrust Identification and Entitlements Server XML Entity References Information Disclosure SECUNIA ADVISORY ID: SA41276 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41276/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41276 RELEASE DATE: 2010-09-06 DISCUSS ADVISORY: http://secunia.com/advisories/41276/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41276/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41276 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Entrust Identification and Entitlements Server, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error within the CredentialCollector service when processing SOAP messages, which can be exploited to e.g. disclose contents of certain local files (e.g. not containing non-printable characters) by sending specially crafted SOAP messages including external entity references to local files. SOLUTION: Follow instructions detailed in Security Bulletin E10-004. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Sverre H. Huseby ORIGINAL ADVISORY: Sverre H. Huseby: http://shh.thathost.com/secadv/2009-06-15-entrust-ies.txt Entrust: https://secure.entrust.com/trustedcare/troubleshooting/e10-004.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 12:28:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Sep 2010 21:28:02 +0200 Subject: [SEC] [SA41319] MicroNetSoft RV Dealer Website "vehicletypeID" SQL Injection Vulnerability Message-ID: <201009061928.o86JS2iR002679@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MicroNetSoft RV Dealer Website "vehicletypeID" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41319 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41319/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41319 RELEASE DATE: 2010-09-06 DISCUSS ADVISORY: http://secunia.com/advisories/41319/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41319/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41319 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Micronetsoft RV Dealer Website, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "vehicletypeID" parameter to detail.asp (when "ad_ID" is set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: L0rd CrusAd3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 13:27:57 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Sep 2010 22:27:57 +0200 Subject: [SEC] [SA41322] Joomla! Clantools Component Two SQL Injection Vulnerabilities Message-ID: <201009062027.o86KRvPo025310@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla! Clantools Component Two SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41322 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41322/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41322 RELEASE DATE: 2010-09-06 DISCUSS ADVISORY: http://secunia.com/advisories/41322/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41322/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41322 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in the Clantools component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. 1) Input passed via the "squad" parameter in index.php (when "option" is set to "com_clantools") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via the "showgame" parameter to index.php (when "option" is set to "com_clantools" and "task" is set to "clanwar") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 1.2.3. Other versions may also be affected. SOLUTION: Update to version 1.2.4. PROVIDED AND/OR DISCOVERED BY: Stephan Sattler // Solidmedia ORIGINAL ADVISORY: Clantools: http://joomla-clantools.de/downloads/doc_details/29-update-auf-124.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 14:21:59 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Sep 2010 23:21:59 +0200 Subject: [SEC] [SA41320] MicroNetSoft Rental Property Management Website "ad_ID" SQL Injection Vulnerability Message-ID: <201009062121.o86LLxOU015229@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MicroNetSoft Rental Property Management Website "ad_ID" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41320 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41320/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41320 RELEASE DATE: 2010-09-06 DISCUSS ADVISORY: http://secunia.com/advisories/41320/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41320/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41320 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in MicroNetSoft Rental Property Management Website, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "ad_ID" parameter to detail.asp is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: L0rd CrusAd3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 14:42:55 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Sep 2010 23:42:55 +0200 Subject: [SEC] [SA41285] Bip "bip_on_event()" NULL Pointer Dereference Denial of Service Message-ID: <201009062142.o86LgtbZ003650@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Bip "bip_on_event()" NULL Pointer Dereference Denial of Service SECUNIA ADVISORY ID: SA41285 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41285/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41285 RELEASE DATE: 2010-09-06 DISCUSS ADVISORY: http://secunia.com/advisories/41285/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41285/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41285 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Bip, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer deference error within the function "bip_on_event()" in src/irc.c, which can be exploited to cause a crash by sending specially crafted data to Bip's listening socket (e.g. 7778/TCP). The vulnerability is confirmed in version 0.8.5. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Reported in a Debian bug report by Uli Schlachter. ORIGINAL ADVISORY: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595409 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 15:00:41 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 00:00:41 +0200 Subject: [SEC] [SA41282] DMXReady Members Area Manager "Address2" and "shipping_Address2" Script Insertion Message-ID: <201009062200.o86M0fDj024444@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: DMXReady Members Area Manager "Address2" and "shipping_Address2" Script Insertion SECUNIA ADVISORY ID: SA41282 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41282/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41282 RELEASE DATE: 2010-09-06 DISCUSS ADVISORY: http://secunia.com/advisories/41282/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41282/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41282 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in DMXReady Members Area Manager, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "Address2" and "shipping_Address2" POST parameters to membersareamanager.asp is not properly sanitised before being stored and returned to the user. This can be exploited to insert arbitrary HTML and script code, which will execute in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in version 2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: L0rd CrusAd3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 15:25:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 00:25:36 +0200 Subject: [SEC] [SA41310] Joomla! Clantools Component "squad" SQL Injection Vulnerability Message-ID: <201009062225.o86MPaRF013066@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla! Clantools Component "squad" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41310 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41310/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41310 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41310/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41310/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41310 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Clantools component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "squad" parameter to index.php (when "option" is set to "com_clantools") is not properly sanitised before being used in SQL queries. This can be exploited by to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.5. Other versions may also be affected. SOLUTION: Apply patch. PROVIDED AND/OR DISCOVERED BY: Stephan Sattler // Solidmedia ORIGINAL ADVISORY: Clantools: http://joomla-clantools.de/downloads/doc_details/30-security-fix-v15.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 15:46:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 00:46:18 +0200 Subject: [SEC] [SA41306] DMXready Polling Booth Manager "QuestionID" SQL Injection Vulnerability Message-ID: <201009062246.o86MkIpU001429@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: DMXready Polling Booth Manager "QuestionID" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41306 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41306/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41306 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41306/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41306/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41306 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in DMXReady Polling Booth Manager, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "QuestionID" parameter to inc_pollingboothmanager.asp (when "view" is set to "results") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: L0rd CrusAd3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 16:12:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 01:12:39 +0200 Subject: [SEC] [SA41271] Internet Explorer Cross-Origin CSS Style Sheet Handling Vulnerability Message-ID: <201009062312.o86NCdQw022582@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Internet Explorer Cross-Origin CSS Style Sheet Handling Vulnerability SECUNIA ADVISORY ID: SA41271 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41271/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41271 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41271/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41271/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41271 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to gain knowledge of sensitive information. The vulnerability is caused due to a combination of cross-origin content inclusion being allowed and the manner in which the CSS parser is fault-tolerant when processing content. This can be exploited to obtain sensitive information from a web page in another domain by injecting certain data into the page and then importing it as a style sheet. The vulnerability is confirmed in Internet Explorer 6, 7, and 8 on a fully patched Windows XP SP3. Other versions may also be affected. SOLUTION: Do not visit untrusted sites while being logged in to another site. PROVIDED AND/OR DISCOVERED BY: Chris Evans ORIGINAL ADVISORY: Chris Evans: http://archives.neohapsis.com/archives/fulldisclosure/current/0066.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 16:47:13 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 01:47:13 +0200 Subject: [SEC] [SA41321] Linux Kernel JFS xattr Namespace Access Rules Security Bypass Message-ID: <201009062347.o86NlDbU011619@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel JFS xattr Namespace Access Rules Security Bypass SECUNIA ADVISORY ID: SA41321 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41321/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41321 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41321/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41321/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41321 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to the JFS file system not properly enforcing xattr namespace access rules, which can be exploited to bypass the access rules by prefixing valid xattr names with "os2". SOLUTION: Update to version 2.4.37.10. PROVIDED AND/OR DISCOVERED BY: Sergey Vlasov ORIGINAL ADVISORY: http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.10 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 17:11:57 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 02:11:57 +0200 Subject: [SEC] [SA41300] Joomla! Gantry Component "moduleid" SQL Injection Vulnerability Message-ID: <201009070011.o870Bvoh032642@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla! Gantry Component "moduleid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41300 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41300/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41300 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41300/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41300/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41300 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Gantry component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "moduleid" parameter to index.php (when "option" is set to "com_gantry", "tmpl" is set to "gantry-ajax", and "model" is set to "module") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 3.0.10. Other versions may also be affected. SOLUTION: Update to version 3.0.11. PROVIDED AND/OR DISCOVERED BY: jdc ORIGINAL ADVISORY: Gantry: http://www.gantry-framework.org/news/70-joomla-version-3011-released OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 17:44:50 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 02:44:50 +0200 Subject: [SEC] [SA41308] jetAudio Insecure Library Loading Vulnerability Message-ID: <201009070044.o870iodt021601@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: jetAudio Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41308 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41308/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41308 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41308/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41308/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41308 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in jetAudio, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. WNASPI32.DLL) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a MP3 file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are opened via the Windows Explorer "Open With" menu. The vulnerability is confirmed in version 8.0.7.1000 Basic. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by NEO, DataIran Security. ORIGINAL ADVISORY: http://www.exploit-db.com/dll-hijacking-vulnerable-applications/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 18:09:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 03:09:56 +0200 Subject: [SEC] [SA41255] BlueCMS "X-Forwarded-For" SQL Injection Vulnerability Message-ID: <201009070109.o8719u2J010224@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: BlueCMS "X-Forwarded-For" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41255 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41255/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41255 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41255/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41255/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41255 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: cnryan has reported a vulnerability in BlueCMS, which can be exploited by malicious people to conduct SQL Injection attacks. Input passed via the "X-Forwarded-For" HTTP header to e.g. comment.php (when "act" is set to "send") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: cnryan, Wolves Security Team. ORIGINAL ADVISORY: http://bbs.wolvez.org/viewtopic.php?id=148 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 18:23:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 03:23:35 +0200 Subject: [SEC] [SA41287] Simple Management for BIND "username" SQL Injection Vulnerability Message-ID: <201009070123.o871NZIn030728@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Simple Management for BIND "username" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41287 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41287/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41287 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41287/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41287/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41287 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Simple Management for BIND, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "username" parameter to main.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 0.4.7. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: IHTeam OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 18:44:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 03:44:20 +0200 Subject: [SEC] [SA41303] Debian update for smbind Message-ID: <201009070144.o871iK6r019159@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for smbind SECUNIA ADVISORY ID: SA41303 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41303/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41303 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41303/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41303/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41303 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for smbind. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks. For more information: SA41287 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2103-1: http://www.us.debian.org/security/2010/dsa-2103 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 19:15:13 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 04:15:13 +0200 Subject: [SEC] [SA41290] libHX "hx_split()" Buffer Overflow Vulnerability Message-ID: <201009070215.o872FDaR008535@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: libHX "hx_split()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41290 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41290/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41290 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41290/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41290/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41290 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in libHX, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an error within the "HX_split()" function in src/string.c, which can lead to a heap-based buffer overflow when e.g. calling the function and passing a string with less fields than passed via the "max" parameter. Reported in all versions prior to 3.6. SOLUTION: Update to version 3.6. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://libhx.git.sourceforge.net/git/gitweb.cgi?p=libhx/libhx;a=commitdiff;h=904a46f90dd3f046bfac0b64a5e813d7cd4fca59 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 19:44:53 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 04:44:53 +0200 Subject: [SEC] [SA41291] Fedora update for libHX and pam_mount Message-ID: <201009070244.o872ir5P029754@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for libHX and pam_mount SECUNIA ADVISORY ID: SA41291 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41291/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41291 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41291/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41291/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41291 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libHX and pam_mount. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library. For more information: SA41290 SOLUTION: Apply updated packages using the yum utility ("yum update libHX pam_mount"). ORIGINAL ADVISORY: FEDORA-2010-13155: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046980.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046981.html FEDORA-2010-13127: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047000.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/046999.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 20:09:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 05:09:35 +0200 Subject: [SEC] [SA41301] Softbiz Article Directory Script "sbiz_id" SQL Injection Vulnerability Message-ID: <201009070309.o8739ZU0018356@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Softbiz Article Directory Script "sbiz_id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41301 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41301/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41301 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41301/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41301/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41301 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Softbiz Article Directory Script, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "sbiz_id" parameter to articles/article_details.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: BorN ToKiLL ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/14910/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 20:23:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 05:23:31 +0200 Subject: [SEC] [SA41298] Squid String Processing NULL Pointer Dereference Denial of Service Vulnerability Message-ID: <201009070323.o873NVlQ006479@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Squid String Processing NULL Pointer Dereference Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41298 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41298/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41298 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41298/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41298/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41298 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Squid, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to certain internal Squid string processing routines not properly checking for NULL pointers, which can be exploited to e.g. cause a NULL pointer dereference by sending specially crafted requests. The vulnerability is reported in versions prior to 3.1.8 and 3.2.0.2. SOLUTION: Update to version 3.1.8 and 3.2.0.2 or apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Phil Oester. ORIGINAL ADVISORY: http://www.squid-cache.org/Advisories/SQUID-2010_3.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 20:44:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 05:44:29 +0200 Subject: [SEC] [SA41313] chillyCMS "name" Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201009070344.o873iTRh027312@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: chillyCMS "name" Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41313 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41313/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41313 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41313/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41313/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41313 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AmnPardaz Security Research Team has discovered some vulnerabilities in chillyCMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "name" parameter to core/showsite.php when using the login module is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "name" parameter to core/showsite.php when using the login module is not properly sanitised before being used in SQL queries in core/user.class.php. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 1.1.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AmnPardaz Security Research Team ORIGINAL ADVISORY: http://www.bugreport.ir/index_73.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 21:10:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 06:10:02 +0200 Subject: [SEC] [SA41288] Fedora update for python3 Message-ID: <201009070410.o874A27A015946@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for python3 SECUNIA ADVISORY ID: SA41288 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41288/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41288 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41288/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41288/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41288 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for python3. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA39937 SA40148 SOLUTION: Apply updated packages via the yum utility ("yum update python3"). ORIGINAL ADVISORY: FEDORA-2010-13388 https://admin.fedoraproject.org/updates/python3-3.1.2-7.fc13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 21:23:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 06:23:24 +0200 Subject: [SEC] [SA41260] Debian update for barnowl Message-ID: <201009070423.o874NOjv004030@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for barnowl SECUNIA ADVISORY ID: SA41260 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41260/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41260 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41260/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41260/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41260 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for barnowl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA40953 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2102-1: http://www.us.debian.org/security/2010/dsa-2102 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 21:44:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 06:44:17 +0200 Subject: [SEC] [SA41289] Fedora update for sblim-sfcb Message-ID: <201009070444.o874iHw8024880@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for sblim-sfcb SECUNIA ADVISORY ID: SA41289 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41289/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41289 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41289/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41289/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41289 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for sblim-sfcb. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA40018 SOLUTION: Apply updated packages using the yum utility ("yum update sblim-sfcb"). ORIGINAL ADVISORY: FEDORA-2010-12847: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 6 22:10:47 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 07:10:47 +0200 Subject: [SEC] [SA41205] Rainbow Portal Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201009070510.o875AlcI013565@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Rainbow Portal Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA41205 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41205/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41205 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41205/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41205/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41205 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Rainbow Portal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and script insertion attacks. 1) Input passed via arbitrary parameters to various scripts e.g. app_support/FCK.filemanager/imagegallery.aspx is not properly sanitised before being returned to the user in app_support/SmartError.aspx. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "Title", "Name", and "Comments" parameters to DesktopModules/Blog/BlogView.aspx is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 3) Input passed via the "Title" and "Status" parameters to DesktopModules/MileStones/MilestonesEdit.aspx, the "Name", "Role", "Office", "Mobile", "Fax", and "Address" parameters to DesktopModules/Contacts/ContactsEdit.aspx, the "Title" parameter to DesktopModules/Announcements/AnnouncementsEdit.aspx, the "Title" and "Description" parameters to DesktopModules/EnhancedLinks/EnhancedLinksEdit.aspx, and the "Filename" and "Category" parameters to DesktopModules/Documents/DocumentsEdit.aspx is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in version 2.0.0.1881e. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Abysssec OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 10:29:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 19:29:38 +0200 Subject: [SEC] [SA41295] MySource Matrix "height" and "width" Cross-Site Scripting Vulnerabilities Message-ID: <201009071729.o87HTc5p001897@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MySource Matrix "height" and "width" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA41295 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41295/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41295 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41295/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41295/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41295 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in MySource Matrix, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "height" and "width" parameters to char_map.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 3.28.3. Other versions may also be affected. SOLUTION: Update to version 3.28.4. PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Lab ORIGINAL ADVISORY: ZSL-2010-4962: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4962.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 11:29:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 20:29:27 +0200 Subject: [SEC] [SA40508] Gentoo update for sudo Message-ID: <201009071829.o87ITRX5024541@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo update for sudo SECUNIA ADVISORY ID: SA40508 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40508/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40508 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/40508/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40508/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40508 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for sudo. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and to bypass certain security restrictions. For more information: SA40002 SA41316 SOLUTION: Update to "app-admin/sudo-1.7.4_p3-r1" or later. ORIGINAL ADVISORY: GLSA 201009-03: http://www.gentoo.org/security/en/glsa/glsa-201009-03.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 12:29:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 21:29:11 +0200 Subject: [SEC] [SA41316] Sudo Runas Group Matching Vulnerability Message-ID: <201009071929.o87JTBcP014729@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Sudo Runas Group Matching Vulnerability SECUNIA ADVISORY ID: SA41316 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41316/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41316 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41316/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41316/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41316 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sudo, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to a logic error in the processing of Runas groups when the "-u" option is specified. This can be exploited to execute commands that are configured in a sudoers file as an arbitrary user if an allowed Runas group is also configured in the entry. The vulnerability is reported in version 1.7.0 through 1.7.4p3. SOLUTION: Update to version 1.7.4p4. PROVIDED AND/OR DISCOVERED BY: The vendor credits Markus Wuethrich, Swiss Post - PostFinance. ORIGINAL ADVISORY: http://www.sudo.ws/sudo/alerts/runas_group.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 13:29:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 22:29:30 +0200 Subject: [SEC] [SA41317] DynPage "file" File Disclosure Vulnerability Message-ID: <201009072029.o87KTUh0004920@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: DynPage "file" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA41317 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41317/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41317 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41317/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41317/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41317 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in DynPage, which can be exploited by malicious people to disclose sensitive information. Input passed to the "file" parameter in content/dynpage_load.php is not properly verified before being used to read files. This can be exploited to read arbitrary files from local resources via directory traversal sequences. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Abysssec OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 14:24:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 23:24:18 +0200 Subject: [SEC] [SA41286] Weborf Directory Traversal Vulnerability Message-ID: <201009072124.o87LOIme027294@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Weborf Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA41286 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41286/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41286 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41286/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41286/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41286 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Weborf, which can be exploited by malicious people to disclose sensitive information. Input passed via the URL is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks. The vulnerability is confirmed in version 0.12.2. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists). PROVIDED AND/OR DISCOVERED BY: Rew ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/14925/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 14:44:49 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Sep 2010 23:44:49 +0200 Subject: [SEC] [SA41293] Joomla! Aardvertiser Component "cat_name" SQL Injection Message-ID: <201009072144.o87Linb1015712@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla! Aardvertiser Component "cat_name" SQL Injection SECUNIA ADVISORY ID: SA41293 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41293/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41293 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41293/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41293/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41293 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Aardvertiser component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via "cat_name" to index.php (when "option" is set to "com_aardvertiser" and "task" is set to "view") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 2.1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stephan Sattler OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 15:11:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 00:11:38 +0200 Subject: [SEC] [SA41283] Horde Application Framework "subdir" Cross-Site Scripting Vulnerability Message-ID: <201009072211.o87MBcTU004515@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Horde Application Framework "subdir" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41283 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41283/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41283 RELEASE DATE: 2010-09-07 DISCUSS ADVISORY: http://secunia.com/advisories/41283/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41283/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41283 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Moritz Naumann has discovered a vulnerability in Horde Application Framework, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "subdir" parameter to util/icon_browser.php (when "app" is set to "horde") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.3.8. Other versions may also be affected. SOLUTION: Fixed in the Git repository. PROVIDED AND/OR DISCOVERED BY: Moritz Naumann ORIGINAL ADVISORY: Horde: http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9 Moritz Naumann: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0084.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 15:45:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 00:45:38 +0200 Subject: [SEC] [SA41281] Gentoo update for maildrop Message-ID: <201009072245.o87Mjcbi025933@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo update for maildrop SECUNIA ADVISORY ID: SA41281 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41281 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41281/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41281/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41281 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for maildrop. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA38367 SOLUTION: Update to "mail-filter/maildrop-2.4.2" or later. ORIGINAL ADVISORY: GLSA 201009-02: http://www.gentoo.org/security/en/glsa/glsa-201009-02.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 7 16:11:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 01:11:27 +0200 Subject: [SEC] [SA41238] Debian update for quagga Message-ID: <201009072311.o87NBRi9014620@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for quagga SECUNIA ADVISORY ID: SA41238 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41238/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41238 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41238/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41238/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41238 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for quagga. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA41038 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2104-1: http://lists.debian.org/debian-security-announce/2010/msg00150.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 10:29:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 19:29:40 +0200 Subject: [SEC] [SA41342] zenphoto "user" Cross-Site Scripting Vulnerability Message-ID: <201009081729.o88HTe5j005228@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: zenphoto "user" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41342 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41342/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41342 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41342/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41342/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41342 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Bogdan Calin has discovered a vulnerability in zenphoto, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "user" parameter to zp-core/admin.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.3. Other versions may also be affected. SOLUTION: Update to version 1.3.1. PROVIDED AND/OR DISCOVERED BY: Bogdan Calin, Acunetix. ORIGINAL ADVISORY: Acunetix: http://www.acunetix.com/blog/web-security-zone/articles/zenphoto-13-advisory/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 11:29:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 20:29:29 +0200 Subject: [SEC] [SA41350] zenphoto "a" SQL Injection Vulnerability Message-ID: <201009081829.o88ITT8l027820@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: zenphoto "a" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41350 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41350/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41350 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41350/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41350/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41350 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Bogdan Calin has discovered a vulnerability in zenphoto, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "a" parameter to zp-core/full-image.php (when "i" is set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.3.1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Bogdan Calin, Acunetix. ORIGINAL ADVISORY: Acunetix: http://www.acunetix.com/blog/web-security-zone/articles/zenphoto-13-advisory/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 12:29:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 21:29:27 +0200 Subject: [SEC] [SA41340] Adobe Reader / Acrobat Font Parsing Buffer Overflow Vulnerability Message-ID: <201009081929.o88JTRlo018018@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Adobe Reader / Acrobat Font Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41340 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41340/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41340 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41340/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41340/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41340 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Adobe Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the font parsing in CoolType.dll and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted PDF file. The vulnerability is confirmed in versions 8.2.4 and 9.3.4. Other versions may also be affected. NOTE: The vulnerability is currently being actively exploited. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. ORIGINAL ADVISORY: http://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 13:29:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 22:29:24 +0200 Subject: [SEC] [SA41326] Gentoo update for sarg Message-ID: <201009082029.o88KTOeB008198@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo update for sarg SECUNIA ADVISORY ID: SA41326 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41326/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41326 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41326/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41326/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41326 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for sarg. This fixes multiple vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA30156 SOLUTION: Update to "net-analyzer/sarg-2.2.5-r5" or later. ORIGINAL ADVISORY: GLSA 201009-04: http://www.gentoo.org/security/en/glsa/glsa-201009-04.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 14:23:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 23:23:06 +0200 Subject: [SEC] [SA41302] Red Hat update for firefox Message-ID: <201009082123.o88LN6BD030502@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for firefox SECUNIA ADVISORY ID: SA41302 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41302/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41302 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41302/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41302/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41302 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41297 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: https://rhn.redhat.com/errata/RHSA-2010-0681.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 14:44:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Sep 2010 23:44:24 +0200 Subject: [SEC] [SA41284] Linux Kernel "xfs_ioc_fsgetxattr()" Memory Leak Message-ID: <201009082144.o88LiOOk018938@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel "xfs_ioc_fsgetxattr()" Memory Leak SECUNIA ADVISORY ID: SA41284 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41284/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41284 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41284/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41284/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41284 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose certain system information. The weakness is caused due to the "xfs_ioc_fsgetxattr()" function in fs/xfs/linux-2.6/xfs_ioctl.c not properly initializing all members of a certain structure before copying it to userspace, which can be exploited to disclose kernel stack memory by sending XFS_IOC_FSGETXATTR IOCTLs. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: http://www.linux.sgi.com/cgi-bin/mesg.cgi?a=xfs-masters&i=AANLkTi%3DHdtMVJk7rCf89zirUcyn-5qc%2B50soVt%3D7dE6t%40mail.gmail.com OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 15:11:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 00:11:03 +0200 Subject: [SEC] [SA41210] phpMyAdmin Unspecified Cross-Site Scripting Vulnerability Message-ID: <201009082211.o88MB3Bh007728@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: phpMyAdmin Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41210 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41210 RELEASE DATE: 2010-09-08 DISCUSS ADVISORY: http://secunia.com/advisories/41210/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41210/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41210 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input passed to the setup script is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. NOTE: Successful exploitation requires that installation best-practices have not been followed and the setup scripts have not been deleted after a successful installation. The vulnerability is reported in versions prior to 3.3.7. SOLUTION: Update to version 3.3.7. PROVIDED AND/OR DISCOVERED BY: The vendor credits Tenable Network Security. ORIGINAL ADVISORY: PMASA-2010-7: http://www.phpmyadmin.net/home_page/security/PMASA-2010-7.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 15:46:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 00:46:02 +0200 Subject: [SEC] [SA41305] Textpattern "q" Cross-Site Scripting Vulnerability Message-ID: <201009082246.o88Mk2Tr029188@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Textpattern "q" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41305 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41305/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41305 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41305/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41305/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41305 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krstic has discovered a vulnerability in Textpattern, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "q" parameter in index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires the "Production Status" to be set to "Debugging" or "Testing" (set by default). The vulnerability is confirmed in version 4.2.0. Other versions may also be affected. SOLUTION: Ensure that "Production Status" is set to "Live". PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Lab. ORIGINAL ADVISORY: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4963.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 16:12:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 01:12:08 +0200 Subject: [SEC] [SA41332] ColdGen ColdOfficeView "EventID" and "UserID" SQL Injection Vulnerabilities Message-ID: <201009082312.o88NC8xO017871@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ColdGen ColdOfficeView "EventID" and "UserID" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41332 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41332/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41332 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41332/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41332/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41332 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in ColdGen ColdOfficeView, which can be exploited by malicious users and malicious people to conduct SQL injection attacks. 1) Input passed via the "EventID" (when "fuseaction" is set to "ViewEventDetails") parameter to index.cfm is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that the attacker is logged in to the application. 2) Input passed via the "UserID" (when "fuseaction" is set to "EditProfile") parameter to index.cfm is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 2.04. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: mr_me OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 16:47:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 01:47:11 +0200 Subject: [SEC] [SA41335] ColdGen ColdUserGroup Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201009082347.o88NlBcD006938@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ColdGen ColdUserGroup Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41335 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41335/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41335 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41335/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41335/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41335 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in ColdGen ColdUserGroup, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "Keywords" POST parameter when performing a search is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "LibraryID" to index.cfm is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 1.06. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: mr_me OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 17:11:57 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 02:11:57 +0200 Subject: [SEC] [SA41315] Debian update for freetype Message-ID: <201009090011.o890BvDT027942@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for freetype SECUNIA ADVISORY ID: SA41315 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41315/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41315 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41315/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41315/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41315 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for freetype. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. For more information: SA40586 SA40816 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2105-1: http://lists.debian.org/debian-security-announce/2010/msg00152.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 17:44:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 02:44:28 +0200 Subject: [SEC] [SA41325] Gentoo update for acroread Message-ID: <201009090044.o890iSIC016888@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo update for acroread SECUNIA ADVISORY ID: SA41325 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41325/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41325 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41325/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41325/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41325 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or compromise a user's system. For more information: SA37690 SA38551 SA39272 SA40034 SOLUTION: Update to "app-text/acroread-9.3.4" or later. ORIGINAL ADVISORY: GLSA 201009-05: http://www.gentoo.org/security/en/glsa/glsa-201009-05.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 18:09:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 03:09:38 +0200 Subject: [SEC] [SA41297] Mozilla Firefox Multiple Vulnerabilities Message-ID: <201009090109.o8919cKe005497@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Mozilla Firefox Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41297 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41297/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41297 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41297/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41297/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41297 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. 1) Some unspecified errors in the browser engine can be exploited to corrupt memory and potentially execute arbitrary code. 2) An integer overflow error within the implementation of the HTML frameset element can be exploited to cause a heap-based buffer overflow by passing a very large number of columns in the counter for the column numbers. Successful exploitation of this vulnerability may allow execution of arbitrary code. 3) An error in the implementation of "navigator.plugins" can be exploited to trigger the use of an invalid pointer and execute arbitrary code. 4) An error when transforming text runs can be exploited to cause a heap-based buffer overflow via a specially crafted page containing bidirectional text run. Successful exploitation of this vulnerability may allow execution of arbitrary code. 5) An use-after-free error in the handling of XUL tree selections can be exploited to corrupt memory and execute arbitrary code. This is related to vulnerability #7 in: SA39925 6) An error in the handling of XUL tree objects can be exploited to trigger the removal of the tree from the DOM and cause certain sections of deleted memory to be accessed. Successful exploitation allows execution of arbitrary code in products based on Gecko version 1.9.1 (e.g. Firefox 3.5). 7) An error in the handling of "nsTreeContentView" can be exploited to remove a node prior to accessing it. Successful exploitation of this vulnerability may allow execution of arbitrary code. 8) An error when normalising a document can be exploited to trigger the use of a deleted object. Successful exploitation of this vulnerability may allow execution of arbitrary code. 9) An error in the handling of fonts applied to a document can be exploited to corrupt memory and potentially execute arbitrary code on a Mac system. 10) The wrapper class "XPCSafeJSObjectWrapper" (SJOW) creates scope chains ending in outer objects. This may be exploited to execute arbitrary javascript code with chrome privileges if users of SJOWs expect the scope chain to end on an inner object. 11) A logic error in the wrapper class "XPCSafeJSObjectWrapper" (SJOW) allows to run a function within the context of another site. This can be exploited to bypass the same-origin policy and conduct cross-site scripting attacks. 12) An error in the handling of the type attribute of an tag can be used to override the charset of a framed HTML document, even when the document is included across origins. This can be exploited inject and execute UTF-7 encoded javascript code into a site, potentially bypassing cross-site scripting filters. 13) An error when copy-and-pasting or drag-and-dropping HTML code onto a document with designMode enabled can be exploited to execute arbitrary javascript code in the context of the site where the code is dropped. 14) The "statusText" property of an XMLHttpRequest object is readable by the requestor even when the request is made across origins. This can be exploited to gain information about servers within internal networks. SOLUTION: Update to version 3.6.9 or 3.5.12. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong, and Olli Pettay 2) Chris Rohlf, Matasano Security 3) Sergey Glazunov 4) wushi, team509 5 - 8) regenrecht, reported via ZDI 9) Marc Schoenefeld 10) Blake Kaplan 11) moz_bug_r_a4 12) David Huang and Collin Jackson, Carnegie Mellon University CyLab 13) Paul Stone 14) Matt Haggard, Nicholas Berthaume ORIGINAL ADVISORY: Mozilla: http://www.mozilla.org/security/announce/2010/mfsa2010-49.html http://www.mozilla.org/security/announce/2010/mfsa2010-50.html http://www.mozilla.org/security/announce/2010/mfsa2010-51.html http://www.mozilla.org/security/announce/2010/mfsa2010-53.html http://www.mozilla.org/security/announce/2010/mfsa2010-54.html http://www.mozilla.org/security/announce/2010/mfsa2010-55.html http://www.mozilla.org/security/announce/2010/mfsa2010-56.html http://www.mozilla.org/security/announce/2010/mfsa2010-57.html http://www.mozilla.org/security/announce/2010/mfsa2010-58.html http://www.mozilla.org/security/announce/2010/mfsa2010-59.html http://www.mozilla.org/security/announce/2010/mfsa2010-60.html http://www.mozilla.org/security/announce/2010/mfsa2010-61.html http://www.mozilla.org/security/announce/2010/mfsa2010-62.html http://www.mozilla.org/security/announce/2010/mfsa2010-63.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 18:23:13 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 03:23:13 +0200 Subject: [SEC] [SA41333] ColdGen ColdCalendar "EventID" SQL Injection Vulnerability Message-ID: <201009090123.o891NDfk026007@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ColdGen ColdCalendar "EventID" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41333 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41333/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41333 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41333/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41333/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41333 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ColdGen ColdCalendar, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "EventID" parameter to index.cfm (when "fuseaction" is set to "ViewEventDetails") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 2.06. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: mr_me OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 18:44:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 03:44:23 +0200 Subject: [SEC] [SA41318] Red Hat update for seamonkey Message-ID: <201009090144.o891iNo3014439@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for seamonkey SECUNIA ADVISORY ID: SA41318 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41318/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41318 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41318/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41318/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41318 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system. For more information: SA41299 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://rhn.redhat.com/errata/RHSA-2010-0680.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 19:12:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 04:12:26 +0200 Subject: [SEC] [SA41314] IP.Board Script Insertion Vulnerability Message-ID: <201009090212.o892CQ0D003647@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IP.Board Script Insertion Vulnerability SECUNIA ADVISORY ID: SA41314 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41314/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41314 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41314/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41314/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41314 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IP.Board, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified input related to BBCode is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is reported in version 3.1.2. Other versions may also be affected. SOLUTION: Apply the vendor patch. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://community.invisionpower.com/topic/320838-ipboard-31x-security-patch-released/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 19:44:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 04:44:29 +0200 Subject: [SEC] [SA41085] Apple Safari Multiple Vulnerabilities Message-ID: <201009090244.o892iTCO024989@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41085 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41085/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41085 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41085/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41085/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41085 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to compromise a user's system. 1) An error in the handling of search paths can be exploited to execute arbitrary code when Safari is launched by opening a file in a directory that also contains a specially crafted executable. NOTE: This vulnerability does not affected Mac OS X systems. 2) An input validation error in the handling of floating point data types can be exploited to corrupt memory and execute arbitrary code when a user visits a specially crafted web page. 3) A use-after-free error in the handling of elements with run-in styling can be exploited to corrupt memory and execute arbitrary code when a user visits a specially crafted web page. SOLUTION: Update to version 5.0.2 (Mac OS X 10.5.8, Mac OS X 10.6.2 or later, or Windows 7, Vista, or XP SP2) or 4.1.2 (Mac OS X 10.4.11 or Mac OS X 10.5.8). PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Simon Raner, ACROS Security 2) Luke Wagner, Mozilla 3) wushi of team509, working with ZDI ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4333 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 20:09:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 05:09:23 +0200 Subject: [SEC] [SA41343] HP ProLiant Onboard Administrator Powered By LO100i Denial of Service Message-ID: <201009090309.o8939NL0013608@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP ProLiant Onboard Administrator Powered By LO100i Denial of Service SECUNIA ADVISORY ID: SA41343 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41343/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41343 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41343/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41343/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41343 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP ProLiant Onboard Administrator Powered By LO100i (formerly Lights-Out 100 Remote Management), which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability affects the following ProLiant G6 Series servers with Lights-Out 100 Remote Management firmware version 4.04 and previous: * HP ProLiant DL160 G6 * HP ProLiant DL160se G6 * HP ProLiant DL180 G6 * HP ProLiant ML150 G6 * HP ProLiant DL 170h G6 * HP ProLiant DL2x170h G6 * HP ProLiant DL4x170h G6 * HP ProLiant SL160z G6 * HP ProLiant SL170z G6 * HP ProLiant SL2x170z G6 * HP ProLiant ML110 G6 * HP ProLiant DL120 G6 SOLUTION: Update to firmware version 4.06 or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02574 SSRT100038: https://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02498412 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 20:23:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 05:23:18 +0200 Subject: [SEC] [SA41121] Nagios XI Status/Dashboard Pages Cross-Site Scripting Vulnerabilities Message-ID: <201009090323.o893NIlD001653@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Nagios XI Status/Dashboard Pages Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA41121 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41121/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41121 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41121/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41121/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41121 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Nagios XI, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input passed to the status and dashboard pages is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 2009R1.3B. SOLUTION: Update to version 2009R1.3B. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://assets.nagios.com/downloads/nagiosxi/CHANGES.TXT OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 20:44:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 05:44:19 +0200 Subject: [SEC] [SA41329] Red Hat update for thunderbird Message-ID: <201009090344.o893iJmH022542@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for thunderbird SECUNIA ADVISORY ID: SA41329 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41329/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41329 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41329/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41329/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41329 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system. For more information: SA41304 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: https://rhn.redhat.com/errata/RHSA-2010-0682.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 21:10:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 06:10:26 +0200 Subject: [SEC] [SA41304] Mozilla Thunderbird Multiple Vulnerabilities Message-ID: <201009090410.o894AQ3w011204@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Mozilla Thunderbird Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41304 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41304/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41304 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41304/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41304/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41304 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41297 SOLUTION: Update to version 3.1.3 or 3.0.7. ORIGINAL ADVISORY: Mozilla: http://www.mozilla.org/security/announce/2010/mfsa2010-49.html http://www.mozilla.org/security/announce/2010/mfsa2010-50.html http://www.mozilla.org/security/announce/2010/mfsa2010-51.html http://www.mozilla.org/security/announce/2010/mfsa2010-53.html http://www.mozilla.org/security/announce/2010/mfsa2010-54.html http://www.mozilla.org/security/announce/2010/mfsa2010-55.html http://www.mozilla.org/security/announce/2010/mfsa2010-56.html http://www.mozilla.org/security/announce/2010/mfsa2010-57.html http://www.mozilla.org/security/announce/2010/mfsa2010-58.html http://www.mozilla.org/security/announce/2010/mfsa2010-59.html http://www.mozilla.org/security/announce/2010/mfsa2010-60.html http://www.mozilla.org/security/announce/2010/mfsa2010-61.html http://www.mozilla.org/security/announce/2010/mfsa2010-62.html http://www.mozilla.org/security/announce/2010/mfsa2010-63.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 21:24:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 06:24:38 +0200 Subject: [SEC] [SA41339] Beehive Forum Cross-Site Scripting and Request Forgery Vulnerabilities Message-ID: <201009090424.o894OcSR031718@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Beehive Forum Cross-Site Scripting and Request Forgery Vulnerabilities SECUNIA ADVISORY ID: SA41339 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41339/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41339 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41339/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41339/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41339 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in Beehive Forum, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrator's password by tricking a logged in administrative user into visiting a malicious web site. 2) Input passed via the "webtag" parameter to various scripts is not properly sanitised before being returned to the user via include/html.inc.php. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Examples: http://[host]/index.php?webtag=[code] http://[host]/admin.php?webtag=[code] http://[host]/logon.php?webtag=[code] http://[host]/pm.php?webtag=[code] http://[host]/post.php?webtag=[code] The vulnerabilities are confirmed in version 0.9.1. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Sweet OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 21:44:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 06:44:39 +0200 Subject: [SEC] [SA41334] ColdGen ColdBookmarks "BookmarkID" SQL Injection Vulnerability Message-ID: <201009090444.o894idtW020106@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ColdGen ColdBookmarks "BookmarkID" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41334 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41334/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41334 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41334/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41334/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41334 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ColdGen ColdBookmarks, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "BookmarkID" parameter to index.cfm (when "fuseaction" is set to "EditBookmark") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.22. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: mr_me OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 8 22:09:34 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 07:09:34 +0200 Subject: [SEC] [SA41299] Mozilla SeaMonkey Multiple Vulnerabilities Message-ID: <201009090509.o8959YLf008722@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Mozilla SeaMonkey Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41299 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41299/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41299 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41299/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41299/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41299 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41297 SOLUTION: Update to version 2.0.7. ORIGINAL ADVISORY: Mozilla: http://www.mozilla.org/security/announce/2010/mfsa2010-49.html http://www.mozilla.org/security/announce/2010/mfsa2010-50.html http://www.mozilla.org/security/announce/2010/mfsa2010-51.html http://www.mozilla.org/security/announce/2010/mfsa2010-53.html http://www.mozilla.org/security/announce/2010/mfsa2010-54.html http://www.mozilla.org/security/announce/2010/mfsa2010-55.html http://www.mozilla.org/security/announce/2010/mfsa2010-56.html http://www.mozilla.org/security/announce/2010/mfsa2010-57.html http://www.mozilla.org/security/announce/2010/mfsa2010-58.html http://www.mozilla.org/security/announce/2010/mfsa2010-60.html http://www.mozilla.org/security/announce/2010/mfsa2010-61.html http://www.mozilla.org/security/announce/2010/mfsa2010-62.html http://www.mozilla.org/security/announce/2010/mfsa2010-63.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 10:29:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 19:29:32 +0200 Subject: [SEC] [SA41389] SmarterStats "url" Cross-Site Scripting Vulnerability Message-ID: <201009091729.o89HTWUe023276@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SmarterStats "url" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41389 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41389/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41389 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41389/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41389/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41389 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SmarterStats, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "url" parameter to UserControls/Popups/frmHelp.aspx is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 5.3.3819. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: David Hoyt ORIGINAL ADVISORY: http://cloudscan.blogspot.com/2010/09/vendorsmarterstats-bug-cross-site.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 11:29:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 20:29:23 +0200 Subject: [SEC] [SA41309] Qualcomm eXtensible Diagnostic Monitor (QXDM) Insecure Library Loading Vulnerability Message-ID: <201009091829.o89ITNrT013474@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Qualcomm eXtensible Diagnostic Monitor (QXDM) Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41309 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41309/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41309 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41309/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41309/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41309 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Qualcomm eXtensible Diagnostic Monitor (QXDM), which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. mfc71enu.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening ISF files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 03.09.19. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: hevnsnt ORIGINAL ADVISORY: http://www.exploit-db.com/dll-hijacking-vulnerable-applications/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 12:29:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 21:29:28 +0200 Subject: [SEC] [SA41356] Apache Traffic Server DNS Cache Poisoning Vulnerability Message-ID: <201009091929.o89JTS31003644@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Apache Traffic Server DNS Cache Poisoning Vulnerability SECUNIA ADVISORY ID: SA41356 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41356/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41356 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41356/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41356/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41356 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Tim Brown has reported a vulnerability in Apache Traffic Server, which can be exploited by malicious people to poison the DNS cache. The vulnerability is caused due to the application not sufficiently randomising the DNS transaction ID and the source port number, which can be exploited to poison the DNS cache. The vulnerability is reported in versions prior to 2.0.1. SOLUTION: Update to version 2.0.1. PROVIDED AND/OR DISCOVERED BY: Tim Brown, Nth Dimension. ORIGINAL ADVISORY: Apache: https://issues.apache.org/jira/browse/TS-425 Tim Brown: http://www.nth-dimension.org.uk/pub/NDSA20100830.txt.asc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 13:29:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 22:29:22 +0200 Subject: [SEC] [SA41351] Ubuntu update for mountall Message-ID: <201009092029.o89KTMSk026251@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for mountall SECUNIA ADVISORY ID: SA41351 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41351/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41351 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41351/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41351/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41351 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for mountall. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the file "root.rules" being created with insecure permissions (world-writable). This can be exploited to cause udev to execute commands with root privileges. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Alasdair MacGregor ORIGINAL ADVISORY: USN-985-1: http://www.ubuntu.com/usn/usn-985-1 Lauchpad: https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/591807 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 14:23:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 23:23:37 +0200 Subject: [SEC] [SA41323] SUSE update for kernel Message-ID: <201009092123.o89LNbfg016188@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41323 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41323/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41323 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41323/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41323/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41323 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to conduct DNS cache poisoning attacks, disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA40691 SA41035 1) An integer overflow within the "btrfs_ioctl_clone" function in fs/btrfs/ioctl.c can be exploited to e.g. disclose sensitive information. 2) Incorrect permission checks within the "btrfs_ioctl_clone" function in fs/btrfs/ioctl.c can be exploited to overwrite append-only files. 3) An error in the Novell Client novfs /proc interface can be exploited to cause a DoS (Denial of Service) and potentially execute code with kernel privileges. SOLUTION: Apply updated packages via YaST Online Update or SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2010:039: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00003.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 14:44:49 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Sep 2010 23:44:49 +0200 Subject: [SEC] [SA41327] FestOS Multiple Vulnerabilities Message-ID: <201009092144.o89LinYq004608@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: FestOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41327 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41327/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41327 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41327/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41327/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41327 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in FestOS, which can be exploited by malicious people to disclose potentially sensitive information or conduct cross-site scripting and SQL injection attacks. 1) Input passed to the "theme" parameter in index.php, artists.php, contacts.php, applications.php, entertainers.php, exhibitors.php, foodvendors.php, performanceschedule.php, sponsors.php, and winners.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. 2) Input passed to the "category" parameter in foodvendors.php (when "view" is set to "details" and "vendorID" is set to any number) is not properly sanitised in festos_foodvendors.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "username" parameter to admin/do_login.php and via the "email" and "password" parameters to festos_z_dologin.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 2.3b. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. PROVIDED AND/OR DISCOVERED BY: Abysssec ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/14948/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 15:11:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 00:11:37 +0200 Subject: [SEC] [SA41357] Cisco Wireless LAN Controllers Multiple Vulnerabilities Message-ID: <201009092211.o89MBb4i025818@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco Wireless LAN Controllers Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41357 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41357/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41357 RELEASE DATE: 2010-09-09 DISCUSS ADVISORY: http://secunia.com/advisories/41357/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41357/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41357 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Cisco Wireless LAN Controllers, which can be exploited by malicious users to cause a DoS (Denial of Service) or perform certain actions with escalated privileges and by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions. 1) An error when parsing Internet Key Exchange (IKE) messages can be exploited to trigger an appliance reload via specially crafted packets sent to UDP port 500. 2) An error when parsing HTTP packets can be exploited by authenticated users to trigger an appliance reload via specially crafted HTTP packets. Successful exploitation requires a complete TCP three-way handshake. 3) Three unspecified errors can be exploited by authenticated users having read-only privileges to change the device configuration. 4) Two errors in the implementation of the CPU-based ACLs can be exploited to bypass certain policies. The vulnerabilities are reported in the following products: * Cisco 2000 Series WLCs * Cisco 2100 Series WLCs * Cisco 4100 Series WLCs * Cisco 4400 Series WLCs * Cisco 5500 Series WLCs * Cisco Wireless Services Modules (WiSMs) * Cisco WLC Modules for Integrated Services Routers (ISRs) * Cisco Catalyst 3750G Integrated WLCs SOLUTION: Update to a fixed version (Please see vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100908-wlc: http://www.cisco.com/warp/public/707/cisco-sa-20100908-wlc.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 15:45:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 00:45:56 +0200 Subject: [SEC] [SA41362] Member Management System "REF_URL" Cross-Site Scripting Vulnerability Message-ID: <201009092245.o89MjuiP014853@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Member Management System "REF_URL" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41362 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41362/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41362 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41362/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41362/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41362 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: r0t has reported a vulnerability in Member Management System, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "REF_URL" parameter to admin/index.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 4.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: r0t ORIGINAL ADVISORY: http://pridels-team.blogspot.com/2010/09/member-management-system-v-40-xss-vuln.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 16:11:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 01:11:36 +0200 Subject: [SEC] [SA41367] RSA Access Manager Agent Security Bypass Vulnerability Message-ID: <201009092311.o89NBanY003498@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: RSA Access Manager Agent Security Bypass Vulnerability SECUNIA ADVISORY ID: SA41367 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41367/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41367 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41367/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41367/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41367 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RSA Access Manager Agent, which can be exploited by malicious people to bypass certain security restrictions and disclose potentially sensitive information. The vulnerability exists due to an unspecified error and can be exploited to bypass authentication and disclose potentially sensitive information. The vulnerability is reported in version 4.7.1 with RSA Adaptive Authentication Integration. SOLUTION: Apply hotfix 4.7.1.7 or greater. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: ESA-2010-016: http://archives.neohapsis.com/archives/bugtraq/2010-09/0057.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 16:46:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 01:46:25 +0200 Subject: [SEC] [SA41368] RSA Access Manager Server Security Bypass Vulnerability Message-ID: <201009092346.o89NkPNX024950@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: RSA Access Manager Server Security Bypass Vulnerability SECUNIA ADVISORY ID: SA41368 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41368/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41368 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41368/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41368/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41368 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RSA Access Manager Server, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability exists due to an unspecified error during a cache update and can be exploited to gain unauthorized access to protected resources. The vulnerability is reported in the following products: * RSA Access Manager Server version 5.5.3 * RSA Access Manager Server version 6.0.4 * RSA Access Manager Server version 6.1 SOLUTION: Apply hotfixes. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: ESA-2010-014: http://archives.neohapsis.com/archives/bugtraq/2010-09/0056.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 17:11:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 02:11:06 +0200 Subject: [SEC] [SA41371] Fedora update for firefox and xulrunner Message-ID: <201009100011.o8A0B6uW013555@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for firefox and xulrunner SECUNIA ADVISORY ID: SA41371 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41371/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41371 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41371/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41371/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41371 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41297 SOLUTION: Apply updated packages using the yum utility ("yum update firefox xulrunner"). ORIGINAL ADVISORY: FEDORA-2010-14362 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047279.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047281.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 17:43:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 02:43:09 +0200 Subject: [SEC] [SA41347] Ubuntu update for thunderbird Message-ID: <201009100043.o8A0h9hN002443@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for thunderbird SECUNIA ADVISORY ID: SA41347 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41347/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41347 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41347/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41347/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41347 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41304 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-978-1: http://www.ubuntu.com/usn/usn-978-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 17:55:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 02:55:15 +0200 Subject: [SEC] [SA41370] Fedora update for thunderbird Message-ID: <201009100055.o8A0tFbd022915@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for thunderbird SECUNIA ADVISORY ID: SA41370 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41370/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41370 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41370/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41370/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41370 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41304 SOLUTION: Apply updated packages via the yum utility ("yum update thunderbird"). ORIGINAL ADVISORY: FEDORA-2010-14351: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047239.html FEDORA-2010-14352: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047241.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 18:08:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 03:08:45 +0200 Subject: [SEC] [SA41378] Linux Kernel "niu_get_ethtool_tcam_all()" Buffer Overflow Vulnerability Message-ID: <201009100108.o8A18jXR011022@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel "niu_get_ethtool_tcam_all()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41378 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41378/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41378 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41378/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41378/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41378 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to a boundary error within the "niu_get_ethtool_tcam_all()" function in drivers/net/niu.c, which can be exploited to e.g. cause a kernel crash by sending a specially crafted ETHTOOL_GRXCLSRLALL IOCTL. Successful exploitation requires that the Sun Neptune ethernet driver (NIU) is used. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Ben Hutchings ORIGINAL ADVISORY: http://www.spinics.net/lists/netdev/msg140133.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 18:23:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 03:23:56 +0200 Subject: [SEC] [SA41328] Apple iOS Multiple Vulnerabilities Message-ID: <201009100123.o8A1NuDU031582@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41328 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41328/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41328 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41328/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41328/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41328 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities and a weakness have been reported in Apple iOS, which can be exploited by malicious people to bypass certain security restrictions or to compromise a user's system. 1) An error can result in VoiceOver not announcing the use of location services of an application. 2) An error within the handling of invalid certificates in FaceTime can be exploited to redirect FaceTime calls. 3) An unspecified error within the processing of TIFF images in ImageIO can be exploited to corrupt memory and potentially execute arbitrary code via a specially crafted TIFF image. 4) An error within the processing of GIF images in ImageIO can be exploited to cause a buffer overflow and potentially execute arbitrary code via a specially crafted GIF image. 5) Multiple vulnerabilities in WebKit can be exploited by malicious people to bypass certain security restrictions or compromise a user's system. For more information: SA40105 SA40664 6) A double free error in WebKit when rendering inline elements can be exploited to corrupt memory and execute arbitrary code when a user visits a specially crafted web site. 7) A use-after-free error in WebKit when handling selections can be exploited to corrupt memory and execute arbitrary code when a user visits a specially crafted web site. 8) An unspecified error in WebKit when rendering HTML object outlines can be exploited to corrupt memory and potentially execute arbitrary code when a user visits a specially crafted web site. 9) An unspecified error in WebKit when handling form menus can be exploited to corrupt memory and potentially execute arbitrary code when a user visits a specially crafted web site. 10) A use-after-free error in WebKit within the handling of scrollbars can be exploited to corrupt memory and execute arbitrary code when a user visits a specially crafted web site. SOLUTION: Update to to iOS 4.1 (downloadable and installable via iTunes). PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Robin Kipp, Forever Living Products Europe 2) Aaron Sigel, vtty.com 4) Tom Ferris, Adobe PSIRT 6) James Robinson, Google, Inc 7) Ojan Vafai, Google, Inc 8) Jose A. Vazquez, spa-s3c.blogspot.com 9) Csaba Osztrogonac, University of Szeged 10) Tony Chang, Google, Inc ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4334 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 18:44:13 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 03:44:13 +0200 Subject: [SEC] [SA41216] Edge-corE ES4649 Switch Password Security Issue Message-ID: <201009100144.o8A1iDdo019974@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Edge-corE ES4649 Switch Password Security Issue SECUNIA ADVISORY ID: SA41216 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41216/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41216 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41216/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41216/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41216 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Edge-corE ES4649 switch, which can be exploited by malicious people to potentially compromise a vulnerable device. The security issue is caused due to the hardcoded user "__super" using a password that is generated from the MAC address. This can be exploited to gain administrative access to the device. SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists). PROVIDED AND/OR DISCOVERED BY: Edwin Eefting, Erik Smit, and Erwin Drent. ORIGINAL ADVISORY: http://www.vettebak.nl/hak/accton.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 19:14:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 04:14:31 +0200 Subject: [SEC] [SA41349] Ubuntu update for firefox and xulrunner Message-ID: <201009100214.o8A2EVCF009330@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for firefox and xulrunner SECUNIA ADVISORY ID: SA41349 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41349/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41349 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41349/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41349/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41349 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41297 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-975-1: http://www.ubuntu.com/usn/usn-975-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 19:44:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 04:44:28 +0200 Subject: [SEC] [SA41374] Fedora update for kernel Message-ID: <201009100244.o8A2iSNk030549@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA41374 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41374/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41374 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41374/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41374/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41374 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA41234 SA41245 SA41263 SOLUTION: Apply updated packages via the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2010-14235: https://admin.fedoraproject.org/updates/kernel-2.6.34.6-54.fc13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 20:09:14 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 05:09:14 +0200 Subject: [SEC] [SA41373] Fedora update for libgdiplus Message-ID: <201009100309.o8A39Egx019159@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for libgdiplus SECUNIA ADVISORY ID: SA41373 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41373/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41373 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41373/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41373/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41373 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libgdiplus. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library. For more information: SA40792 SOLUTION: Apply updated packages via the yum utility ("yum update libgdiplus"). ORIGINAL ADVISORY: FEDORA-2010-13695: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047252.html FEDORA-2010-13698: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047268.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 20:23:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 05:23:20 +0200 Subject: [SEC] [SA41372] Fedora update for slim Message-ID: <201009100323.o8A3NKbH007285@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for slim SECUNIA ADVISORY ID: SA41372 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41372/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41372 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41372/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41372/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41372 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for slim. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA41005 SOLUTION: Apply updated packages via the yum utility ("yum update slim"). ORIGINAL ADVISORY: FEDORA-2010-13890: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047297.html FEDORA-2010-13897: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047248.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 20:44:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 05:44:20 +0200 Subject: [SEC] [SA41331] Debian update for xulrunner Message-ID: <201009100344.o8A3iKpW028095@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for xulrunner SECUNIA ADVISORY ID: SA41331 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41331/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41331 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41331/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41331/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41331 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41297 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA 2106-1: http://lists.debian.org/debian-security-announce/2010/msg00153.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 21:09:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 06:09:30 +0200 Subject: [SEC] [SA41385] Drupal Yr Weatherdata Module SQL Injection Vulnerability Message-ID: <201009100409.o8A49Uor016733@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Yr Weatherdata Module SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41385 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41385/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41385 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41385/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41385/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41385 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Yr Weatherdata module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks. Certain input passed via the sort method is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to Yr Weatherdata 6.x-1.6. SOLUTION: Update to version Yr Weatherdata 6.x-1.6 or later. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: SA-CONTRIB-2010-090: http://drupal.org/node/905686 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 21:23:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 06:23:22 +0200 Subject: [SEC] [SA41361] HP Data Protector Express Denial of Service and Privilege Escalation Message-ID: <201009100423.o8A4NMNC004820@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP Data Protector Express Denial of Service and Privilege Escalation SECUNIA ADVISORY ID: SA41361 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41361/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41361 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41361/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41361/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41361 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Data Protector Express, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges. The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in the following products running on Windows, Linux, and Novell NetWare: * HP Data Protector Express 3.x and HP Data Protector Express SSE 3.x prior to build 56936 * HP Data Protector Express 4.x and HP Data Protector Express SSE 4.x prior to build 56906 SOLUTION: Update to 3.5 SP2 build 56936 or later and to 4.0 SP1 build 56906 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits AbdulAziz Hariri of Insight Technologies via ZDI. ORIGINAL ADVISORY: HPSBMA02576 SSRT090231: http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02498535 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 21:44:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 06:44:26 +0200 Subject: [SEC] [SA41330] Elastix "download_csv.php" Extension Configuration Information Disclosure Message-ID: <201009100444.o8A4iQOu025659@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Elastix "download_csv.php" Extension Configuration Information Disclosure SECUNIA ADVISORY ID: SA41330 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41330/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41330 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41330/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41330/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41330 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Francois Harvey has reported a vulnerability in Elastix, which can be exploited by malicious people to gain knowledge of sensitive information. The vulnerability is caused due missing access restrictions for the core/extensions_batch/libs/download_csv.php script, which can be exploited to disclose extension configuration information (including e.g. usernames and passwords) by accessing the script directly. SOLUTION: Fixed in the SVN repository. Reportedly also fixed in version 2.0. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Francois Harvey, gestion medsecure ORIGINAL ADVISORY: Francois Harvey: http://francoisharvey.ca/2010/09/elastix-unsecure-configuration/ Elastix: http://elastix.svn.sourceforge.net/viewvc/elastix?view=revision&revision=1550 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 9 22:09:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 07:09:18 +0200 Subject: [SEC] [SA41376] Fedora update for libmikmod Message-ID: <201009100509.o8A59IVW014277@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for libmikmod SECUNIA ADVISORY ID: SA41376 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41376/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41376 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41376/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41376/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41376 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libmikmod. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA37775 SOLUTION: Apply updated packages via the yum utility ("yum update libmikmod"). ORIGINAL ADVISORY: FEDORA-2010-13702: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047224.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 10:28:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 19:28:24 +0200 Subject: [SEC] [SA41364] Red Hat update for tomcat5 Message-ID: <201009101728.o8AHSODU002627@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for tomcat5 SECUNIA ADVISORY ID: SA41364 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41364/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41364 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41364/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41364/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41364 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for tomcat5. This fixes multiple vulnerabilities, which can be exploited by malicious users to manipulate certain data and by malicious people to disclose certain system information, manipulate certain data, and cause a DoS (Denial of Service). For more information: SA38316 SA39574 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0693-1: http://rhn.redhat.com/errata/RHSA-2010-0693.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 11:28:04 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 20:28:04 +0200 Subject: [SEC] [SA41394] ProductCart "redirectUrl" Cross-Site Scripting Vulnerability Message-ID: <201009101828.o8AIS4sZ025239@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ProductCart "redirectUrl" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41394 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41394/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41394 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41394/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41394/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41394 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: DisK0nn3cT has reported a vulnerability in ProductCart, which can be exploited by malicious people to conduct cross-site scripting vulnerability. Input passed via the "redirectUrl" parameter to AffiliateLogin.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 4.1 SP 1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: DisK0nn3cT ORIGINAL ADVISORY: https://www.upsploit.com/index.php/advisories/view/UPS-2010-0002 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 12:28:00 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 21:28:00 +0200 Subject: [SEC] [SA41337] Mednafen Network Support Unspecified Vulnerabilities Message-ID: <201009101928.o8AJS0Rs015439@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Mednafen Network Support Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA41337 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41337/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41337 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41337/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41337/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41337 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Mednafen, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to unspecified errors within the network support, which can be exploited to e.g. corrupt stack memory by tricking a user into connecting to a malicious Mednafen server. The vulnerabilities are reported in versions prior to 0.8.D. SOLUTION: Update to version 0.8.D or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://mednafen.sourceforge.net/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 13:28:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 22:28:25 +0200 Subject: [SEC] [SA41366] Car Portal "y" Cross-Site Scripting Vulnerability Message-ID: <201009102028.o8AKSP9t005634@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Car Portal "y" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41366 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41366/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41366 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41366/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41366/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41366 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Car Portal, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "y" parameter to include/images.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 2.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: r0t ORIGINAL ADVISORY: r0t: http://pridels-team.blogspot.com/2010/09/netartmedia-car-portal-v20-xss-vuln.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 14:23:44 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 23:23:44 +0200 Subject: [SEC] [SA41383] Debian update for couchdb Message-ID: <201009102123.o8ALNidV028020@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for couchdb SECUNIA ADVISORY ID: SA41383 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41383/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41383 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41383/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41383/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41383 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for couchdb. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges. The weakness is caused due to the library search path "LD_LIBRARY_PATH" environment variable being set to include the current working directory. This can be exploited to load arbitrary libraries by tricking an administrative user to run the application from the attacker's directory. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: DSA-2107-1: http://www.us.debian.org/security/2010/dsa-2107 Dan Rosenberg: http://www.openwall.com/lists/oss-security/2010/08/25/7 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 14:44:16 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Sep 2010 23:44:16 +0200 Subject: [SEC] [SA41398] BlackBerry Desktop Software Insecure Library Loading Vulnerability Message-ID: <201009102144.o8ALiGqj016429@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: BlackBerry Desktop Software Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41398 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41398/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41398 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41398/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41398/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41398 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the BlackBerry Desktop Software, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. For more information: SA41346 SOLUTION: Upgrade to version 6.0.0.47. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits ACROS Security. ORIGINAL ADVISORY: BlackBerry KB24242: http://www.blackberry.com/btsc/KB24242 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 15:09:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 00:09:02 +0200 Subject: [SEC] [SA41369] PowerStore "totalRows_WADAProducts" Cross-Site Scripting Vulnerability Message-ID: <201009102209.o8AM92xw005114@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: PowerStore "totalRows_WADAProducts" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41369 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41369/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41369 RELEASE DATE: 2010-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/41369/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41369/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41369 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in PowerStore, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "totalRows_WADAProducts" parameter to Products_Results.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 3. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: r0t ORIGINAL ADVISORY: r0t: http://pridels-team.blogspot.com/2010/09/powerstore-3-xss-vuln.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 15:23:48 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 00:23:48 +0200 Subject: [SEC] [SA41360] Fedora update for phpMyAdmin Message-ID: <201009102223.o8AMNmpY025688@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for phpMyAdmin SECUNIA ADVISORY ID: SA41360 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41360/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41360 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41360/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41360/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41360 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for phpMyAdmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA41210 SOLUTION: Apply updated packages via the yum utility ("yum update phpMyAdmin"). ORIGINAL ADVISORY: FEDORA-2010-14411: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047378.html FEDORA-2010-14426: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047381.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 15:44:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 00:44:43 +0200 Subject: [SEC] [SA41352] CubeCart Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201009102244.o8AMihMh014102@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: CubeCart Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41352 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41352/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41352 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41352/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41352/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41352 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in CubeCart, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed to the "amount", "cartId", "email", "transId", and "transStatus" parameters in modules/gateway/WorldPay/return.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "searchStr" parameter to index.php (when "_a" is set to "viewCat") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 4.3.3. Other versions may also be affected. SOLUTION: Reportedly fixed in version 4.4.2. PROVIDED AND/OR DISCOVERED BY: Bogdan Calin, Acunetix. ORIGINAL ADVISORY: http://www.acunetix.com/blog/web-security-zone/articles/sql-injection-xss-cubecart-4-3-3/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 16:10:53 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 01:10:53 +0200 Subject: [SEC] [SA41346] BlackBerry Desktop Software Insecure Library Loading Vulnerability Message-ID: <201009102310.o8ANArv7002744@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: BlackBerry Desktop Software Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41346 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41346/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41346 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41346/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41346/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41346 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the BlackBerry Desktop Software, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a file associated with the BlackBerry Desktop Software located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that the BlackBerry Desktop Manager is running. The vulnerability is reported in all versions of the BlackBerry Desktop Software. SOLUTION: Update to version 6.0.0.47. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits ACROS Security. ORIGINAL ADVISORY: BlackBerry KB24242: http://www.blackberry.com/btsc/KB24242 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 16:45:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 01:45:31 +0200 Subject: [SEC] [SA41380] Futomi's CGI Cafe Analysis of High-Performance Access CGI Cross-Site Scripting Vulnerability Message-ID: <201009102345.o8ANjVC2024219@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Futomi's CGI Cafe Analysis of High-Performance Access CGI Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41380 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41380/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41380 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41380/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41380/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41380 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Futomi's CGI Cafe Analysis of High-Performance Access CGI, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in the following versions: * Access Analyzer CGI Professional Version * Access Analyzer CGI Standard Version 4.0.2 and earlier SOLUTION: The vendor recommends to use the "Method to load js files for tags within the head tag". Please see the vendor's advisory for more details. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: JVN credits Katsumi Kobayashi, NRI Secure Technologies. ORIGINAL ADVISORY: Futomi: http://www.futomi.com/library/info/2010/20100910.html JVN: http://jvn.jp/en/jp/JVN35605523/index.html http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000035.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 17:12:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 02:12:01 +0200 Subject: [SEC] [SA41359] ES Simple Download "file" File Disclosure Vulnerability Message-ID: <201009110012.o8B0C1ca012921@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ES Simple Download "file" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA41359 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41359/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41359 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41359/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41359/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41359 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ES Simple Download, which can be exploited by malicious users to disclose sensitive information. Input passed via the "file" parameter to download.php (when "PHPSESSID" is set) is not properly verified before being used to read files. This can be exploited to read arbitrary files from local resources via directory traversal sequences. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Kazza OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 17:44:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 02:44:36 +0200 Subject: [SEC] [SA41344] IBM Records Manager Multiple Vulnerabilities Message-ID: <201009110044.o8B0iaEb001810@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM Records Manager Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41344 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41344/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41344 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41344/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41344/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41344 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in IBM Records Manager, which can be exploited by malicious people to disclose sensitive information or conduct cross-site scripting and spoofing attacks. 1) The application may use passwords in clear text in unspecified requests. 2) Unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Unspecified input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. The vulnerabilities are reported in version 4.5.1. Prior versions may also be affected. SOLUTION: Update to version 4.5.1.1-IER-FP001 and only use SSL connections. PROVIDED AND/OR DISCOVERED BY: Reported to the vendor by a customer. ORIGINAL ADVISORY: IBM (PJ37426): http://www-01.ibm.com/support/docview.wss?uid=swg1PJ37426 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 18:09:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 03:09:39 +0200 Subject: [SEC] [SA41221] QuickBooks Insecure Library Loading Vulnerability Message-ID: <201009110109.o8B19d6Q022879@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: QuickBooks Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41221 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41221/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41221 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41221/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41221/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41221 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in QuickBooks, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dbicudtx11.dll, mfc90enu.dll, and mfc90loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a DES, QBO, or QPG file located on a remote WebDAV or SMB share. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in QuickBooks Pro 2010. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by an unknown person. ORIGINAL ADVISORY: http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 18:23:54 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 03:23:54 +0200 Subject: [SEC] [SA41353] Joomla Comlantis Visitors Google Map Module "lastMarkerID" SQL Injection Vulnerability Message-ID: <201009110123.o8B1Nsm6011011@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla Comlantis Visitors Google Map Module "lastMarkerID" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41353 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41353/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41353 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41353/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41353/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41353 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Comlantis Visitors Google Map module for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "lastMarkerID" parameter to modules/mod_visitorsgooglemap/map_data.php (when "action" is set to "listpoints") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.0.1 Lite. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Chip D3 Bi0s ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/14952/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 18:44:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 03:44:18 +0200 Subject: [SEC] [SA41336] Red Hat update for rpm Message-ID: <201009110144.o8B1iISX031812@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for rpm SECUNIA ADVISORY ID: SA41336 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41336/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41336 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41336/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41336/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41336 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for rpm. This fixes two weaknesses, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA40028 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0678-1: http://rhn.redhat.com/errata/RHSA-2010-0678.html RHSA-2010:0679-1: http://rhn.redhat.com/errata/RHSA-2010-0679.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 19:15:05 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 04:15:05 +0200 Subject: [SEC] [SA41312] Integard Home and Pro Web Interface Buffer Overflow Vulnerability Message-ID: <201009110215.o8B2F5Zb021164@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Integard Home and Pro Web Interface Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41312 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41312/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41312 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41312/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41312/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41312 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Integard Home and Pro, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the web interface when processing certain HTTP requests. This can be exploited to cause a stack-based buffer overflow by e.g. sending specially crafted HTTP POST requests containing an overly long "Password" parameter to the web interface. The vulnerability is reported in versions prior to Integard Home version 2.0.0.9037 and Integard Pro version 2.2.0.9037. SOLUTION: Update to version 2.2.0.9037 (Integard Pro) or 2.0.0.9037 (Integard Home). PROVIDED AND/OR DISCOVERED BY: Lincoln ORIGINAL ADVISORY: Lincoln: http://www.corelan.be:8800/advisories.php?id=CORELAN-10-061 Netgard: http://www.integard.com.au/Release_Notes_Home.htm http://www.integard.com.au/Release_Notes_Pro.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 19:44:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 04:44:01 +0200 Subject: [SEC] [SA41311] Ubuntu update for LFTP Message-ID: <201009110244.o8B2i1b5009963@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for LFTP SECUNIA ADVISORY ID: SA41311 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41311/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41311 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41311/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41311/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41311 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for LFTP. This fixes a weakness, which can be exploited by malicious people to bypass certain security features. For more information: SA39861 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-984-1: http://www.ubuntu.com/usn/usn-984-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 20:09:34 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 05:09:34 +0200 Subject: [SEC] [SA41324] Gentoo update for clamav Message-ID: <201009110309.o8B39YF3030976@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo update for clamav SECUNIA ADVISORY ID: SA41324 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41324/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41324 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41324/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41324/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41324 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for clamav. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass the scanning functionality, or potentially compromise a vulnerable system. For more information: SA39329 SA39895 SOLUTION: Update to "app-antivirus/clamav-0.96.1" or later. ORIGINAL ADVISORY: GLSA 201009-06: http://www.gentoo.org/security/en/glsa/glsa-201009-06.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 20:22:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 05:22:21 +0200 Subject: [SEC] [SA41294] WordPress Events Manager Extended Plugin Script Insertion Vulnerabilities Message-ID: <201009110322.o8B3ML7D019042@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: WordPress Events Manager Extended Plugin Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA41294 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41294/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41294 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41294/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41294/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41294 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in the Events Manager Extended plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "bookerName", "bookerEmail", "bookerPhone", and "bookerComment" POST parameters is not properly sanitised before being stored and returned to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires that event booking is enabled. The vulnerabilities are confirmed in version 3.1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Craw OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 20:43:05 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 05:43:05 +0200 Subject: [SEC] [SA41307] Ubuntu update for sudo Message-ID: <201009110343.o8B3h5di007454@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for sudo SECUNIA ADVISORY ID: SA41307 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41307/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41307 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41307/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41307/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41307 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA41316 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-983-1; http://www.ubuntu.com/usn/usn-983-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 20:54:55 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 05:54:55 +0200 Subject: [SEC] [SA41341] Red Hat update for kernel Message-ID: <201009110354.o8B3stJ1027868@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA41341 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41341 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41341/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41341/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41341 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges. For more information: SA40965 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010-0676: http://rhn.redhat.com/errata/RHSA-2010-0676.html RHSA-2010-0677: http://rhn.redhat.com/errata/RHSA-2010-0677.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 10 21:08:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Sep 2010 06:08:36 +0200 Subject: [SEC] [SA41338] Red Hat update for sudo Message-ID: <201009110408.o8B48aFb015969@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for sudo SECUNIA ADVISORY ID: SA41338 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41338/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41338 RELEASE DATE: 2010-09-11 DISCUSS ADVISORY: http://secunia.com/advisories/41338/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41338/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41338 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA41316 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0675-1: https://rhn.redhat.com/errata/RHSA-2010-0675.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 10:28:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Sep 2010 19:28:40 +0200 Subject: [SEC] [SA41175] MailEnable SMTP Service Two Denial of Service Vulnerabilities Message-ID: <201009131728.o8DHSe9G008062@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MailEnable SMTP Service Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41175 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41175/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41175 RELEASE DATE: 2010-09-13 DISCUSS ADVISORY: http://secunia.com/advisories/41175/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41175/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41175 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered two vulnerabilities in MailEnable, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An insufficient length check when appending data to a predefined log message into a buffer using strcat_s() may result in an unhandled invalid parameter error. This can be exploited to crash the SMTP service (MESMTPC.exe) via an overly long email address in the "MAIL FROM" command. 2) An insufficient length check when copying data with a predefined log message into a buffer using strcpy_s() may result in an unhandled invalid parameter error. This can be exploited to crash the SMTP service (MESMTPC.exe) via an overly long domain name in the "RCPT TO" command. The vulnerabilities are confirmed in version 4.25 of Standard, Professional, and Enterprise editions. Other versions may also be affected. SOLUTION: Apply hotfix ME-10044 or update to version 4.26. PROVIDED AND/OR DISCOVERED BY: Dmitriy Pletnev, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2010-112/ MailEnable: http://www.mailenable.com/Standard-ReleaseNotes.txt http://www.mailenable.com/Professional-ReleaseNotes.txt http://www.mailenable.com/Enterprise-ReleaseNotes.txt http://www.mailenable.com/hotfix/default.asp OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 11:28:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Sep 2010 20:28:30 +0200 Subject: [SEC] [SA41441] Fedora update for udisks Message-ID: <201009131828.o8DISUYf030647@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for udisks SECUNIA ADVISORY ID: SA41441 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41441/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41441 RELEASE DATE: 2010-09-13 DISCUSS ADVISORY: http://secunia.com/advisories/41441/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41441/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41441 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for udisks. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the use of vulnerable LVM2 code. For more information: SA40759 SOLUTION: Apply updated packages via the yum utility ("yum update udisks"). ORIGINAL ADVISORY: FEDORA-2010-13708: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047498.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 12:28:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Sep 2010 21:28:23 +0200 Subject: [SEC] [SA41403] UltraEdit Insecure Library Loading Vulnerability Message-ID: <201009131928.o8DJSNig020853@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: UltraEdit Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41403 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41403/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41403 RELEASE DATE: 2010-09-13 DISCUSS ADVISORY: http://secunia.com/advisories/41403/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41403/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41403 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in UltraEdit, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a UENC file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 16.20.0.1009. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0227.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 13:28:13 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Sep 2010 22:28:13 +0200 Subject: [SEC] [SA41365] Piwigo Cross-Site Request Forgery Vulnerability Message-ID: <201009132028.o8DKSCPj011047@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Piwigo Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41365 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41365/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41365 RELEASE DATE: 2010-09-13 DISCUSS ADVISORY: http://secunia.com/advisories/41365/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41365/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41365 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Piwigo, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrator's password by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 2.1.2. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Sweet ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/14973/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 14:22:07 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Sep 2010 23:22:07 +0200 Subject: [SEC] [SA40983] Microsoft Visual C++ Redistributable Insecure Library Loading Vulnerability Message-ID: <201009132122.o8DLM7AU000908@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Visual C++ Redistributable Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA40983 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40983/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40983 RELEASE DATE: 2010-09-13 DISCUSS ADVISORY: http://secunia.com/advisories/40983/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/40983/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=40983 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Microsoft Visual C++ Redistributable, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due certain MFC libraries loading other libraries in an insecure manner (e.g. mfc90u.dll when loading dwmapi.dll). This can be exploited to load arbitrary libraries by tricking a user into opening a file located on a remote WebDAV or SMB share in an application linking against the vulnerable MFC libraries. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 9.0.30729.4148. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported by various people in a number of applications bundling vulnerable versions of Microsoft Visual C++ Redistributable. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 14:43:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Sep 2010 23:43:01 +0200 Subject: [SEC] [SA41379] Symphony CMS SQL Injection and Script Insertion Vulnerabilities Message-ID: <201009132143.o8DLh1LG021808@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Symphony CMS SQL Injection and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA41379 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41379/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41379 RELEASE DATE: 2010-09-13 DISCUSS ADVISORY: http://secunia.com/advisories/41379/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41379/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41379 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in Symphony CMS, which can be exploited by malicious people to conduct script insertion and SQL injection attacks. 1) Input passed via the "send-email[recipient]" parameter to about/ is not properly sanitised before being used in SQL queries in symphony/lib/toolkit/events/event.section.php. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via the "fields[website]" parameter while posting comments is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site when the malicious link is clicked. The vulnerabilities are confirmed in version 2.1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Jose Luis Gongora Fernandez (a.k.a) JosS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 15:00:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 00:00:35 +0200 Subject: [SEC] [SA41388] NCP Secure Entry Client Insecure Library Loading Vulnerability Message-ID: <201009132200.o8DM0ZB0010194@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: NCP Secure Entry Client Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41388 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41388/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41388 RELEASE DATE: 2010-09-13 DISCUSS ADVISORY: http://secunia.com/advisories/41388/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41388/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41388 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in NCP Secure Entry Client, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dvccsabase002.dll, conman.dll, kmpapi32.dll, and ncpmon2.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PCF or SPD file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 9.23 Build 17. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Anastasios Monachos ORIGINAL ADVISORY: http://www.exploit-db.com/dll-hijacking-vulnerable-applications/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 15:26:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 00:26:11 +0200 Subject: [SEC] [SA41400] IBM Lotus Symphony Insecure Library Loading Vulnerability Message-ID: <201009132226.o8DMQBd5031242@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM Lotus Symphony Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41400 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41400/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41400 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41400/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41400/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41400 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in IBM Lotus Symphony, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. eclipse_1114.dll and emser645mi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a ODT, STW, or SXW file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.3.0 Revision 20090908.0900. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bibm_lotus_symphony%5D_3-beta-4_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 15:46:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 00:46:35 +0200 Subject: [SEC] [SA41410] Nuance PDF Reader Insecure Library Loading Vulnerability Message-ID: <201009132246.o8DMkZgr019645@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Nuance PDF Reader Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41410 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41410/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41410 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41410/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41410/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41410 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Nuance PDF Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PDF file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 6.0. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant, YGN Ethical Hacker Group. ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bnuance_pdf_reader%5D_6.0_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 16:12:50 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 01:12:50 +0200 Subject: [SEC] [SA41411] Sorax Reader Insecure Library Loading Vulnerability Message-ID: <201009132312.o8DNCons008335@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Sorax Reader Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41411 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41411/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41411 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41411/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41411/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41411 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Sorax Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PDF file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.0.3129.70. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant, YGN Ethical Hacker Group. ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/[sorax_pdf_reader]_2.0_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 16:46:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 01:46:58 +0200 Subject: [SEC] [SA41408] Brava! Reader Insecure Library Loading Vulnerability Message-ID: <201009132346.o8DNkw7U029764@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Brava! Reader Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41408 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41408/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41408 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41408/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41408/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41408 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Brava! Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application installing a version of Microsoft Visual C++ 2008 Redistributable, which loads libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening an IGC Content Sealed Format (.csf) file located on a remote WebDAV or SMB share. For more information: SA40983 Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.3.0.18. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant, YGN Ethical Hacker Group. ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bbrava_pdf_reader%5D_3.3.0.18_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 17:12:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 02:12:11 +0200 Subject: [SEC] [SA41384] MailScanner "/tmp/MailScanner.autoupdate.lock" Denial of Service Weakness Message-ID: <201009140012.o8E0CBpx018420@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MailScanner "/tmp/MailScanner.autoupdate.lock" Denial of Service Weakness SECUNIA ADVISORY ID: SA41384 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41384/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41384 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41384/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41384/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41384 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in MailScanner, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The weakness is caused due to the "update_virus_scanners" script using /tmp/MailScanner.autoupdate.lock in an insecure manner to determine if it needs to perform an update run. This can be exploited to prevent the script from updating correctly by e.g. creating the lock file and keeping its modification time updated. The weakness is reported in version 4.81.4-1. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Reported by Raphael Geissert in a Debian bug report. ORIGINAL ADVISORY: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=596397 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 17:44:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 02:44:40 +0200 Subject: [SEC] [SA41426] Fedora update for lvm2 Message-ID: <201009140044.o8E0ie0g007361@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for lvm2 SECUNIA ADVISORY ID: SA41426 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41426/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41426 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41426/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41426/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41426 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for lvm2. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA40759 SOLUTION: Apply updated packages via the yum utility ("yum update lvm2"). ORIGINAL ADVISORY: FEDORA-2010-13708: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047499.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 18:09:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 03:09:43 +0200 Subject: [SEC] [SA41425] Fedora update for quagga Message-ID: <201009140109.o8E19hJd028383@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for quagga SECUNIA ADVISORY ID: SA41425 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41425/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41425 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41425/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41425/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41425 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for quagga. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA41038 SOLUTION: Apply updated packages using the yum utility ("yum update quagga"). ORIGINAL ADVISORY: FEDORA-2010-14002: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047510.html FEDORA-2010-14009: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047486.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 18:23:55 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 03:23:55 +0200 Subject: [SEC] [SA41418] Fedora update for libglpng Message-ID: <201009140123.o8E1NtPR016511@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for libglpng SECUNIA ADVISORY ID: SA41418 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41418/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41418 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41418/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41418/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41418 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libglpng. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA40354 SOLUTION: Apply updated packages using the yum utility ("yum update libglpng"). ORIGINAL ADVISORY: FEDORA-2010-14525: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047527.html FEDORA-2010-14529: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047552.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 18:44:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 03:44:51 +0200 Subject: [SEC] [SA41406] Kingsoft Office 2010 Insecure Library Loading Vulnerability Message-ID: <201009140144.o8E1ipBE004941@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Kingsoft Office 2010 Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41406 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41406/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41406 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41406/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41406/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41406 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Kingsoft Office 2010, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to e.g. the Kingsoft Presentation, Kingsoft Writer, and Kingsoft Spreadsheets applications loading libraries (e.g. plgpf.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening XLS, PPT, RTF, or DOC files located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 6.6.0.2477. Other versions may also be affected. SOLUTION: Aung Khant, YGN Ethical Hacker Group. PROVIDED AND/OR DISCOVERED BY: Do not open untrusted files. ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bkingsoft_office%5D_2010_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 19:14:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 04:14:36 +0200 Subject: [SEC] [SA41423] Fedora update for sudo Message-ID: <201009140214.o8E2Eapc026656@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for sudo SECUNIA ADVISORY ID: SA41423 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41423/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41423 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41423/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41423/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41423 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA41316 SOLUTION: Apply updated packages via the yum utility ("yum update sudo"). ORIGINAL ADVISORY: FEDORA-2010-14355: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047516.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 19:43:16 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 04:43:16 +0200 Subject: [SEC] [SA41386] Open Classifieds Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201009140243.o8E2hG10015440@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Open Classifieds Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA41386 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41386/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41386 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41386/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41386/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41386 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: r0t has discovered some vulnerabilities in Open Classifieds, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "desc", "price", "title", and "place" parameters to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "subject" parameter to content/contact.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 1.7.0.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: r0t ORIGINAL ADVISORY: r0t: http://pridels-team.blogspot.com/2010/09/open-classifieds-version-1702-xss-vuln.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 13 19:55:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 04:55:23 +0200 Subject: [SEC] [SA41382] pidgin-knotify "notify()" Command Injection Vulnerability Message-ID: <201009140255.o8E2tN5N003457@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: pidgin-knotify "notify()" Command Injection Vulnerability SECUNIA ADVISORY ID: SA41382 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41382/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41382 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41382/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41382/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41382 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in pidgin-knotify, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the "notify()" function in src/pidgin-knotify.c not properly sanitising input before using it in a call to "system()". This can be exploited to inject and execute arbitrary shell commands by e.g. sending specially crafted messages. The vulnerability is confirmed in version 0.2.1. Other versions may also be affected. SOLUTION: There's currently no known effective workaround. PROVIDED AND/OR DISCOVERED BY: Reported by Matthias Petschick in a Gentoo bug. ORIGINAL ADVISORY: Gentoo Bug #336916: https://bugs.gentoo.org/show_bug.cgi?id=336916 pidgin-knotify: http://code.google.com/p/pidgin-knotify/issues/detail?id=1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 10:27:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 19:27:56 +0200 Subject: [SEC] [SA41433] IBM Lotus Domino iCalendar Email Address Parsing Buffer Overflow Message-ID: <201009141727.o8EHRud2030325@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM Lotus Domino iCalendar Email Address Parsing Buffer Overflow SECUNIA ADVISORY ID: SA41433 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41433/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41433 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41433/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41433/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41433 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM Lotus Domino, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the "MailCheck821Address()" function within nnotes.dll when copying an email address using the "Cstrcpy()" library function. This can be exploited to cause a stack-based buffer overflow via an overly long "ORGANIZER" iCalendar header. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to: * 8.0.2 Fix Pack 5 * 8.5.1 Fix Pack 2 * 8.5.2 SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: A. Plaskett, MWR InfoSecurity. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21446515 MWR InfoSecurity: http://labs.mwrinfosecurity.com/advisories/lotus_domino_ical_stack_buffer_overflow/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 11:28:16 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 20:28:16 +0200 Subject: [SEC] [SA41375] Microsoft IIS FastCGI Request Header Buffer Overflow Vulnerability Message-ID: <201009141828.o8EISGUt020548@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft IIS FastCGI Request Header Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41375 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41375/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41375 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41375/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41375/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41375 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Internet Information Services, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of request headers and can be exploited to cause a buffer overflow via a specially crafted HTTP request. Successful exploitation requires that FastCGI is enabled (disabled by default). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Travis Raybold, Rubicon West. ORIGINAL ADVISORY: MS10-065 (KB2267960, KB2271195): http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 12:28:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 21:28:08 +0200 Subject: [SEC] [SA41412] Microsoft Windows RPC Response Processing Vulnerability Message-ID: <201009141928.o8EJS8Kc010737@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows RPC Response Processing Vulnerability SECUNIA ADVISORY ID: SA41412 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41412/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41412 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41412/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41412/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41412 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a memory allocation error in the parsing of RPC responses and can be exploited to corrupt memory when a specially crafted RPC response is being processed. Successful exploitation allows execution of arbitrary code, but requires that a client initiates an RPC request. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Yamata Li, Palo Alto Networks. ORIGINAL ADVISORY: MS10-066 (KB982802): http://www.microsoft.com/technet/security/bulletin/MS10-066.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 13:36:59 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 22:36:59 +0200 Subject: [SEC] [SA34075] Microsoft Outlook Content Parsing Integer Underflow Vulnerability Message-ID: <201009142036.o8EKaxWb019211@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Outlook Content Parsing Integer Underflow Vulnerability SECUNIA ADVISORY ID: SA34075 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/34075/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=34075 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/34075/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/34075/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=34075 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered a vulnerability in Microsoft Outlook, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer underflow error when parsing certain content and can be exploited to cause a heap-based buffer overflow via e.g. a specially crafted e-mail message. Successful exploitation may allow execution of arbitrary code, but requires that Outlook is connected to an Exchange server with Online Mode (not default setting for Outlook 2003 and 2007). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Dyon Balding, Secunia Research. ORIGINAL ADVISORY: MS10-064 (KB2288953, KB2293422, KB2293428, KB2315011): http://www.microsoft.com/technet/security/bulletin/ms10-064.mspx Secunia Research: http://secunia.com/secunia_research/2009-15/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 14:24:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 23:24:52 +0200 Subject: [SEC] [SA41421] Microsoft Exchange Server Outlook Web Access Cross-Site Request Forgery Message-ID: <201009142124.o8ELOq9E008893@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Exchange Server Outlook Web Access Cross-Site Request Forgery SECUNIA ADVISORY ID: SA41421 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41421/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41421 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41421/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41421/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41421 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Exchange Server, which can be exploited by malicious people to conduct cross-site request forgery attacks. The vulnerability is caused due to Outlook Web Access allowing users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. set a auto-forward rule or change user preferences when a logged-in user visits a specially crafted web page. The vulnerability is reported in Microsoft Exchange Server 2003 SP2 and Microsoft Exchange Server 2007 SP1 and SP2. SOLUTION: The vulnerability is fixed in Microsoft Exchange Server 2007 SP3. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Rosario Valotta ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/2401593.mspx Rosario Valotta: http://sites.google.com/site/tentacoloviola/pwning-corporate-webmails OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 14:43:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 23:43:06 +0200 Subject: [SEC] [SA41416] Microsoft Windows WordPad Text Converters Document Parsing Vulnerability Message-ID: <201009142143.o8ELh6vw029604@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows WordPad Text Converters Document Parsing Vulnerability SECUNIA ADVISORY ID: SA41416 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41416/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41416 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41416/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41416/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41416 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the WordPad Text Converters when parsing certain fields in Word 97 documents. This can be exploited to corrupt memory when a user is tricked into opening a specially crafted file using WordPad. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits S0lute, iDefense Labs. ORIGINAL ADVISORY: MS10-067 (KB2259922): http://www.microsoft.com/technet/security/bulletin/MS10-067.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 14:59:44 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Sep 2010 23:59:44 +0200 Subject: [SEC] [SA41396] Microsoft Products Unicode Scripts Processor Memory Corruption Vulnerability Message-ID: <201009142159.o8ELxiGg017856@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Products Unicode Scripts Processor Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA41396 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41396/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41396 RELEASE DATE: 2010-09-14 DISCUSS ADVISORY: http://secunia.com/advisories/41396/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41396/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41396 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows and Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the Unicode Scripts Processor (usp10.dll) component when validating a table in the OpenType font layout. This can be exploited to corrupt memory via e.g. a specially crafted document or web page viewed in an application supporting embedded OpenType fonts. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Carsten Book, Mozilla Corporation. * Marc Schoenefeld, Red Hat Security Response. ORIGINAL ADVISORY: MS10-063 (KB981322, KB2288608, KB2288613, KB2288621, KB2320113): http://www.microsoft.com/technet/security/bulletin/ms10-063.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 15:24:14 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 00:24:14 +0200 Subject: [SEC] [SA41395] Microsoft Windows MPEG-4 Codec Content Parsing Vulnerability Message-ID: <201009142224.o8EMOERr006568@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows MPEG-4 Codec Content Parsing Vulnerability SECUNIA ADVISORY ID: SA41395 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41395/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41395 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41395/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41395/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41395 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error in the MPEG-4 version 1 codec when parsing certain media content. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Matthew Watchinski, Sourcefire VRT. ORIGINAL ADVISORY: MS10-062 (KB975558): http://www.microsoft.com/technet/security/bulletin/ms10-062.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 15:45:13 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 00:45:13 +0200 Subject: [SEC] [SA41420] Microsoft Windows Client/Server Runtime Subsystem Privilege Escalation Message-ID: <201009142245.o8EMjDhF027414@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows Client/Server Runtime Subsystem Privilege Escalation SECUNIA ADVISORY ID: SA41420 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41420/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41420 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41420/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41420/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41420 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a memory allocation error in the Client/Server Runtime Subsystem (CSRSS) when handling certain user transactions. This can be exploited to corrupt memory and execute arbitrary code with escalated privileges. Successful exploitation requires that the system locale is set to Chinese, Japanese, or Korean. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits IBM Japan. ORIGINAL ADVISORY: MS10-069 (KB2121546): http://www.microsoft.com/technet/security/bulletin/MS10-069.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 16:13:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 01:13:17 +0200 Subject: [SEC] [SA41419] Microsoft Windows LSASS Implementation Buffer Overflow Vulnerability Message-ID: <201009142313.o8ENDHEh016201@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows LSASS Implementation Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41419 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41419/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41419 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41419/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41419/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41419 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an error in the Local Security Authority Subsystem Service (LSASS) within the implementations of Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS). This can be exploited to cause a heap-based buffer overflow by sending a specially crafted LDAP message to an affected LSASS server. Successful exploitation allows execution of arbitrary code, but requires authentication with the LSASS server. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS10-068 (KB983539, KB982000, KB981550): http://www.microsoft.com/technet/security/bulletin/MS10-068.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 16:45:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 01:45:56 +0200 Subject: [SEC] [SA41292] Microsoft Windows Print Spooler Service Insufficient User Permission Restrictions Message-ID: <201009142345.o8ENjuCu005154@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows Print Spooler Service Insufficient User Permission Restrictions SECUNIA ADVISORY ID: SA41292 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41292/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41292 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41292/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41292/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41292 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the Windows Print Spooler insufficiently restricting user permissions to access print spoolers. This can be exploited via a specially crafted print request to create a file in the Windows system directory. Successful exploitation allows execution of arbitrary code with system privileges, but requires that a print spooler interface is exposed over RPC (no printers are shared by default). NOTE: According to Microsoft, the vulnerability is currently being actively exploited. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. ORIGINAL ADVISORY: MS10-061 (KB2347290): http://www.microsoft.com/technet/security/bulletin/ms10-061.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 17:12:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 02:12:15 +0200 Subject: [SEC] [SA41393] Kingsoft Antivirus kavfm.sys IOCTL Handling Vulnerability Message-ID: <201009150012.o8F0CFSd026263@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Kingsoft Antivirus kavfm.sys IOCTL Handling Vulnerability SECUNIA ADVISORY ID: SA41393 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41393/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41393 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41393/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41393/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41393 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Kingsoft Antivirus, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to an error in the kavfm.sys driver when processing IOCTLs. This can be exploited to corrupt kernel memory and potentially execute arbitrary code with escalated privileges via a specially crafted 0x80030004 IOCTL. The vulnerability is reported in version 2010.04.26.648. Other versions may also be affected. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: Lufeng Li, Neusoft Corporation OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 17:44:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 02:44:21 +0200 Subject: [SEC] [SA41448] ALZip Insecure Library Loading Vulnerability Message-ID: <201009150044.o8F0iLGn015218@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ALZip Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41448 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41448/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41448 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41448/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41448/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41448 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ALZip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc90u.dll, which loads libraries (e.g. mfc90enu.dll and mfc90loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a CAB, ISO, or ZIP file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 8.0.6.3. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balzip%5D_8.0.6.3_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 18:09:47 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 03:09:47 +0200 Subject: [SEC] [SA41447] Ubuntu update for samba Message-ID: <201009150109.o8F19lfT003837@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for samba SECUNIA ADVISORY ID: SA41447 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41447/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41447 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41447/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41447/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41447 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA41354 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-987-1: http://www.ubuntu.com/usn/usn-987-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 18:24:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 03:24:02 +0200 Subject: [SEC] [SA41431] PaysiteReviewCMS "q" and "image" Cross-Site Scripting Vulnerabilities Message-ID: <201009150124.o8F1O29f024404@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: PaysiteReviewCMS "q" and "image" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA41431 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41431/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41431 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41431/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41431/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41431 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Valentin Hoebel has reported some vulnerabilities in PaysiteReviewCMS, which can be exploited by malicious people to conduct cross-site scripting vulnerabilities. Input passed via the "q" parameter to search.php and the "image" parameter to image.php (when "review" and "width" are set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 1.1. Other versions may also be affected. SOLUTION: The vendor has released a patch, which fixes the vulnerabilities. Please contact the vendor for more details. PROVIDED AND/OR DISCOVERED BY: Valentin Hoebel ORIGINAL ADVISORY: Valentin Hoebel: http://www.xenuser.org/documents/security/mechbunny_paysitereviewcms_xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 18:45:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 03:45:03 +0200 Subject: [SEC] [SA41414] ALShow Insecure Library Loading Vulnerability Message-ID: <201009150145.o8F1j3dK012861@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ALShow Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41414 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41414/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41414 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41414/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41414/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41414 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ALShow, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc90u.dll, which loads libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a AVI, WMV, or VOB file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.91. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balshow%5D_1.91_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 19:17:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 04:17:43 +0200 Subject: [SEC] [SA41399] Microsoft IIS Repeated Parameter Request Denial of Service Message-ID: <201009150217.o8F2Hhko002235@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft IIS Repeated Parameter Request Denial of Service SECUNIA ADVISORY ID: SA41399 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41399/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41399 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41399/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41399/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41399 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Internet Information Services, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a stack overflow error in the script processing code when handling repeated parameter requests. This can be exploited to crash the service via specially crafted requests to hosted ASP scripts, which write parameters from the request in the response. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Jinsik Shim. ORIGINAL ADVISORY: MS10-065 (KB2124261, KB2267960): http://www.microsoft.com/technet/security/bulletin/ms10-065.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 19:43:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 04:43:21 +0200 Subject: [SEC] [SA41345] CVSNT Branch Name Arbitrary File Creation Vulnerability Message-ID: <201009150243.o8F2hLZB023346@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: CVSNT Branch Name Arbitrary File Creation Vulnerability SECUNIA ADVISORY ID: SA41345 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41345/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41345 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41345/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41345/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41345 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CVSNT, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an error in the processing of branch names during authentication. This can be exploited to gain write access to arbitrary directories by creating a branch name with a specially crafted branch name. Successful exploitation allows e.g. to execute arbitrary code by modifying or adding administrative scripts in the CVSROOT. The vulnerability is reported in versions prior to CVSNT 2.5.04 build 2862. SOLUTION: Update to version CVSNT 2.5.04 build 2862 or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: CVSNT: http://www.march-hare.com/cvspro/vuln.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 19:55:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 04:55:25 +0200 Subject: [SEC] [SA41358] Debian update for cvsnt Message-ID: <201009150255.o8F2tPg8011389@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for cvsnt SECUNIA ADVISORY ID: SA41358 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41358/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41358 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41358/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41358/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41358 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for cvsnt. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. For more information: SA41345 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2108-1: http://www.debian.org/security/2010/dsa-2108 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 20:08:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 05:08:19 +0200 Subject: [SEC] [SA41415] ALSee Insecure Library Loading Vulnerability Message-ID: <201009150308.o8F38J0R031889@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ALSee Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41415 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41415/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41415 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41415/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41415/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41415 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ALSee, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. PatchAni.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a BMP, TIFF, or PNG file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 6.20.0.1. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Balsee%5D_6.20.0.1_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 20:22:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 05:22:03 +0200 Subject: [SEC] [SA41265] Mailman List Description Two Script Insertion Vulnerabilities Message-ID: <201009150322.o8F3M3fq020006@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Mailman List Description Two Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA41265 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41265/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41265 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41265/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41265/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41265 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed via the list descriptions is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires "list owner" permissions. The vulnerabilities are reported in versions 2.1.13 and prior. SOLUTION: The vulnerabilities are fixed in version 2.1.14rc1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://launchpad.net/mailman/+milestone/2.1.14rc1 http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 20:43:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 05:43:03 +0200 Subject: [SEC] [SA41429] Joomla Mosets Tree Component Image File Upload Security Issue Message-ID: <201009150343.o8F3h3RV008455@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla Mosets Tree Component Image File Upload Security Issue SECUNIA ADVISORY ID: SA41429 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41429/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41429 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41429/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41429/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41429 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Jeff Channell has reported a security issue in the Mosets Tree component for Joomla, which can be exploited by malicious users to compromise a vulnerable system. The security issue is caused due to the application improperly validating uploaded image files when creating a listing. This can be exploited to execute arbitrary PHP code by uploading e.g. a GIF file with embedded PHP code and an appended ".php" file extension. The security issue is reported in versions prior to 2.1.6. SOLUTION: Update to version 2.1.6. PROVIDED AND/OR DISCOVERED BY: Jeff Channell ORIGINAL ADVISORY: Jeff Channell: http://jeffchannell.com/Joomla/joomla-component-mosets-tree-215-shell-upload-vulnerability.html Mosets Tree: http://forum.mosets.com/showthread.php?t=16601 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 20:54:55 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 05:54:55 +0200 Subject: [SEC] [SA41355] MyHobbySite "username" and "password" SQL Injection Vulnerabilities Message-ID: <201009150354.o8F3stXp028893@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MyHobbySite "username" and "password" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41355 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41355/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41355 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41355/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41355/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41355 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in MyHobbySite, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "username" and "password" parameters to admin/index.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 1.01. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: YuGj VN OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 21:08:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 06:08:28 +0200 Subject: [SEC] [SA41354] Samba SID Parsing Buffer Overflow Vulnerability Message-ID: <201009150408.o8F48Sjf017019@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Samba SID Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41354 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41354/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41354 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41354/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41354/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41354 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Samba, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error in the "sid_parse()" and "dom_sid_parse()" functions when handling the binary representation of a Windows Security ID (SID). This can be exploited to cause a stack-based buffer overflow in the smbd daemon. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in 3.x versions prior to 3.5.5. SOLUTION: Update to version 3.5.5. PROVIDED AND/OR DISCOVERED BY: The vendor credits Andrew Bartlett, Cisco. ORIGINAL ADVISORY: http://us1.samba.org/samba/security/CVE-2010-3069.html http://us1.samba.org/samba/history/samba-3.5.5.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 21:21:50 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 06:21:50 +0200 Subject: [SEC] [SA41417] Adobe LiveCycle Designer Insecure Library Loading Vulnerability Message-ID: <201009150421.o8F4Lohe005099@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Adobe LiveCycle Designer Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41417 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41417/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41417 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41417/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41417/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41417 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Adobe LiveCycle, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to e.g. the LiveCycle Designer application using loading libraries (e.g. objectassisten_US.dll in version 9 and reportedly ".dll" in version 8) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening Adobe LiveCycle Designer Template files (.tds) located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in Adobe LiveCycle Designer ES2 version 9.0.0.20091029.1.612548 and reported in version 8.2.1.3144.1.471865. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: AmnPardaz Security Research Team ORIGINAL ADVISORY: http://www.bugreport.ir/index_74.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 21:42:46 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 06:42:46 +0200 Subject: [SEC] [SA41445] IBM Products for Lotus Quickr Axis2 Vulnerability Message-ID: <201009150442.o8F4gkYi025966@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM Products for Lotus Quickr Axis2 Vulnerability SECUNIA ADVISORY ID: SA41445 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41445/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41445 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41445/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41445/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41445 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in two products for Lotus Quickr, which can be exploited by malicious people to disclose system information or potentially sensitive information and cause a DoS (Denial of Service). For more information: SA40252 The vulnerability is reported the following products: * IBM FileNet Services for Lotus Quickr version 1.1 running on AIX, HP-UX, Linux, Solaris, and Windows. * IBM Content Manager Services for Lotus Quickr Axis2 version 1.1 running on AIX, Linux, Solaris, and Windows. SOLUTION: Update to version 1.1 Fix Pack 1. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg24027502 http://www.ibm.com/support/docview.wss?uid=swg24027503 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 21:55:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 06:55:03 +0200 Subject: [SEC] [SA41446] IBM AIX sa_snap Two Vulnerabilities Message-ID: <201009150455.o8F4t3sc014010@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM AIX sa_snap Two Vulnerabilities SECUNIA ADVISORY ID: SA41446 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41446/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41446 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41446/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41446/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41446 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM AIX, which can be exploited by malicious, local users to gain escalated privileges and bypass certain security restrictions. 1) An error in the "/usr/esa/sbin/sa_snap" program can be exploited to cause a buffer overflow and gain escalated privileges. The vulnerability is reported in IBM AIX 5.3, IBM AIX 6.1,VIOS 1.5, and VIOS 2.1. 2) An unspecified error can be exploited to delete certain sensitive files. The vulnerability is reported in IBM AIX 5.3. Successful exploitation of the vulnerabilities requires "system group user" privileges. SOLUTION: Apply fixes. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Lucas McLane. ORIGINAL ADVISORY: IBM: http://aix.software.ibm.com/aix/efixes/security/sa_snap_advisory.asc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 14 22:08:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 07:08:08 +0200 Subject: [SEC] [SA41422] xMatters Information Disclosure Security Issue Message-ID: <201009150508.o8F588wE002055@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: xMatters Information Disclosure Security Issue SECUNIA ADVISORY ID: SA41422 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41422/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41422 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41422/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41422/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41422 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in xMatters, which can be exploited by malicious users to disclose potentially sensitive information. The security issues is caused due to the Notification Throughput Details Report displaying data for multiple companies. This can be exploited by an administrator of one company to view data for another company. Successful exploitation requires a multi-tenancy license and Company Administrator permissions. The security issue is reported in version 4.1.0 prior to patch 3. SOLUTION: Apply xMatters 4.1.0 patch 3 (PATCH-410-003). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: xMatters (PRE-151): http://downloads.xmatters.com/patches/alarmpoint/PATCH-410-003-ReleaseNotes.txt?uid=53f18eb1aeec160a90b7456b6d9ad75d OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 10:28:12 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 19:28:12 +0200 Subject: [SEC] [SA41459] MP3 Workstation PLS Parsing Buffer Overflow Vulnerability Message-ID: <201009151728.o8FHSCnw022971@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MP3 Workstation PLS Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41459 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41459/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41459 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41459/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41459/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41459 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MP3 Workstation, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the use of a vulnerable version of a MultiMedia Soft component. For more information: SA33791 The vulnerability is confirmed in version 9.2.1.1.2. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Originally reported by h4ck3r#47 as a vulnerability in Euphonics Audio Player. Discovered in MP3 Workstation by Sanjeev Gupta. ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15013/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 11:27:53 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 20:27:53 +0200 Subject: [SEC] [SA41404] e-press ONE Insecure Library Loading Vulnerability Message-ID: <201009151827.o8FIRrNu013166@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: e-press ONE Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41404 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41404/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41404 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41404/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41404/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41404 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in e-press ONE, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the applications loading libraries (e.g. E-Press ONE Office Author loading java_msci.dll and msci_java.dll or E-Press ONE Office E-Zip and E-Press ONE Office E-NoteTaker loading mfc71enu.dll and mfc71loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PSW, TXT, RAR, or TAR file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Be-press-one_office%5D_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 12:28:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 21:28:29 +0200 Subject: [SEC] [SA41279] Python asyncore Module "accept()" Denial of Service Vulnerability Message-ID: <201009151928.o8FJSTtG003398@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Python asyncore Module "accept()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41279 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41279/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41279 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41279/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41279/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41279 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Python, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to incorrect error handling within the "accept()" method of the asyncore module, which can lead to unexpected exceptions being raised or unexpected types being returned, potentially resulting in crashes of e.g. Python server applications using the module. SOLUTION: Restrict network access to services using this module to trusted users only. PROVIDED AND/OR DISCOVERED BY: Reported in a Python bug by Giampaolo Rodola. ORIGINAL ADVISORY: http://bugs.python.org/issue6706 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 13:28:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 22:28:51 +0200 Subject: [SEC] [SA41462] Linux Kernel Privilege Escalation Vulnerabilities Message-ID: <201009152028.o8FKSpu6026032@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel Privilege Escalation Vulnerabilities SECUNIA ADVISORY ID: SA41462 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41462/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41462 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41462/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41462/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41462 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ben Hawkes has reported some vulnerabilities in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges. 1) Certain callers of the "compat_alloc_user_space()" function (e.g. the "compat_mc_getsockopt()" function in net/compat.c) do not perform any verification of the returned memory area, which can be exploited to cause a kernel memory corruption. 2) The 32bit system call emulation layer does not properly ensure that the requested system call is in the system call table, which can be exploited to execute arbitrary code with kernel privileges. This is related to: SA26934 Successful exploitation requires 64bit systems. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Ben Hawkes ORIGINAL ADVISORY: 1) http://sota.gen.nz/compat1/ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=c41d68a513c71e35a14f66d71782d27a79a81ea6 2) http://sota.gen.nz/compat2/ http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=36d001c70d8a0144ac1d038f6876c484849a74de http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=eefdca043e8391dcd719711716492063030b55ac OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 14:23:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 23:23:28 +0200 Subject: [SEC] [SA41463] IBM Lotus Sametime Connect Webcontainer Unspecified Vulnerability Message-ID: <201009152123.o8FLNSUN016002@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM Lotus Sametime Connect Webcontainer Unspecified Vulnerability SECUNIA ADVISORY ID: SA41463 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41463/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41463 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41463/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41463/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41463 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with an unknown impact has been reported in IBM Lotus Sametime. The vulnerability is caused due an unspecified error in the Sametime Connect webcontainer. No further information is currently available. The vulnerability is reported in IBM Sametime 8.5.1 running on Linux, Mac OS X, and Windows. SOLUTION: Apply Sametime Connect 8.5.1 Cumulative Fix Pack 1. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (LXUU87S57H and LXUU87S93W): http://www.ibm.com/support/docview.wss?uid=swg21445669 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 14:44:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Sep 2010 23:44:38 +0200 Subject: [SEC] [SA41461] Fedora update for webkitgtk Message-ID: <201009152144.o8FLicmM004446@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for webkitgtk SECUNIA ADVISORY ID: SA41461 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41461/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41461 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41461/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41461/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41461 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for webkitgtk. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information or compromise a user's system. For more information: SA39091 SA39544 SA39651 SA40105 SA40257 SA40479 SA40664 SOLUTION: Apply updated packages using the yum utility ("yum update webkitgtk"). ORIGINAL ADVISORY: FEDORA-2010-14409: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047699.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 15:12:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 00:12:08 +0200 Subject: [SEC] [SA41430] AXIGEN Mail Server Two Vulnerabilities Message-ID: <201009152212.o8FMC884025704@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: AXIGEN Mail Server Two Vulnerabilities SECUNIA ADVISORY ID: SA41430 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41430/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41430 RELEASE DATE: 2010-09-15 DISCUSS ADVISORY: http://secunia.com/advisories/41430/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41430/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41430 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in AXIGEN Mail Server, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information. 1) Certain unspecified input passed to the Ajax WebMail interface is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An input validation error exists within the HTTP server when processing requests. This can be exploited to read arbitrary files from an affected system via directory traversal attacks (e.g. "..%5c"). Note: Reportedly, this vulnerability only affects Windows systems. SOLUTION: Update to version 7.4.2. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) Bogdan Calin, Acunetix ORIGINAL ADVISORY: AXIGEN: http://www.axigen.com/press/product-releases/axigen-releases-version-742_74.html Acunetix: http://www.acunetix.com/blog/news/directory-traversal-axigen/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 15:45:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 00:45:58 +0200 Subject: [SEC] [SA41457] 3Com OfficeConnect Gigabit VPN Firewall Unspecified Cross-Site Scripting Message-ID: <201009152245.o8FMjw65014733@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: 3Com OfficeConnect Gigabit VPN Firewall Unspecified Cross-Site Scripting SECUNIA ADVISORY ID: SA41457 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41457/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41457 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41457/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41457/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41457 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in 3Com OfficeConnect Gigabit VPN Firewall, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected device. The vulnerability is reported in versions 1.0.12 and prior. SOLUTION: Update to version 1.0.13. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Jonathan Grier, VEWARiA. ORIGINAL ADVISORY: HPSBGN02577 SSRT100224: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02507909 3Com: http://support.3com.com/documents/firewall/3CREVF100-73/OC_GIG_VPN_FW_v1013_Release_Notes.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 16:12:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 01:12:02 +0200 Subject: [SEC] [SA41450] Red Hat update for samba3x Message-ID: <201009152312.o8FNC2vZ003403@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for samba3x SECUNIA ADVISORY ID: SA41450 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41450/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41450 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41450/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41450/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41450 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for samba3x. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA41354 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0698-1: https://rhn.redhat.com/errata/RHSA-2010-0698.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 16:46:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 01:46:40 +0200 Subject: [SEC] [SA41451] Red Hat update for samba Message-ID: <201009152346.o8FNkegN024885@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for samba SECUNIA ADVISORY ID: SA41451 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41451/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41451 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41451/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41451/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41451 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA41354 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0697-1: https://rhn.redhat.com/errata/RHSA-2010-0697.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 17:12:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 02:12:03 +0200 Subject: [SEC] [SA41440] Linux Kernel Memory Leak Weaknesses Message-ID: <201009160012.o8G0C37N013534@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel Memory Leak Weaknesses SECUNIA ADVISORY ID: SA41440 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41440/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41440 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41440/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41440/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41440 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some weaknesses have been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose certain system information. 1) The "de4x5_ioctl()" function in drivers/net/tulip/de4x5.c incorrectly copies an uninitialised structure member to userspace, which can be exploited to disclose kernel stack memory via the DE4X5_GET_REG IOCTL. 2) The "cxgb_extension_ioctl()" function in drivers/net/cxgb3/cxgb3_main.c, the " eql_g_master_cfg()" function in drivers/net/eql.c, and the "hso_get_count()" function in drivers/net/usb/hso.c are not properly initializing all members of certain structures before copying them to userspace, which can be exploited to disclose kernel stack memory by sending certain IOCTLs. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: 1) http://lkml.org/lkml/2010/9/14/317 2) http://lkml.org/lkml/2010/9/11/170 http://lkml.org/lkml/2010/9/11/168 http://lkml.org/lkml/2010/9/11/167 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 17:44:38 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 02:44:38 +0200 Subject: [SEC] [SA41424] Slackware update for samba Message-ID: <201009160044.o8G0icJu002474@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Slackware update for samba SECUNIA ADVISORY ID: SA41424 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41424/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41424 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41424/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41424/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41424 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA41354 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SSA:2010-257-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.545486 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 18:09:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 03:09:43 +0200 Subject: [SEC] [SA41453] XSE Shopping Cart "id" and "type" Cross-Site Scripting Vulnerabilities Message-ID: <201009160109.o8G19hrg023554@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: XSE Shopping Cart "id" and "type" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA41453 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41453/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41453 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41453/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41453/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41453 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: r0t has discovered some vulnerabilities in XSE Shopping Cart, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "id" parameter to Default.aspx and the "type" parameter to SearchResults.aspx is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 1.5.3.0 / 1.5.2.1. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: r0t ORIGINAL ADVISORY: r0t: http://pridels-team.blogspot.com/2010/09/xse-shopping-cart-xss-vuln.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 18:23:41 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 03:23:41 +0200 Subject: [SEC] [SA41428] Slackware update for sudo Message-ID: <201009160123.o8G1NfBm011691@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Slackware update for sudo SECUNIA ADVISORY ID: SA41428 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41428/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41428 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41428/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41428/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41428 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA41316 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SSA:2010-257-02: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.592410 SSA:2010-258-03: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.603062 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 18:44:59 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 03:44:59 +0200 Subject: [SEC] [SA41454] Fedora update for samba Message-ID: <201009160144.o8G1ixk3032546@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for samba SECUNIA ADVISORY ID: SA41454 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41454/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41454 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41454/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41454/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41454 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA41354 SOLUTION: Apply updated packages using the yum utility ("yum update samba"). ORIGINAL ADVISORY: FEDORA-2010-14678: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html FEDORA-2010-14627: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 19:15:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 04:15:17 +0200 Subject: [SEC] [SA41390] Google Chrome Multiple Vulnerabilities Message-ID: <201009160215.o8G2FHjW021911@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41390 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41390/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41390 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41390/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41390/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41390 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to compromise a user's system. 1) A use-after-free error exists when using document APIs during parsing. 2) A use-after-free error exists in the processing of SVG styles. 3) A use-after-free error exists in the processing of nested SVG elements. 4) An assert error exists related to cursor handling on the Linux platform. 5) A race condition exists in the console handling. 6) An error related to the file dialog can be exploited to corrupt memory on the Mac OS X platform. This is related to vulnerability #1 in: SA41014 7) An unspecified error related to Geolocation can be exploited to corrupt memory. 8) An unspecified error related to Khmer handling can be exploited to corrupt memory. 9) The application does not prompt for extension history access. SOLUTION: Update to version 6.0.472.59. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) David Weston, Microsoft Vulnerability Research (MSVR) and wushi, team 509 2, 3, 5, 7) kuzzcc 4) magnusmorton 6) Sergey Glazunov and remy.saissy 8) Google Chrome Security Team (Chris Evans) 9) adriennefelt ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 19:44:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 04:44:43 +0200 Subject: [SEC] [SA41402] OpenX Video Plugin Open Flash Chart Vulnerability Message-ID: <201009160244.o8G2ihGB010741@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: OpenX Video Plugin Open Flash Chart Vulnerability SECUNIA ADVISORY ID: SA41402 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41402/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41402 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41402/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41402/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41402 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in OpenX Video Plugin, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable Open Flash Chart code. For more information: SA37903 The vulnerability is confirmed in version 1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. Remove the file if not needed. PROVIDED AND/OR DISCOVERED BY: Reportedly exploited in the wild. ORIGINAL ADVISORY: http://www.kreativrauschen.de/blog/2010/09/09/kritische-sicherheitsluecke-in-openx-2-8-6-open-flash-chart-2/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 20:10:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 05:10:22 +0200 Subject: [SEC] [SA41432] SUSE update for kernel Message-ID: <201009160310.o8G3AMa1031796@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41432 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41432/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41432 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41432/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41432/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41432 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, cause a DoS (Denial of Service), bypass certain security restrictions, conduct DNS cache poisoning attacks, and gain escalated privileges, and by malicious people to cause a DoS. For more information: SA39490 SA40205 SA40656 SA40691 SA40965 SA41055 SA41245 1) Errors within the implementation of the External Data Representation (XDR) for NFSv4 can be exploited to cause a kernel crash by sending specially crafted compound requests to the NFSv4 server. 2) Incorrect permission checks within the "btrfs_ioctl_clone" function in fs/btrfs/ioctl.c can be exploited to overwrite append-only files. 3) An integer overflow within the "btrfs_ioctl_clone" function in fs/btrfs/ioctl.c can be exploited to e.g. disclose sensitive information. 4) An error within the GFS2 file system when handing certain rename operations can be exploited to cause a kernel crash. 5) Two vulnerabilities are caused due to integer overflow errors within the "ext4_ext_in_cache()" and "ext4_ext_get_blocks()" functions in fs/ext4/extents.c, which can be exploited to e.g. trigger a "BUG()" when performing certain file operations on certain configurations of the ext4 file system. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:040: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 20:23:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 05:23:40 +0200 Subject: [SEC] [SA41407] gDoc Fusion Insecure Library Loading Vulnerability Message-ID: <201009160323.o8G3Nefp019907@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: gDoc Fusion Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41407 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41407/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41407 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41407/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41407/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41407 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in gDoc Fusion, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of QtCore4.dll, which loads libraries (e.g. wintab32.dll and ssleay32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PDF or XPS file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.5.1. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bgdocfusion%5D_2.5.1_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 20:44:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 05:44:37 +0200 Subject: [SEC] [SA41427] HP System Management Homepage Information Disclosure Vulnerability Message-ID: <201009160344.o8G3ibVW008345@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP System Management Homepage Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA41427 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41427/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41427 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41427/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41427/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41427 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP System Management Homepage, which can be exploited by malicious users to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error. No further information is currently available. Successful exploitation may grant root access to the system. The vulnerability is reported in versions 6.0 and 6.1 running on Linux (x86 and AMD64/EM64T). SOLUTION: Update to version 6.2.0-12. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02566 SSRT100045: https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02475053 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 21:09:44 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 06:09:44 +0200 Subject: [SEC] [SA41413] SoMud Insecure Library Loading Vulnerability Message-ID: <201009160409.o8G49i9g029377@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SoMud Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41413 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41413/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41413 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41413/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41413/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41413 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SoMud, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of QtCore4.dll, which loads libraries (e.g. wintab32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a TORRENT file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.2.9. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bsomud%5D_1.2.8_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 21:23:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 06:23:40 +0200 Subject: [SEC] [SA41405] CelFrame Office Insecure Library Loading Vulnerability Message-ID: <201009160423.o8G4Nedi017513@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: CelFrame Office Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41405 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41405/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41405 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41405/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41405/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41405 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in CelFrame Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. java_msci.dll and msci_java.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a DOC, XLS, or ODG file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2008 Standard Edition. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bcelframe_office%5D_2008_insecure_dll_hijacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 21:44:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 06:44:01 +0200 Subject: [SEC] [SA41443] Google Chrome Flash Plugin Unspecified Code Execution Vulnerability Message-ID: <201009160444.o8G4i12v005928@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Google Chrome Flash Plugin Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA41443 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41443/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41443 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41443/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41443/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41443 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the Flash plugin. For more information: SA41434 The vulnerability is reported in version 6.0.472.55. Other versions may also be affected. SOLUTION: Disable Flash support in the plugins settings. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day in Adobe Flash Player. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 15 22:08:00 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 07:08:00 +0200 Subject: [SEC] [SA41434] Adobe Flash Player Unspecified Code Execution Vulnerability Message-ID: <201009160508.o8G580o1026906@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Adobe Flash Player Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA41434 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41434/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41434 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41434/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41434/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41434 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error when parsing Flash content. No more information is currently available. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 10.1.82.76 and prior. NOTE: According to the vendor, the vulnerability is currently being actively exploited. SOLUTION: Adobe is planning on releasing fixes during week 39. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-03.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 10:28:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 19:28:09 +0200 Subject: [SEC] [SA41479] Splunk Two Vulnerabilities Message-ID: <201009161728.o8GHS9Hd009131@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Splunk Two Vulnerabilities SECUNIA ADVISORY ID: SA41479 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41479/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41479 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41479/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41479/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41479 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Splunk, which can be exploited by malicious users to disclose sensitive information or gain escalated privileges and by malicious people to conduct session fixation attacks. 1) An error exists in the XML parser when XML external entity references. This can be exploited to disclose certain information or perform certain actions with escalated privileges. 2) An error in the handling of sessions can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link using the "SPLUNKD_SESSION_KEY" parameter. The vulnerabilities are reported in versions 4.0 through 4.1.4. SOLUTION: Update to version 4.1.5. PROVIDED AND/OR DISCOVERED BY: The vendor credits Aaron, vtty.com. ORIGINAL ADVISORY: Splunk: http://www.splunk.com/view/SP-CAAAFQ6 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 11:27:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 20:27:58 +0200 Subject: [SEC] [SA41484] IBM WebSphere Application Server Community Edition Multiple Vulnerabilities Message-ID: <201009161827.o8GIRwa6031732@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server Community Edition Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41484 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41484/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41484 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41484/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41484/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41484 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in IBM WebSphere Application Server Community Edition, which can be exploited by malicious users and malicious people to manipulate certain data and by malicious people to gain access to potentially sensitive information bypass certain security restrictions. 1) The application bundles a vulnerable version of Apache Tomcat. For more information: SA38316 2) The vulnerability is caused due to an error within the authentication mechanism in the bundled Apache ActiveMQ, which can be exploited to bypass the authentication mechanism by providing arbitrary username and password parameters via a client using the Stomp protocol. The vulnerability is reported in versions prior to version 2.1.1.4 running on AIX, Linux, Solaris, and Windows. SOLUTION: Update to version 2.1.1.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://publib.boulder.ibm.com/wasce/changes/2114/CHANGES.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 12:28:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 21:28:15 +0200 Subject: [SEC] [SA41397] E-Xoopport "secid" SQL Injection Vulnerability Message-ID: <201009161928.o8GJSFhM021946@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: E-Xoopport "secid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41397 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41397/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41397 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41397/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41397/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41397 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in E-Xoopport, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "secid" parameter to modules/sections/index.php (when "op" is set to "listarticles") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that e.g. the "Tutorial" module is enabled. The vulnerability is confirmed in version 3.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: _mRkZ_, Dante90 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 13:28:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 22:28:01 +0200 Subject: [SEC] [SA41436] Pixelpost Cross-Site Request Forgery Vulnerability Message-ID: <201009162028.o8GKS1Nk012150@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Pixelpost Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41436 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41436/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41436 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41436/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41436/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41436 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Pixelpost, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests, without performing proper validity checks to verify the requests. This can be exploited to e.g. change the administrator's password, by tricking a logged-in administrator into visiting a malicious website. The vulnerability is confirmed in version 1.7.3. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Sweet OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 14:22:07 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 23:22:07 +0200 Subject: [SEC] [SA41473] Honest Technology VHS to DVD Project File Processing Buffer Overflow Message-ID: <201009162122.o8GLM7gZ002043@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Honest Technology VHS to DVD Project File Processing Buffer Overflow SECUNIA ADVISORY ID: SA41473 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41473/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41473 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41473/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41473/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41473 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Honest Technology VHS to DVD, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of project files and can be exploited to cause a stack-based buffer overflow when a user is tricked into opening a specially crafted ".ilj" file containing an overly long "file" entry. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 3.0.30 Deluxe. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Brennon Thomas OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 14:43:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 23:43:02 +0200 Subject: [SEC] [SA41491] ApPHP PHP MicroCMS "page" Local File Inclusion Vulnerability Message-ID: <201009162143.o8GLh2ui022953@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ApPHP PHP MicroCMS "page" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA41491 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41491/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41491 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41491/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41491/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41491 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ApPHP PHP MicroCMS, which can be exploited by malicious people to disclose sensitive information. Input passed via the "page" parameter to index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is reported in version 1.0.1. Other versions may also be affected. SOLUTION: The vendor has issued an updated version 1.0.1 (2010-09-16), which fixes the vulnerability. PROVIDED AND/OR DISCOVERED BY: Abysssec OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 14:59:46 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Sep 2010 23:59:46 +0200 Subject: [SEC] [SA41455] ApPHP PHP MicroCMS SQL Injection and Local File Inclusion Vulnerabilities Message-ID: <201009162159.o8GLxk9e011201@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ApPHP PHP MicroCMS SQL Injection and Local File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA41455 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41455/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41455 RELEASE DATE: 2010-09-16 DISCUSS ADVISORY: http://secunia.com/advisories/41455/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41455/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41455 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in ApPHP PHP MicroCMS, which can be exploited by malicious people to conduct SQL injection attacks and disclose sensitive information. 1) Input passed via the "user_name" and "password" parameters to index.php (when "page" is set to "login") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via the "page" parameter to index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. SOLUTION: Reportedly the vendor has issued updated versions, which fix the vulnerabilities. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 15:24:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 00:24:56 +0200 Subject: [SEC] [SA41458] IBM FileNet Application Engine Redirection and Cross-Site Scripting Message-ID: <201009162224.o8GMOuiS032344@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM FileNet Application Engine Redirection and Cross-Site Scripting SECUNIA ADVISORY ID: SA41458 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41458/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41458 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41458/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41458/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41458 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities and a weakness have been reported in IBM FileNet Application Engine, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks. 1) The weakness is caused due to the Workplace component allowing to redirect users to a URL specified by an attacker when providing incorrect login credentials. This can be exploited to e.g. redirect users to an untrusted fake site. 2) Unspecified input in the Workplace component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities and the weakness are reported in versions prior to 3.5.1-021. SOLUTION: Update to version P8AE 3.5.1-021. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PJ37180, PJ37179, PJ37466): http://download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 15:46:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 00:46:17 +0200 Subject: [SEC] [SA41468] ATutor "cid" Cross-Site Scripting Vulnerability Message-ID: <201009162246.o8GMkHO8020815@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ATutor "cid" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41468 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41468/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41468 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41468/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41468/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41468 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ATutor, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "cid" parameter to mods/_core/editor/delete_content.php and mods/_core/editor/edit_content_folder.php is not properly sanitised before being returned to the user in themes/default/include/header.tmpl.php. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.0. Other versions may also be affected. SOLUTION: Apply patch 07. PROVIDED AND/OR DISCOVERED BY: HTBridge ORIGINAL ADVISORY: HTB22599: http://www.htbridge.ch/advisory/xss_vulnerability_in_atutor_edit_content_folder.html HTB22600: http://www.htbridge.ch/advisory/xss_vulnerability_in_atutor_1.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 16:12:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 01:12:27 +0200 Subject: [SEC] [SA41460] IBM FileNet Application Engine Multiple Vulnerabilities Message-ID: <201009162312.o8GNCR0D009511@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM FileNet Application Engine Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41460 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41460/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41460 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41460/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41460/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41460 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in IBM FileNet Application Engine, where one has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks. 1) An unspecified error related to session fixation exists in the Workplace component. No further information is currently available. 2) Unspecified input passed to the Workplace component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 4.0.2.7-P8AE-FP007. SOLUTION: Update to version 4.0.2.7-P8AE-FP007. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PJ37346, PJ37179): http://download2.boulder.ibm.com/sar/CMA/IMA/00y3y/0/readme-4027-P8AE-FP007.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 16:45:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 01:45:32 +0200 Subject: [SEC] [SA41474] QuickShare Directory Traversal Vulnerability Message-ID: <201009162345.o8GNjW7b030910@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: QuickShare Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA41474 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41474/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41474 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41474/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41474/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41474 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: John Leitch has discovered a vulnerability in QuickShare, which can be exploited by malicious people to disclose sensitive information. Input passed via the URL is not properly verified before being used to read files. This can be exploited to download arbitrary files via directory traversal attacks. The vulnerability is confirmed in version 1.0 running on Windows. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: John Leitch ORIGINAL ADVISORY: John Leitch: http://www.johnleitch.net/Vulnerabilities/QuickShare.1.0.Directory.Traversal/38 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 17:12:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 02:12:01 +0200 Subject: [SEC] [SA41492] ApPHP PHP MicroCMS "user_name" and "password" SQL Injection Vulnerabilities Message-ID: <201009170012.o8H0C1HT019607@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ApPHP PHP MicroCMS "user_name" and "password" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41492 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41492/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41492 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41492/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41492/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41492 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in ApPHP PHP MicroCMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "user_name" and "password" parameters to index.php (when "page" is set to "login") is not properly sanitised before being used in SQL queries in include/classes/Login.php. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 1.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Abysssec OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 17:45:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 02:45:36 +0200 Subject: [SEC] [SA41469] AContent Multiple Vulnerabilities Message-ID: <201009170045.o8H0jada008630@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: AContent Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41469 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41469/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41469 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41469/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41469/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41469 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in AContent, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery and SQL injection attacks. 1) Input passed via the "copyright" POST parameter to home/course/course_property.php is not properly sanitised before being stored and returned to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without properly verifying the results. This can be exploited to e.g. add new administrative users, by tricking a logged-in administrative user into visiting a malicious web site. NOTE: Vulnerabilities #1 and #2 can be used in conjunction. 3) Input passed via the "search_text" parameter to home/search.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can further be exploited to conduct cross-site scripting attacks via SQL error messages. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Do not browse malicious websites or follow untrusted links while being logged-in to the application PROVIDED AND/OR DISCOVERED BY: 1, 2) HTBridge 3) Reported as cross-site scripting vulnerability by HTBridge. Additional information by Secunia Research. ORIGINAL ADVISORY: HTB22596: http://www.htbridge.ch/advisory/xss_vulnerability_in_acontent_search.html HTB22598: http://www.htbridge.ch/advisory/xss_vulnerability_in_acontent_course.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 18:10:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 03:10:09 +0200 Subject: [SEC] [SA41489] Drupal Advanced Taxonomy Blocks Module Script Insertion and Cross-Site Request Forgery Message-ID: <201009170110.o8H1A9mu029650@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Advanced Taxonomy Blocks Module Script Insertion and Cross-Site Request Forgery SECUNIA ADVISORY ID: SA41489 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41489/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41489 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41489/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41489/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41489 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in the Advanced Taxonomy Blocks module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks. 1) Certain unspecified input is not properly sanitised before being displayed to the user via the administrative pages of the module. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires certain non-default permissions. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete or reset blocks by tricking a logged in administrative user into visiting a malicious web site. The vulnerabilities are reported in versions prior to 6.x-3.4. SOLUTION: Update to version 6.x-3.4. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits mr.baileys of the Drupal Security Team. ORIGINAL ADVISORY: SA-CONTRIB-2010-093: http://drupal.org/node/912714 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 18:23:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 03:23:43 +0200 Subject: [SEC] [SA41490] HP System Management Homepage Multiple Vulnerabilities Message-ID: <201009170123.o8H1Nhm7017766@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP System Management Homepage Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41490 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41490/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41490 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41490/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41490/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41490 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has acknowledged a security issue and multiple vulnerabilities in HP System Management Homepage, where one has unknown impacts while others can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, manipulate certain data, cause a DoS (Denial of Service). For more information: SA41480 SOLUTION: Fixed in version 6.2. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02568 SSRT100219: http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 18:44:44 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 03:44:44 +0200 Subject: [SEC] [SA41467] AChecker "uri" Cross-Site Scripting Vulnerability Message-ID: <201009170144.o8H1iif2006224@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: AChecker "uri" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41467 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41467/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41467 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41467/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41467/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41467 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in AChecker, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "uri" POST parameter to checker/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: HTBridge ORIGINAL ADVISORY: HTB22601: http://www.htbridge.ch/advisory/xss_vulnerability_in_achecker.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 19:15:00 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 04:15:00 +0200 Subject: [SEC] [SA41363] Drupal Mollom Module Information Disclosure Security Issue Message-ID: <201009170215.o8H2F0TI027976@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Mollom Module Information Disclosure Security Issue SECUNIA ADVISORY ID: SA41363 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41363/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41363 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41363/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41363/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41363 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the Mollom module for Drupal, which may lead to exposure of sensitive information. The security issue is caused due to an error in the module which can lead to certain sensitive user data e.g. a user's password in clear text being logged via calls to Drupal's watchdog API. Successful exploitation requires that an attacker has "access site reports" permissions or has access to system syslog files. The security issue is reported in versions prior to 6.x-1.14. SOLUTION: Update to version 6.x-1.14. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Katherine Senzee (ksenzee). ORIGINAL ADVISORY: SA-CONTRIB-2010-091: http://drupal.org/node/912412 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 19:45:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 04:45:18 +0200 Subject: [SEC] [SA41480] HP System Management Homepage Multiple Vulnerabilities Message-ID: <201009170245.o8H2jI9Z016843@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP System Management Homepage Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41480 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41480/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41480 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41480/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41480/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41480 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has acknowledged a security issue and multiple vulnerabilities in HP System Management Homepage, where one has unknown impacts and others can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, manipulate certain data, and cause a DoS (Denial of Service). 1) Certain unspecified input is not properly sanitised before being returned to the user. For more information: SA41457 2) Certain unspecified input is not properly sanitised before being used in HTTP responses, which can be exploited to conduct HTTP response splitting attacks. 3) The mod_proxy_http Apache module does not properly handle certain timeout conditions, which can lead to responses being returned to the wrong users. For more information: SA40206 4) Errors related to insufficient protection of $_SESSION against interrupt corruption and a weak "session.save_path" check have unknown impacts. For more information: SA37821 5) An error within the processing of form-based file uploads can be exploited to cause a DoS by sending specially crafted requests. For more information: SA37412 6) An error exists in the TLS protocol when handling session re-negotiations. For more information: SA37291 The vulnerabilities are reported in versions prior to 6.2. SOLUTION: Update to version 6.2. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02568 SSRT100219: http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02512995 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 20:10:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 05:10:35 +0200 Subject: [SEC] [SA41488] Drupal Advanced Book Blocks Module Script Insertion and Cross-Site Request Forgery Message-ID: <201009170310.o8H3AZDp005472@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Advanced Book Blocks Module Script Insertion and Cross-Site Request Forgery SECUNIA ADVISORY ID: SA41488 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41488/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41488 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41488/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41488/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41488 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in the Advanced Book Blocks module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks. 1) Certain unspecified input is not properly sanitised before being displayed to the user via the administrative pages of the module. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires certain non-default permissions. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete or reset blocks by tricking a logged in administrative user into visiting a malicious web site. The vulnerabilities are reported in versions prior to 6.x-2.2. SOLUTION: Update to version 6.x-2.2. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Matt Chapman of the Drupal Security Team. ORIGINAL ADVISORY: SA-CONTRIB-2010-092: http://drupal.org/node/912708 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 20:23:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 05:23:56 +0200 Subject: [SEC] [SA41472] Mollify "confirm" Cross-Site Scripting Vulnerability Message-ID: <201009170323.o8H3NuRs026000@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Mollify "confirm" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41472 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41472/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41472 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41472/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41472/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41472 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: John Leitch has discovered a vulnerability in Mollify, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "confirm" parameter to backend/plugin/Registration/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.6.5.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: John Leitch ORIGINAL ADVISORY: John Leitch: http://www.johnleitch.net/Vulnerabilities/Mollify.1.6.Reflected.Cross-site.Scripting/36 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 20:45:05 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 05:45:05 +0200 Subject: [SEC] [SA41401] IBM Proventia Network Mail Security System Multiple Vulnerabilities Message-ID: <201009170345.o8H3j5Ys014460@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM Proventia Network Mail Security System Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41401 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41401/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41401 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41401/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41401/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41401 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Marian Ventuneac has reported multiple vulnerabilities in IBM Proventia Network Mail Security System, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting, cross-site request forgery, and script insertion attacks. 1) The web-based local management interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change configuration settings when a logged-in user visits a specially crafted web site. 2) Input passed e.g. via the "date1" parameter to pvm_messagestore.php, via the "userfilter" parameter to pvm_user_management.php, the "ping" parameter to sys_tools.php, the "action" parameter to pvm_cert_commaction.php, pvm_cert_serveraction.php, and pvm_smtpstore.php, and via the "l" parameter to sla/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 4) Input related to saved search filters is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires authentication. The vulnerabilities are reported in version 2.5. Other versions may also be affected. SOLUTION: Update to version 2.5.0.2. PROVIDED AND/OR DISCOVERED BY: Marian Ventuneac ORIGINAL ADVISORY: http://www.ventuneac.net/security-advisories/MVSA-10-006 http://www.ventuneac.net/security-advisories/MVSA-10-007 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 21:09:44 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 06:09:44 +0200 Subject: [SEC] [SA41381] OTRS Script Insertion and Denial of Service Vulnerabilities Message-ID: <201009170409.o8H49i4b003058@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: OTRS Script Insertion and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41381 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41381/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41381 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41381/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41381/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41381 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in OTRS, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to cause a DoS (Denial of Service). 1) Certain unspecified input is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) An error exists in the processing of regular expressions while viewing certain articles. This can be exploited to cause a DoS due to high CPU consumption via specially crafted emails sent to the affected system. The vulnerabilities are reported in versions 2.3.x through 2.4.7. SOLUTION: Update to version 2.3.6 or 2.4.8. PROVIDED AND/OR DISCOVERED BY: The vendor credits Marcus Krause of the TYPO3 Security Team, Aaron Roberts, Alexander Neufeld, and Arnfinn Roland. ORIGINAL ADVISORY: http://otrs.org/advisory/OSA-2010-02-en/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 21:23:57 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 06:23:57 +0200 Subject: [SEC] [SA41478] Fedora update for fuse-encfs Message-ID: <201009170423.o8H4NvDH023622@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for fuse-encfs SECUNIA ADVISORY ID: SA41478 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41478/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41478 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41478/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41478/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41478 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for fuse-encfs. This fixes multiple weaknesses, which can be exploited by malicious people to bypass certain security features. For more information: SA41158 SOLUTION: Apply updated packages using the yum utility ("yum update fuse-encfs"). ORIGINAL ADVISORY: FEDORA-2010-14254: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.html FEDORA-2010-14268: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 21:44:10 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 06:44:10 +0200 Subject: [SEC] [SA41377] NetArt Media Real Estate Portal Multiple Vulnerabilities Message-ID: <201009170444.o8H4iAaU012052@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: NetArt Media Real Estate Portal Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41377 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41377/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41377 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41377/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41377/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41377 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in NetArt Media Real Estate Portal, which can be exploited by malicious people to conduct cross-site scripting attacks and to disclose sensitive information. 1) Input passed via the "id" parameter to AGENTS/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "action" and "folder" parameters to AGENTS/index.php is not properly verified before being used to include files. This can be exploited to include PHP files from local resources via directory traversal sequences. The vulnerabilities are reported in version 2.0. Other versions may also be affected. SOLUTION: Reportedly the vendor has issued an update that fixes vulnerability 1. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1,2) r0t ORIGINAL ADVISORY: r0t: http://pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 16 22:10:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 07:10:24 +0200 Subject: [SEC] [SA41465] Santafox Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities Message-ID: <201009170510.o8H5AOtF000682@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Santafox Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities SECUNIA ADVISORY ID: SA41465 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41465/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41465 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41465/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41465/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41465 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in Santafox, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed via the "search" parameter to search.html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. create an administrative user by tricking a logged-in administrator into visiting a malicious website. The vulnerabilities are confirmed in version 2.02. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: HTBridge ORIGINAL ADVISORY: HTB22593: http://www.htbridge.ch/advisory/xss_vulnerability_in_santafox_search_module.html HTB22594: http://www.htbridge.ch/advisory/xsrf_csrf_in_santafox.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 10:29:49 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 19:29:49 +0200 Subject: [SEC] [SA41481] mojoPortal Multiple Vulnerabilities Message-ID: <201009171729.o8HHTnZv021551@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: mojoPortal Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41481 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41481/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41481 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41481/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41481/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41481 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in mojoPortal, which can be exploited by malicious people to conduct script insertion and cross-site request forgery attacks. 1) Input passed via the "User ID" field when creating a new account is not properly sanitised before being stored and returned to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. move files inside the web root, by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerabilities are confirmed in version 2.3.5.1. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Abysssec OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 11:29:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 20:29:45 +0200 Subject: [SEC] [SA41456] OpenX Video Plugin Arbitrary File Creation Vulnerability Message-ID: <201009171829.o8HITjIZ011764@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: OpenX Video Plugin Arbitrary File Creation Vulnerability SECUNIA ADVISORY ID: SA41456 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41456/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41456 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41456/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41456/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41456 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in OpenX, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA41402 The vulnerability is reported in versions 2.8.2 through 2.8.6. SOLUTION: Update to version 2.8.7. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 12:30:04 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 21:30:04 +0200 Subject: [SEC] [SA41449] phpmyfamily Multiple Vulnerabilities Message-ID: <201009171930.o8HJU4Nw001925@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: phpmyfamily Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41449 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41449/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41449 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41449/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41449/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41449 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in phpmyfamily, which can be exploited by malicious users to conduct SQL injection attacks and manipulate certain data and by malicious people to conduct cross-site scripting and request forgery attacks. 1) Input passed to the "reason" parameter in inc/passwdform.inc.php, the "referer" parameter in mail.php, and the "person" parameter in track.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. a new administrative user by tricking a logged in administrator into visiting a malicious web site. 3) Input passed via the "pwdEmail" parameter to my.php (when "func" is set to "email") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 4) Input passed via the "email" parameter to track.php (when "action" is set to "unsub" and "person" is set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 5) Input passed via the "transcript" parameter to passthru.php (when "func" is set to "delete", "area" is set to "transcript", and "person" is set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 6) Input passed via the "transcript" parameter to passthru.php (when "func" is set to "delete", "area" is set to "transcript", and "person" is set) is not properly verified before deleting files. This can be exploited to delete arbitrary files with the permissions of the web server via directory traversal attacks. Successful exploitation of vulnerabilities #3, #4, and #5 requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 2.0.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: Abysssec OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 13:29:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 22:29:28 +0200 Subject: [SEC] [SA41501] NitroSecurity NitroView ESM Privilege Escalation Message-ID: <201009172029.o8HKTSDm024546@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: NitroSecurity NitroView ESM Privilege Escalation SECUNIA ADVISORY ID: SA41501 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41501/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41501 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41501/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41501/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41501 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in NitroSecurity NitroView Enterprise Security Manager (ESM), which can be exploited by malicious users to disclose sensitive information and gain escalated privileges. The vulnerability is caused due to an input validation error in the management interface, which can be exploited to e.g. read arbitrary local files from the local file system. Successful exploitation allows to gain root privileges. The vulnerability is reported in 8.4.0. Other versions may also be affected. SOLUTION: Update to version 8.4.0b. PROVIDED AND/OR DISCOVERED BY: Ben Nell, Foreground Security OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 14:23:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 23:23:32 +0200 Subject: [SEC] [SA41444] IBM DB2 Two Security Issues Message-ID: <201009172123.o8HLNWQP014488@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM DB2 Two Security Issues SECUNIA ADVISORY ID: SA41444 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41444/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41444 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41444/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41444/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41444 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two security issues have been reported in IBM DB2, which can be exploited by malicious users to bypass certain security restrictions. 1) A security issue is caused due to an error in the application while revoking privileges on a database object from the "PUBLIC" group, which does not mark the dependent functions as "INVALID". This can lead to users with execute privileges on the functions still being able to call them successfully. 2) An error in the application while compiling a compound SQL statement with an "update" statement can be exploited by an unprivileged user to execute the query from the dynamic SQL cache. The security issues are reported in IBM DB2 9.7 prior to Fix Pack 3 running on AIX, HP-UX, Linux, Solaris, and Windows. SOLUTION: Update to version 9.7 Fix Pack 3. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IC68015 and IC70406): http://www.ibm.com/support/docview.wss?uid=swg21446455 http://www.ibm.com/support/docview.wss?uid=swg1IC68015 http://www.ibm.com/support/docview.wss?uid=swg1IC70406 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 14:44:55 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Sep 2010 23:44:55 +0200 Subject: [SEC] [SA41442] UseBB Forum Feed and Topic Feed Security Bypass Message-ID: <201009172144.o8HLitbu002927@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: UseBB Forum Feed and Topic Feed Security Bypass SECUNIA ADVISORY ID: SA41442 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41442/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41442 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41442/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41442/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41442 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in UseBB, which can be exploited by malicious people to bypass certain security restrictions. The application incorrectly enforces access permissions to forum and topic feeds. This can be exploited to gain access to restricted forum and feed content. The vulnerability is reported in versions prior to 1.0.11. SOLUTION: Update to version 1.0.11. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.usebb.net/community/topic-2495.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 15:13:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Sep 2010 00:13:01 +0200 Subject: [SEC] [SA41496] Axous Cross-Site Request Forgery Vulnerability Message-ID: <201009172213.o8HMD17i024211@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Axous Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41496 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41496/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41496 RELEASE DATE: 2010-09-17 DISCUSS ADVISORY: http://secunia.com/advisories/41496/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41496/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41496 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: John Leitch has discovered a vulnerability in Axous, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add a new administrative user by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 1.01. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: John Leitch ORIGINAL ADVISORY: John Leitch: http://www.johnleitch.net/Vulnerabilities/Axous.1.01.Cross-site.Request.Forgery/39 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 15:46:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Sep 2010 00:46:39 +0200 Subject: [SEC] [SA41438] BlueCMS Database Backup Disclosure Security Issue Message-ID: <201009172246.o8HMkdPQ013222@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: BlueCMS Database Backup Disclosure Security Issue SECUNIA ADVISORY ID: SA41438 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41438/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41438 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41438/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41438/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41438 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in BlueCMS, which can be exploited by malicious people to disclose sensitive information. The application stores database backups with a predictable file name inside the web root, which can be exploited to disclose sensitive information by downloading the file. The security issue is reported in version 1.6. Other versions may also be affected. SOLUTION: Restrict access to the backup directory (e.g. via ".htaccess"). PROVIDED AND/OR DISCOVERED BY: Wolves Security Team ORIGINAL ADVISORY: http://bbs.wolvez.org/viewtopic.php?id=149 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 16:12:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Sep 2010 01:12:37 +0200 Subject: [SEC] [SA41391] Nagios XI "grab_request_var()" Cross-Site Scripting Vulnerability Message-ID: <201009172312.o8HNCb0a001853@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Nagios XI "grab_request_var()" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41391 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41391/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41391 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41391/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41391/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41391 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered a vulnerability in Nagios XI, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via various parameters to multiple scripts e.g. via the "sortby", "sortorder", "search", "records", and "page" parameters to admin/users.php is not properly sanitised by the "grab_request_var()" function in includes/utils.inc.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website. The vulnerability is confirmed in version 2009R1.3B. Prior versions may also be affected. SOLUTION: Update to version 2009R1.3C. PROVIDED AND/OR DISCOVERED BY: Secunia Research ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2010-115/ Nagios XI: http://assets.nagios.com/downloads/nagiosxi/CHANGES.TXT OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 16:44:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Sep 2010 01:44:52 +0200 Subject: [SEC] [SA41466] SCADA Engine BACnet OPC Client Buffer Overflow Vulnerability Message-ID: <201009172344.o8HNiqb1023257@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SCADA Engine BACnet OPC Client Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41466 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41466/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41466 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41466/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41466/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41466 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SCADA Engine BACnet OPC Client, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in WTclient.dll when preparing a status log message, which can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted *.csv file. The vulnerability is confirmed in version 1.0.24. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Jeremy Brown OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 17:12:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Sep 2010 02:12:08 +0200 Subject: [SEC] [SA41499] Debian update for samba Message-ID: <201009180012.o8I0C83w011989@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for samba SECUNIA ADVISORY ID: SA41499 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41499/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41499 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41499/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41499/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41499 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA41354 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2109-1: http://lists.debian.org/debian-security-announce/2010/msg00157.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 17:44:54 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Sep 2010 02:44:54 +0200 Subject: [SEC] [SA41500] HP-UX update for BIND Message-ID: <201009180044.o8I0ishh000905@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP-UX update for BIND SECUNIA ADVISORY ID: SA41500 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41500/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41500 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41500/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41500/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41500 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for BIND. This fixes some vulnerabilities, which can be exploited by malicious people to poison the DNS cache. For more information: SA38219 The vulnerabilities are reported in HP-UX B.11.11, B.11.23, and B.11.31 running BIND v9.3.2 or BIND v9.2.0. SOLUTION: Apply the updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: HPSBUX02546 SSRT100159: http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02263226 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 18:09:50 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Sep 2010 03:09:50 +0200 Subject: [SEC] [SA41477] Fedora update for squid Message-ID: <201009180109.o8I19omK021992@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for squid SECUNIA ADVISORY ID: SA41477 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41477/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41477 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41477/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41477/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41477 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for squid. This fixes a vulnerability, which an be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA41298 SOLUTION: Apply updated packages using the yum utility ("yum update squid"). ORIGINAL ADVISORY: FEDORA-2010-14236: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047820.html FEDORA-2010-14222: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047787.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 17 18:23:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Sep 2010 03:23:51 +0200 Subject: [SEC] [SA41435] Adobe Reader/Acrobat Flash Player Unspecified Code Execution Vulnerability Message-ID: <201009180123.o8I1NpT4010125@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Adobe Reader/Acrobat Flash Player Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA41435 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41435/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41435 RELEASE DATE: 2010-09-18 DISCUSS ADVISORY: http://secunia.com/advisories/41435/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41435/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41435 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of Adobe Flash Player. For more information: SA41434 The vulnerability is reported in version 9.3.4 and earlier. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day in Flash Player. ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa10-03.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 10:28:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Sep 2010 19:28:06 +0200 Subject: [SEC] [SA41504] Sun Solaris Adobe Flash Player "newfunction" Vulnerability Message-ID: <201009201728.o8KHS6bh026710@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Sun Solaris Adobe Flash Player "newfunction" Vulnerability SECUNIA ADVISORY ID: SA41504 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41504/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41504 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41504/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41504/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41504 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a user's system. For more information see vulnerability #1: SA40026 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2010_1297_arbitrary_code OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 11:27:46 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Sep 2010 20:27:46 +0200 Subject: [SEC] [SA41470] Novell PlateSpin Orchestrate Graph Rendering Component Vulnerability Message-ID: <201009201827.o8KIRktN016895@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Novell PlateSpin Orchestrate Graph Rendering Component Vulnerability SECUNIA ADVISORY ID: SA41470 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41470/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41470 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41470/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41470/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41470 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell PlateSpin Orchestrate, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input validation error when rendering graphs and can be exploited to pass arbitrary arguments to the graph rendering tool. Successful exploitation allows execution of arbitrary code in the context of the graph component. SOLUTION: Apply the vendor patch. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1c239c43f521145fa8385d64a9c32243, reported via ZDI ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-10-178/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 12:28:12 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Sep 2010 21:28:12 +0200 Subject: [SEC] [SA41535] Wireshark BER Dissector Denial of Service Vulnerability Message-ID: <201009201928.o8KJSCJl007154@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Wireshark BER Dissector Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41535 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41535/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41535 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41535/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41535/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41535 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an infinite recursion error in the "dissect_unknown_ber()" function in epan/dissectors/packet-ber.c and can be exploited to cause a stack overflow e.g. via a specially crafted SNMP packet. The vulnerability is confirmed in version 1.4.0. Other versions may also be affected. SOLUTION: No workaround is currently known. PROVIDED AND/OR DISCOVERED BY: NCNIPC penetration test team ORIGINAL ADVISORY: NCNIPC: http://archives.neohapsis.com/archives/bugtraq/2010-09/0088.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 13:28:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Sep 2010 22:28:03 +0200 Subject: [SEC] [SA41520] Syncrify Multiple Security Bypass Vulnerabilities Message-ID: <201009202028.o8KKS3x5029760@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Syncrify Multiple Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA41520 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41520/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41520 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41520/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41520/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41520 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Julien Cayssol has reported some vulnerabilities in Syncrify, which can be exploited by malicious users and malicious people to bypass certain security restrictions. 1) The application does not properly restrict access to the password setup page, which can be exploited to change the administrator's password by accessing a certain page directly. 2) The application does not properly restrict access to the file browsing functionality, which can be exploited to browse a file by accessing a certain page directly. 3) The application does not properly restrict users from downloading files, which can be exploited to download files from the server by accessing a certain page directly. Successful exploitation of this vulnerability requires valid user credentials. The vulnerabilities are reported in version build 415 and prior. SOLUTION: Update to version Version 2.1 build 420. PROVIDED AND/OR DISCOVERED BY: Julien Cayssol ORIGINAL ADVISORY: http://web.synametrics.com/SyncrifyVersionHistory.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 14:22:12 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Sep 2010 23:22:12 +0200 Subject: [SEC] [SA41533] SWiSH Max3 Insecure Library Loading Vulnerability Message-ID: <201009202122.o8KLMC7A019721@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SWiSH Max3 Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41533 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41533/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41533 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41533/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41533/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41533 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SWiSH Max3, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll, SWiSHmax3res.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a SWiSH Movie (.swi) file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.0 Build Date 2009.11.30. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://www.exploit-db.com/dll-hijacking-vulnerable-applications/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 14:43:14 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Sep 2010 23:43:14 +0200 Subject: [SEC] [SA41498] Fotobook Editor Insecure Library Loading Vulnerability Message-ID: <201009202143.o8KLhEDu008191@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fotobook Editor Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41498 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41498/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41498 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41498/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41498/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41498 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Fotobook Editor, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. Fwpuclnt.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a CodedColor Publisher Document (.dtp) file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 5.0 2.8.0.1. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: AntiSecurity ORIGINAL ADVISORY: http://www.exploit-db.com/dll-hijacking-vulnerable-applications/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 15:00:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 00:00:23 +0200 Subject: [SEC] [SA41494] e107 "wmessage.php" and "download.php" SQL Injection Vulnerabilities Message-ID: <201009202200.o8KM0NOY028871@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: e107 "wmessage.php" and "download.php" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41494 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41494/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41494 RELEASE DATE: 2010-09-20 DISCUSS ADVISORY: http://secunia.com/advisories/41494/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41494/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41494 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in e107, which can be exploited by malicious users to conduct SQL injection attacks. 1) Certain input passed via the URL to e107_admin/download.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires "Post download" permissions. 2) Certain input passed via the URL to e107_admin/wmessage.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires "Welcome message" permissions. The vulnerabilities are confirmed in version 0.7.23. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: 1) http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_e107_1.html 2) http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_e107.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 15:24:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 00:24:37 +0200 Subject: [SEC] [SA41518] A-PDF All to MP3 Converter File Processing Buffer Overflow Vulnerability Message-ID: <201009202224.o8KMObla017577@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: A-PDF All to MP3 Converter File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41518 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41518/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41518 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41518/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41518/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41518 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in A-PDF All to MP3 Converter, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing files, which can be exploited to cause a stack-based buffer overflow by e.g tricking a user into processing a specially crafted .wav file. The vulnerability is confirmed in version 1.1.0. Other versions may also be affected. SOLUTION: Do not process untrusted files. PROVIDED AND/OR DISCOVERED BY: modpr0be ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15033/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 15:46:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 00:46:03 +0200 Subject: [SEC] [SA41534] Debian update for squid3 Message-ID: <201009202246.o8KMk3Rf006067@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for squid3 SECUNIA ADVISORY ID: SA41534 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41534/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41534 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41534/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41534/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41534 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for squid3. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA41298 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2111-1: http://lists.debian.org/debian-security-announce/2010/msg00159.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 16:12:03 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 01:12:03 +0200 Subject: [SEC] [SA41476] Ubuntu update for kernel Message-ID: <201009202312.o8KNC3PW027152@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA41476 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41476/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41476 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41476/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41476/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41476 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA41462 Note: This only affects 64bit systems. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-988-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-September/001159.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 16:45:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 01:45:08 +0200 Subject: [SEC] [SA41512] SUSE update for kernel Message-ID: <201009202345.o8KNj8Tb016160@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41512 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41512/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41512 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41512/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41512/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41512 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA40656 SA41055 SA41234 SA41245 SA41284 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:041: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00005.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 17:12:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 02:12:21 +0200 Subject: [SEC] [SA41483] Debian update for linux-2.6 Message-ID: <201009210012.o8L0CLF4004898@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for linux-2.6 SECUNIA ADVISORY ID: SA41483 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41483/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41483 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41483/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41483/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41483 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for linux-2.6. This fixes a weakness and some vulnerabilities, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA41234 SA41462 SA41263 SA41284 1) An error exists within eCryptfs when generating hash values, which can be exploited to e.g. cause a kernel panic or gain escalated privileges. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2110-1: http://lists.debian.org/debian-security-announce/2010/msg00158.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 20 17:44:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 02:44:30 +0200 Subject: [SEC] [SA41409] Microsoft ASP.NET Cryptographic Padding Information Disclosure Message-ID: <201009210044.o8L0iUhY026275@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft ASP.NET Cryptographic Padding Information Disclosure SECUNIA ADVISORY ID: SA41409 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41409/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41409 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41409/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41409/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41409 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an error within ASP.NET in the handling of cryptographic padding when using encryption in CBC mode. This can be exploited to decrypt data, e.g. the View State, via returned error codes from an affected server. Successful exploitation further allows tampering with encrypted data and e.g. downloading arbitrary files from affected systems running ASP.Net 3.5 SP1 or above. The vulnerability is reported in Microsoft .NET Framework 1.0 SP3 through Microsoft .NET Framework 4.0. SOLUTION: The vendor recommends enabling ASP.NET custom errors and map all error codes to the same error page to block known attack vectors (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Juliano Rizzo ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/2416728.mspx http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 10:29:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 19:29:26 +0200 Subject: [SEC] [SA41475] Digital Workroom "goback" Cross-Site Scripting Vulnerability Message-ID: <201009211729.o8LHTQt1012486@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Digital Workroom "goback" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41475 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41475/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41475 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41475/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41475/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41475 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Digital Workroom, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "goback" parameter to netautor/napro4/home/login2.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 5.3.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Lab ORIGINAL ADVISORY: ZSL-2010-4964: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4964.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 11:29:48 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 20:29:48 +0200 Subject: [SEC] [SA41526] Red Hat update for flash-plugin Message-ID: <201009211829.o8LITmFf002696@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA41526 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41526/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41526 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41526/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41526/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41526 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA41434 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0706-1: https://rhn.redhat.com/errata/RHSA-2010-0706.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 12:29:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 21:29:28 +0200 Subject: [SEC] [SA41537] Qt Insecure Library Loading Vulnerability Message-ID: <201009211929.o8LJTSHD025339@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Qt Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41537 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41537/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41537 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41537/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41537/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41537 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Qt, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the "QLibrary::resolve()" method in QtCore4.dll loading libraries (e.g. wintab32.dll and dwmapi.dll in QtGui4.dll) in an insecure manner. This can be exploited to load arbitrary libraries when an application using this library e.g. opens a file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 4.6.3. Other versions may also be affected. SOLUTION: Do not open untrusted files with an application using this library. PROVIDED AND/OR DISCOVERED BY: Reported by various people in a number of applications bundling vulnerable versions of Qt. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 13:29:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 22:29:21 +0200 Subject: [SEC] [SA41529] SUSE update for Multiple Packages Message-ID: <201009212029.o8LKTLDj015561@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for Multiple Packages SECUNIA ADVISORY ID: SA41529 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41529/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41529 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41529/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41529/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41529 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for multiple packages. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and bypass certain security restrictions, by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system, and by malicious people to bypass certain security restrictions, manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system. For more information: SA35500 SA37255 SA38930 SA39142 SA39529 SA39573 SA39574 SA39675 SA40028 SA40268 SA40302 SA40485 SA40723 SA40758 SA40759 SA41316 SA41462 SOLUTION: Apply updated packages using YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SR:2010:017: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 14:23:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 23:23:31 +0200 Subject: [SEC] [SA41521] Hitachi Groupmax Multiple Vulnerabilities Message-ID: <201009212123.o8LLNVme005524@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Hitachi Groupmax Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41521 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41521/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41521 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41521/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41521/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41521 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Hitachi Groupmax, which can be exploited by malicious people to manipulate certain data or cause a DoS (Denial of Service). The vulnerabilities are caused due to unspecified errors in the Groupmax Scheduler Server and Groupmax Facilities Manager components. No further information is currently available. Please see the vendor's advisory for the list of affected products. SOLUTION: Apply patches. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (HS10-026): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-026/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 14:44:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Sep 2010 23:44:22 +0200 Subject: [SEC] [SA41508] Alcatel-Lucent OmniVista 4760 HTTP Proxy Buffer Overflow Vulnerability Message-ID: <201009212144.o8LLiMgW026392@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Alcatel-Lucent OmniVista 4760 HTTP Proxy Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41508 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41508/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41508 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41508/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41508/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41508 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Alcatel-Lucent OmniVista 4760, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the HTTP proxy when processing certain requests. This can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request. The vulnerability is reported in version prior to R5.1.06.03.c_Patch3. SOLUTION: Update to version R5.1.06.03.c_Patch3. PROVIDED AND/OR DISCOVERED BY: Axel Rengstorf, Bluebox Security and Dirk Breiden and Florian Walther, n.runs. ORIGINAL ADVISORY: n.runs: http://www.nruns.com/_downloads/nruns-SA-2010-002.pdf Alcatel-Lucent: http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2010002.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 15:12:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 00:12:17 +0200 Subject: [SEC] [SA41509] Alcatel-Lucent OmniTouch Contact Center Standard Edition Authentication Security Bypass Message-ID: <201009212212.o8LMCHLP015287@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Alcatel-Lucent OmniTouch Contact Center Standard Edition Authentication Security Bypass SECUNIA ADVISORY ID: SA41509 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41509/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41509 RELEASE DATE: 2010-09-21 DISCUSS ADVISORY: http://secunia.com/advisories/41509/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41509/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41509 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Alcatel-Lucent OmniTouch Contact Center Standard Edition, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the TSA server, which allows unrestricted access to the administrative interface via the "Tsa_Maintainance.exe" utility. The vulnerability is reported in versions prior to 9.0.8.4. SOLUTION: Update to version 9.0.8.4. PROVIDED AND/OR DISCOVERED BY: Axel Rengstorf, Bluebox Security and Florian Walther, n.runs. ORIGINAL ADVISORY: Alcatel-Lucent: http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2010001.pdf n.runs: http://www.nruns.com/_downloads/nruns-SA-2010-001.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 15:46:57 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 00:46:57 +0200 Subject: [SEC] [SA41547] Alcatel-Lucent OmniTouch Contact Center Standard Edition Password Disclosure Message-ID: <201009212246.o8LMkvTL004364@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Alcatel-Lucent OmniTouch Contact Center Standard Edition Password Disclosure SECUNIA ADVISORY ID: SA41547 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41547/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41547 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41547/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41547/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41547 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Alcatel-Lucent OmniTouch Contact Center Standard Edition, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an improper authentication mechanism, which sends the credentials to the client side for authentication and can be exploited to disclose e.g. the administrative password. The vulnerability is reported in versions 9.0.8.4 and prior. SOLUTION: Grant access from trusted networks only. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Axel Rengstorf, Bluebox Security and Florian Walther, n.runs. ORIGINAL ADVISORY: Alcatel-Lucent: http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2010001.pdf n.runs: http://www.nruns.com/_downloads/nruns-SA-2010-001.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 16:12:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 01:12:58 +0200 Subject: [SEC] [SA41524] Hitachi JP1/Remote Control Agent Security Bypass Vulnerability Message-ID: <201009212312.o8LNCwRw025474@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Hitachi JP1/Remote Control Agent Security Bypass Vulnerability SECUNIA ADVISORY ID: SA41524 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41524/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41524 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41524/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41524/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41524 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in JP1/Remote Control Agent, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an unspecified error in the file transfer feature and can be exploited to bypass authentication. Please see the vendor's advisory for the list of affected products. SOLUTION: Apply patches. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (HS10-025): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS10-025/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 16:48:05 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 01:48:05 +0200 Subject: [SEC] [SA41517] Red Hat update for kernel Message-ID: <201009212348.o8LNm5xe014594@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA41517 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41517/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41517 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41517/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41517/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41517 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA41462 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010-0704: https://rhn.redhat.com/errata/RHSA-2010-0704.html RHSA-2010-0705: https://rhn.redhat.com/errata/RHSA-2010-0705.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 17:13:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 02:13:19 +0200 Subject: [SEC] [SA41485] SmarterMail Cross-Site Scripting Vulnerabilities Message-ID: <201009220013.o8M0DJhq003253@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SmarterMail Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA41485 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41485/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41485 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41485/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41485/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41485 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: David Hoyt has discovered some vulnerabilities in SmarterMail, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed e.g. via the "url" parameter to UserControls/Popups/frmHelp.aspx, the "folder" parameter to UserControls/Popups/frmDeleteConfirm.aspx, the "editfolder" parameter to UserControls/Popups/frmEventGroup.aspx, the "deletefolder" parameter to UserControls/Popups/frmEventGroup.aspx, and the "bygroup" parameter to Main/Alerts/frmAlerts.aspx is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 7.1.3876. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: David Hoyt ORIGINAL ADVISORY: http://cloudscan.blogspot.com/2010/09/vendorsmarterstats-bugs-cross-site.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 17:45:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 02:45:31 +0200 Subject: [SEC] [SA41514] Red Hat update for bzip2 Message-ID: <201009220045.o8M0jVxR024664@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for bzip2 SECUNIA ADVISORY ID: SA41514 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41514/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41514 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41514/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41514/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41514 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA41452 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0703-1: http://rhn.redhat.com/errata/RHSA-2010-0703.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 18:10:47 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 03:10:47 +0200 Subject: [SEC] [SA41538] YelloSoft Pinky Directory Traversal Vulnerability Message-ID: <201009220110.o8M1AlZM013336@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: YelloSoft Pinky Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA41538 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41538/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41538 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41538/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41538/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41538 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: John Leitch has discovered a vulnerability in YelloSoft Pinky, which can be exploited by malicious people to disclose sensitive information. Input passed via the URL is not properly verified before being used to read files. This can be exploited to download arbitrary files via directory traversal attacks. The vulnerability is confirmed in version 1.0 running on Windows. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: John Leitch ORIGINAL ADVISORY: John Leitch: http://www.johnleitch.net/Vulnerabilities/Pinky.1.0.Directory.Traversal/42 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 18:45:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 03:45:32 +0200 Subject: [SEC] [SA41495] FreeBSD update for bzip2 Message-ID: <201009220145.o8M1jWND002387@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: FreeBSD update for bzip2 SECUNIA ADVISORY ID: SA41495 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41495/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41495 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41495/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41495/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41495 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: FreeBSD has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA41452 SOLUTION: Update FreeBSD or apply the patch. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: FreeBSD-SA-10:08: http://security.freebsd.org/advisories/FreeBSD-SA-10:08.bzip2.asc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 19:17:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 04:17:51 +0200 Subject: [SEC] [SA41540] Fedora update for couchdb Message-ID: <201009220217.o8M2HpBx024300@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for couchdb SECUNIA ADVISORY ID: SA41540 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41540/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41540 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41540/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41540/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41540 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for couchdb. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges and a vulnerability, which can be exploited by malicious people to conduct cross-site request forgery attacks. For more information: SA40998 SA41383 SOLUTION: Apply updated packages using the yum utility ("yum update couchdb"). ORIGINAL ADVISORY: FEDORA-2010-13665: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047951.html FEDORA-2010-13640: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047983.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 19:44:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 04:44:51 +0200 Subject: [SEC] [SA41511] Debian update for bzip2 Message-ID: <201009220244.o8M2ipQd013057@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for bzip2 SECUNIA ADVISORY ID: SA41511 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41511/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41511 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41511/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41511/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41511 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA41452 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2112-1: http://www.debian.org/security/2010/dsa-2112 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 20:09:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 05:09:37 +0200 Subject: [SEC] [SA41515] Primitive CMS "cms_write.php" Security Bypass Vulnerability Message-ID: <201009220309.o8M39bTf001645@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Primitive CMS "cms_write.php" Security Bypass Vulnerability SECUNIA ADVISORY ID: SA41515 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41515/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41515 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41515/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41515/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41515 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Primitive CMS, which can be exploited by malicious people to bypass certain security restrictions. The application does not properly restrict access to the cms_write.php script, which can be exploited create arbitrary entries by accessing the page directly. The vulnerability is confirmed in version 1.0.9. Other versions may also be affected. SOLUTION: Restrict access to the cms_write.php script (e.g. via ".htaccess"). PROVIDED AND/OR DISCOVERED BY: Stephan Sattler OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 20:23:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 05:23:40 +0200 Subject: [SEC] [SA41525] Microsoft Windows Unspecified Privilege Escalation Vulnerability Message-ID: <201009220323.o8M3Nepk022268@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows Unspecified Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA41525 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41525/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41525 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41525/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41525/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41525 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an unspecified error. No more information is currently available. The following versions are reportedly affected: * Windows Vista SP1 / SP2 * Windows Vista x64 Edition SP1 / SP2 * Windows Server 2008 for 32-bit Systems SP1 / SP2 * Windows Server 2008 x64 Edition SP1 / SP2 * Windows Server 2008 for x64-based Systems (optionally with SP2) * Windows Server 2008 for Itanium-based Systems (optionally with SP2) NOTE: The vulnerability is currently being actively exploited. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 20:44:44 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 05:44:44 +0200 Subject: [SEC] [SA41471] Microsoft Windows Unspecified Privilege Escalation Vulnerability Message-ID: <201009220344.o8M3iikm010749@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Microsoft Windows Unspecified Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA41471 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41471/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41471 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41471/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41471/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41471 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an unspecified error. No more information is currently available. The following versions are reportedly affected: * Windows XP SP3 * Windows XP Professional x64 Edition SP2 NOTE: The vulnerability is currently being actively exploited. SOLUTION: Grant only trusted users access to affected systems. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 21:10:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 06:10:21 +0200 Subject: [SEC] [SA41516] Slackware update for bzip2 Message-ID: <201009220410.o8M4ALeg031839@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Slackware update for bzip2 SECUNIA ADVISORY ID: SA41516 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41516/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41516 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41516/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41516/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41516 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA41452 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SSA:2010-263-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.600240 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 21:23:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 06:23:24 +0200 Subject: [SEC] [SA41506] Ubuntu update for php5 Message-ID: <201009220423.o8M4NOFY019954@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for php5 SECUNIA ADVISORY ID: SA41506 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41506/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41506 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41506/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41506/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41506 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for php5. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA38708 SA38930 SA39573 SA39675 SA40268 SA40860 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-989-1: http://www.ubuntu.com/usn/usn-989-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 21:44:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 06:44:25 +0200 Subject: [SEC] [SA41502] LightNEasy "handle" and "userhandle" SQL Injection Vulnerabilities Message-ID: <201009220444.o8M4iPCe008422@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: LightNEasy "handle" and "userhandle" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41502 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41502/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41502 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41502/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41502/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41502 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in LightNEasy, which can be exploited by malicious people to conduct SQL injection attacks. 1) Input passed via the "handle" parameter through LightNEasy.php to LightNEasy/common.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via the "userhandle" cookie through LightNEasy.php to LightNEasy/common.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 3.2.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: 1) Stephan Sattler, solidmedia.de 2) Lord Snapcase ORIGINAL ADVISORY: 1) http://www.exploit-db.com/exploits/15060/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 21 22:09:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 07:09:31 +0200 Subject: [SEC] [SA41522] Apple Mac OS X AFP Server Security Bypass Message-ID: <201009220509.o8M59VUY029486@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Apple Mac OS X AFP Server Security Bypass SECUNIA ADVISORY ID: SA41522 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41522/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41522 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41522/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41522/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41522 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has issued a security update for Mac OS X. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an unspecified error in AFP Server when validating passwords and can be exploited to access shared folders. Successful exploitation requires knowledge of a valid account name and "File Sharing" to be enabled (disabled by default). The vulnerability is reported in version 10.6 for Mac OS X and Mac OS X Server. SOLUTION: Apply Security Update 2010-006. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://support.apple.com/kb/HT4361 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 10:29:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 19:29:36 +0200 Subject: [SEC] [SA41530] TYPO3 powermail Extension Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201009221729.o8MHTa57017939@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: TYPO3 powermail Extension Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41530 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41530/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41530 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41530/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41530/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41530 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in the powermail extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions prior to 1.5.4. SOLUTION: Update to version 1.5.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits Cedric Tissieres. ORIGINAL ADVISORY: TYPO3-SA-2010-019: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-019/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 11:29:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 20:29:51 +0200 Subject: [SEC] [SA41519] MultiMedia Soft Various Components PLS Parsing Buffer Overflow Vulnerabilities Message-ID: <201009221829.o8MITpM3008190@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MultiMedia Soft Various Components PLS Parsing Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA41519 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41519/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41519 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41519/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41519/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41519 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in various MultiMedia Soft components for .NET, which potentially can be exploited by malicious people to compromise an application using these components. 1) A boundary error exists within AdjMmsEng.dll when processing PLS files, which can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted PLS file in an application using the component. 2) Another boundary error exists within AdjMmsEng.dll when processing PLS files, which can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted PLS file in an application using the component. The vulnerabilities are confirmed in Audio DJ Studio for .NET version 4.5 and Audio Sound Suite for .NET 2010 (both containing AdjMmsEng.dll version 8.2.0.5). Other versions and the 64bit version may also be affected. SOLUTION: Do not open untrusted playlist files in applications using the components. PROVIDED AND/OR DISCOVERED BY: 1) Reported as a vulnerability in DJ Studio Pro by Abhishek Lyall 2) Lord Winder OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 12:29:28 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 21:29:28 +0200 Subject: [SEC] [SA41564] DJ Studio Pro PLS Parsing Buffer Overflow Vulnerabilities Message-ID: <201009221929.o8MJTSfg030789@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: DJ Studio Pro PLS Parsing Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA41564 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41564/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41564 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41564/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41564/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41564 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in DJ Studio Pro, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to the use of a vulnerable version of a MultiMedia Soft component. For more information: SA41519 The vulnerabilities are confirmed in version 8.1.3.2.1. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Abhishek Lyall and Lord Winder ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15031/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 13:29:34 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 22:29:34 +0200 Subject: [SEC] [SA41561] CollabNet Subversion Edge Log View Script Insertion Vulnerability Message-ID: <201009222029.o8MKTYPQ021012@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: CollabNet Subversion Edge Log View Script Insertion Vulnerability SECUNIA ADVISORY ID: SA41561 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41561/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41561 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41561/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41561/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41561 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sumit Kumar Soni has reported a vulnerability in CollabNet Subversion Edge, which can be exploited by malicious people to conduct script insertion attacks. Certain input passed via the URL is not properly sanitised before being displayed to the administrator while viewing logs. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is reported in versions prior to 1.2.1. SOLUTION: Update to version 1.2.1. PROVIDED AND/OR DISCOVERED BY: Sumit Kumar Soni ORIGINAL ADVISORY: CollabNet: https://ctf.open.collab.net/sf/wiki/do/viewPage/projects.svnedge/wiki/Release_1.2.1 https://ctf.open.collab.net/sf/sfmain/do/go/artf5016 Sumit Kumar Soni: http://voidroot.blogspot.com/2010/09/collabnet-subversion-edge-log-parser.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 14:23:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 23:23:21 +0200 Subject: [SEC] [SA41497] Agrin All DVD Ripper Insecure Library Loading Vulnerability Message-ID: <201009222123.o8MLNLdF010979@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Agrin All DVD Ripper Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41497 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41497/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41497 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41497/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41497/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41497 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Agrin All DVD Ripper, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wnaspi32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a IFO file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are opened via the Windows Explorer "Open With" menu. The vulnerability is confirmed in version 4.0. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://www.exploit-db.com/dll-hijacking-vulnerable-applications/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 14:44:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Sep 2010 23:44:29 +0200 Subject: [SEC] [SA41527] SnowFox Total Video Converter Insecure Library Loading Vulnerability Message-ID: <201009222144.o8MLiT3f031848@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SnowFox Total Video Converter Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41527 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41527/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41527 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41527/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41527/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41527 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SnowFox Total Video Converter, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a AVI file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are opened via the Windows Explorer "Open With" menu. The vulnerability is confirmed in version 2.5.1. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://www.exploit-db.com/dll-hijacking-vulnerable-applications/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 15:13:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 00:13:39 +0200 Subject: [SEC] [SA41493] Linux Kernel "rose_bind()" and "rose_connect()" Signedness Vulnerabilities Message-ID: <201009222213.o8MMDdsU020784@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel "rose_bind()" and "rose_connect()" Signedness Vulnerabilities SECUNIA ADVISORY ID: SA41493 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41493/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41493 RELEASE DATE: 2010-09-22 DISCUSS ADVISORY: http://secunia.com/advisories/41493/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41493/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41493 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerabilities are caused due to signedness errors within the "rose_bind()" and "rose_connect()" functions in net/rose/af_rose.c, which can be exploited to bypass boundary checks and e.g. cause a memory corruption via the "rose_getname()" function. Successful exploitation may require that a ROSE device is present. SOLUTION: Fixed in David S. Miller's net-2.6 GIT repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2010/09/21/1 http://marc.info/?l=linux-netdev&m=128502238927086&w=2 http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commitdiff;h=9828e6e6e3f19efcb476c567b9999891d051f52f OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 15:47:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 00:47:08 +0200 Subject: [SEC] [SA41532] Ubuntu update for openssl Message-ID: <201009222247.o8MMl82M009810@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for openssl SECUNIA ADVISORY ID: SA41532 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41532/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41532 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41532/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41532/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41532 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA37291 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-990-1: http://www.ubuntu.com/usn/usn-990-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 16:13:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 01:13:15 +0200 Subject: [SEC] [SA41544] Gentoo update for libxml2 Message-ID: <201009222313.o8MNDFh4030915@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo update for libxml2 SECUNIA ADVISORY ID: SA41544 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41544/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41544 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41544/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41544/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41544 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for libxml2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA36207 SOLUTION: Update to version "dev-libs/libxml2-2.7.3-r2" or later. ORIGINAL ADVISORY: GLSA-201009-07 http://www.gentoo.org/security/en/glsa/glsa-201009-07.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 16:47:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 01:47:36 +0200 Subject: [SEC] [SA41545] Gentoo python-updater Insecure Python Module Search Path Security Issue Message-ID: <201009222347.o8MNlapx019976@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo python-updater Insecure Python Module Search Path Security Issue SECUNIA ADVISORY ID: SA41545 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41545/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41545 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41545/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41545/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41545 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has acknowledged a security issue in python-updater, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the python-updater script including the current working directory into the module search path. This can be exploited by placing a malicious module into a directory (e.g. "/tmp") and then tricking the administrator into using the script in the same directory. SOLUTION: Update to version "app-admin/python-updater-0.7-r1" or later. PROVIDED AND/OR DISCOVERED BY: Robert Buchholz, Gentoo Security Team ORIGINAL ADVISORY: GLSA-201009-08: http://www.gentoo.org/security/en/glsa/glsa-201009-08.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 17:13:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 02:13:06 +0200 Subject: [SEC] [SA41541] Fedora update for kernel Message-ID: <201009230013.o8N0D6Et008665@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA41541 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41541/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41541 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41541/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41541/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41541 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA41234 SA41462 SA41263 SA41284 SOLUTION: Apply updated packages using the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2010-14878: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047965.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 17:45:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 02:45:45 +0200 Subject: [SEC] [SA41548] Qt Creator Insecure Library Loading Vulnerability Message-ID: <201009230045.o8N0jjep030050@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Qt Creator Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41548 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41548/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41548 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41548/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41548/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41548 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Qt Creator, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the Qt library, which loads libraries (e.g. wintab32.dll and dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening PRO or UI file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are opened via the Windows Explorer "Open With" menu. For more information: SA41537 The vulnerability is confirmed in version 2.0.1. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Mister Teatime OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 18:10:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 03:10:29 +0200 Subject: [SEC] [SA41542] Ubuntu update for apache2 Message-ID: <201009230110.o8N1ATcY018694@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for apache2 SECUNIA ADVISORY ID: SA41542 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41542/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41542 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41542/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41542/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41542 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for apache2. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA37291 SA37430 SA41532 NOTE: This update adds the "SSLInsecureRenegotiation" configuration directive, which allows insecure TLS/SSL renegotiation when enabled. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-990-2: http://www.ubuntu.com/usn/usn-990-2 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 18:25:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 03:25:11 +0200 Subject: [SEC] [SA41550] Acoustica Audio Converter Pro M3U Playlist Processing Buffer Overflow Message-ID: <201009230125.o8N1PB9W006874@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Acoustica Audio Converter Pro M3U Playlist Processing Buffer Overflow SECUNIA ADVISORY ID: SA41550 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41550/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41550 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41550/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41550/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41550 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Acoustica Audio Converter Pro, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error within sndengine.dll when processing M3U playlist files and can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into converting from a malicious M3U playlist file. The vulnerability is confirmed in version 1.1 b25. Other versions may also be affected. SOLUTION: Do not use untrusted files. PROVIDED AND/OR DISCOVERED BY: Carlos Mario Penagos Hollmann a.k.a Elvenking ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15069/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 18:45:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 03:45:11 +0200 Subject: [SEC] [SA41523] Plesk Sitebuilder Multiple Vulnerabilities Message-ID: <201009230145.o8N1jBpo027695@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Plesk Sitebuilder Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41523 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41523/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41523 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41523/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41523/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41523 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Plesk Sitebuilder, where some have an unknown impact and others can be exploited by malicious users to conduct script insertion attacks. 1) Certain input passed via the Wizard when creating a site is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) Other vulnerabilities with an unknown impact have also been reported. No further details are currently available. The vulnerabilities are reported in versions prior to 4.5.8 for Linux/Unix. SOLUTION: Update to version 4.5.8 for Linux/Unix. PROVIDED AND/OR DISCOVERED BY: 1) Sid3^effects 2) Reported by the vendor. ORIGINAL ADVISORY: Parallels: http://autoinstall.plesk.com/SiteBuilder/SiteBuilder_4.5.0/autoupdate/patches/sitebuilder-4.5.8_build2010090700_linux.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 19:15:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 04:15:40 +0200 Subject: [SEC] [SA41563] Fedora update for kernel Message-ID: <201009230215.o8N2Fehh017086@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA41563 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41563/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41563 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41563/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41563/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41563 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA41234 SA41462 SA41263 SA41284 SOLUTION: Apply updated packages using the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2010-14890: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047943.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 19:45:42 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 04:45:42 +0200 Subject: [SEC] [SA41507] Ubuntu update for dpkg Message-ID: <201009230245.o8N2jgiZ005944@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for dpkg SECUNIA ADVISORY ID: SA41507 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41507/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41507 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41507/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41507/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41507 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for dpkg. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA41452 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-986-3: http://www.ubuntu.com/usn/usn-986-3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 20:10:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 05:10:45 +0200 Subject: [SEC] [SA41510] Debian update for drupal6 Message-ID: <201009230310.o8N3AjOf027004@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for drupal6 SECUNIA ADVISORY ID: SA41510 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41510/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41510 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41510/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41510/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41510 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for drupal6. This fixes a weakness and some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious users and malicious people to bypass certain security restrictions. For more information: SA40930 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2113-1: http://www.debian.org/security/2010/dsa-2113 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 20:45:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 05:45:18 +0200 Subject: [SEC] [SA41486] Ubuntu update for bzip2 Message-ID: <201009230345.o8N3jIJ7016086@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for bzip2 SECUNIA ADVISORY ID: SA41486 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41486/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41486 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41486/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41486/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41486 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA41452 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-986-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 21:10:48 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 06:10:48 +0200 Subject: [SEC] [SA41503] ClamAV bzip2 Integer Overflow Vulnerability Message-ID: <201009230410.o8N4AmX0004755@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: ClamAV bzip2 Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA41503 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41503/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41503 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41503/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41503/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41503 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable bzip2 code. For more information: SA41452 SOLUTION: Update to version 0.96.3. PROVIDED AND/OR DISCOVERED BY: Reported in bzip2 by Mikolaj Izdebski. ORIGINAL ADVISORY: http://lurker.clamav.net/message/20100920.182819.5c96ca5c.en.html http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.96.3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 21:45:13 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 06:45:13 +0200 Subject: [SEC] [SA41505] Ubuntu update for clamav Message-ID: <201009230445.o8N4jD8k026232@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for clamav SECUNIA ADVISORY ID: SA41505 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41505/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41505 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41505/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41505/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41505 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA41503 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-986-2 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 22 22:10:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 07:10:24 +0200 Subject: [SEC] [SA41452] bzip2 "BZ_decompress" Integer Overflow Vulnerability Message-ID: <201009230510.o8N5AOXr014897@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: bzip2 "BZ_decompress" Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA41452 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41452/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41452 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41452/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41452/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41452 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in bzip2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to an integer overflow in the "BZ2_decompress()" function in decompress.c and can be exploited to cause a crash or potentially execute arbitrary code. SOLUTION: Update to version 1.0.6. PROVIDED AND/OR DISCOVERED BY: The vendor credits Mikolaj Izdebski. ORIGINAL ADVISORY: http://www.bzip.org/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 10:30:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 19:30:36 +0200 Subject: [SEC] [SA41572] Sothink SWF Decompiler Insecure Library Loading Vulnerability Message-ID: <201009231730.o8NHUase029522@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Sothink SWF Decompiler Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41572 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41572/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41572 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41572/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41572/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41572 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Sothink SWF Decompiler, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a FLV file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 6.0 Build 610. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://packetstormsecurity.org/1009-exploits/sothinkswf-dllhijack.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 11:31:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 20:31:09 +0200 Subject: [SEC] [SA41570] BSI Hotel Booking System Products "log" and "pwd" SQL Injection Vulnerabilities Message-ID: <201009231831.o8NIV9S5019770@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: BSI Hotel Booking System Products "log" and "pwd" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41570 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41570/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41570 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41570/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41570/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41570 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: K-159 has reported some vulnerabilities in multiple BSI Hotel Booking System Products, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "log" and "pwd" parameters to admin/adminlogin_confirm.asp is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow bypassing the authentication mechanism. The vulnerabilities are reported in the following products: * BSI Hotel Booking System version 1.4 * BSI Advance Hotel Booking System version 2.0 SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: K-159 ORIGINAL ADVISORY: http://e-rdc.org/v1/news.php?readmore=165 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 12:32:49 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 21:32:49 +0200 Subject: [SEC] [SA41513] Cisco IOS H.323 Two Denial of Service Vulnerabilities Message-ID: <201009231932.o8NJWncu010064@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS H.323 Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41513 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41513/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41513 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41513/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41513/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41513 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error when processing certain unspecified H.323 traffic can be exploited to cause a device to reload. 2) An error when processing specially crafted H.323 packets can be exploited to cause a device to reload. Successful exploitation of these vulnerabilities requires a TCP three-way handshake. The vulnerabilities are reported in Cisco IOS Software with H.323 voice services enabled (disabled by default). SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-h323: http://www.cisco.com/warp/public/707/cisco-sa-20100922-h323.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 13:30:50 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 22:30:50 +0200 Subject: [SEC] [SA41551] Cisco IOS IGMPv3 Denial of Service Vulnerability Message-ID: <201009232030.o8NKUofI032586@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS IGMPv3 Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41551 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41551/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41551 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41551/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41551/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41551 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling Internet Group Management Protocol (IGMP) version 3 packets and can be exploited via a malformed packet sent to a device's interface. Successful exploitation causes an affected device to reload, but requires an interface to be configured with Protocol Independent Multicast (PIM) mode sparse-dense, sparse, or dense. NOTE: Transit traffic does not trigger the vulnerability. Please see the vendor's advisory for details on affected versions. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported to the vendor by a customer. ORIGINAL ADVISORY: cisco-sa-20100922-igmp: http://www.cisco.com/warp/public/707/cisco-sa-20100922-igmp.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 14:24:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 23:24:32 +0200 Subject: [SEC] [SA41583] Joomla! TimeTrack Component "ct_id" SQL Injection Vulnerability Message-ID: <201009232124.o8NLOWK3022515@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla! TimeTrack Component "ct_id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA41583 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41583 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41583/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41583/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41583 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Salvatore Fresta has discovered a vulnerability in the TimeTrack component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "ct_id" parameter to index.php (when "option" is set to "com_timetrack" and "view" is set to "timetrack") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: Other parameters are reportedly also affected. The vulnerability is confirmed in version 1.2.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Salvatore Fresta ORIGINAL ADVISORY: Salvatore Fresta: http://salvatorefresta.net/files/adv/TimeTrack_1.2.4_Joomla_Component_Multiple_SQL_Injection_Vulnerabilities-22092010.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 14:45:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Sep 2010 23:45:35 +0200 Subject: [SEC] [SA41558] FreePBX SQL Injection Vulnerabilities Message-ID: <201009232145.o8NLjZrN010975@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: FreePBX SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41558 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41558/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41558 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41558/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41558/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41558 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in FreePBX, which can be exploited by malicious users and malicious people to conduct SQL injection attacks. Input passed e.g. via the "src", "dst", and "channel" parameters to admin/config.php when searching for call detail reports is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires administrative privileges, but is also possible via cross-site request forgery attacks. The vulnerabilities are confirmed in version 2.8.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Marsh Ray ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0342.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 15:14:53 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 00:14:53 +0200 Subject: [SEC] [SA41554] Joomla! K2 Component Multiple Script Insertion Vulnerabilities Message-ID: <201009232214.o8NMErHd032305@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla! K2 Component Multiple Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA41554 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41554/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41554 RELEASE DATE: 2010-09-23 DISCUSS ADVISORY: http://secunia.com/advisories/41554/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41554/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41554 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the K2 component for Joomla!, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "Name" and "Website" fields when making a comment is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code which will get executed in a user's browser session when the malicious data is being viewed. The vulnerabilities are reported in versions prior to 2.4. SOLUTION: Update to version 2.4 or greater. PROVIDED AND/OR DISCOVERED BY: Jeff Channel ORIGINAL ADVISORY: Joomlaworks: http://community.getk2.org/profiles/blogs/k2-v24-released http://code.google.com/p/joomlaworks/source/detail?r=557 Jeff Channel: http://jeffchannell.com/Joomla/k2-23-persistent-xss-vulnerability.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 15:47:11 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 00:47:11 +0200 Subject: [SEC] [SA41584] MunSoft Easy Office Recovery Insecure Library Loading Vulnerability Message-ID: <201009232247.o8NMlB1W021259@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MunSoft Easy Office Recovery Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41584 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41584/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41584 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41584/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41584/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41584 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MunSoft Easy Office Recovery, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a DOC, XLS or PPT file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are opened via the Windows Explorer "Open With" menu. The vulnerability is confirmed in version 1.1. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://packetstormsecurity.org/1009-exploits/seasyofficerecovery-dllhijack.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 16:13:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 01:13:09 +0200 Subject: [SEC] [SA41555] @mail Webmail Client "MailType" Cross-Site Scripting Vulnerability Message-ID: <201009232313.o8NND9Tu009953@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: @mail Webmail Client "MailType" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41555 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41555/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41555 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41555/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41555/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41555 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vicente Aguilera Diaz has reported a vulnerability in @mail Webmail Client, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "MailType" parameter to index.php/mail/auth/processlogin (when "mailName", "emailDomain", "cssStyle", "email", "password", and "requestedServer" are set to arbitrary values) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 6.1.9. Other versions may also be affected. SOLUTION: Update to version 6.2.0. PROVIDED AND/OR DISCOVERED BY: Vicente Aguilera Diaz, Internet Security Auditors ORIGINAL ADVISORY: Internet Security Auditors: http://archives.neohapsis.com/archives/bugtraq/2010-09/0170.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 16:45:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 01:45:45 +0200 Subject: [SEC] [SA41560] SkyBlueCanvas Cross-Site Request Forgery Vulnerability Message-ID: <201009232345.o8NNjjam031333@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SkyBlueCanvas Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41560 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41560/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41560 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41560/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41560/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41560 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SkyBlueCanvas, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing proper checks to verify the requests. This can be exploited to e.g. change a user's password or delete messages in the administrative interface by tricking a logged-in user into visiting a malicious website. The vulnerability is confirmed in version 1.1-r248. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Independently discovered by: * Russ McRee, reported via Secunia * Sweet ORIGINAL ADVISORY: HIO-2010-0921: http://holisticinfosec.org/content/view/155/45/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 17:13:16 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 02:13:16 +0200 Subject: [SEC] [SA41557] Drupal Domain Access Module Multiple Vulnerabilities Message-ID: <201009240013.o8O0DGc4020073@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Domain Access Module Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41557 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41557/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41557 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41557/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41557/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41557 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and a vulnerability have been reported in Domain Access module for Drupal, which can be exploited by malicious users to bypass certain security restrictions and conduct script-insertion attacks. 1) The application incorrectly verifies users' permissions when editing sub-domain information. This can be exploited to change certain administrative information despite not having permissions to do so in the primary domain. 2) Input passed via unspecified parameters is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will get executed in a user's browser session when the malicious data is being viewed. Successful exploitation requires "administer domains" privileges. The vulnerability and the security issue are reported in versions prior to 5.x-1.15 and 6.x.2.6. SOLUTION: Update to version 5.x-1.15 or later or version 6.x.2.6 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Sam Oldak * brt * Nirbhasa Magee ORIGINAL ADVISORY: SA-CONTRIB-2010-096: http://drupal.org/node/919916 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 17:45:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 02:45:19 +0200 Subject: [SEC] [SA41576] Drupal Lightbox2 Module Cross-Site Scripting and Security Bypass Vulnerabilities Message-ID: <201009240045.o8O0jJl1009034@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Lightbox2 Module Cross-Site Scripting and Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA41576 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41576/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41576 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41576/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41576/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41576 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Lightbox2 module for Drupal, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks. 1) A vulnerability exists in the access control mechanism for video content and can be exploited to get access to restricted video content. 2) Input passed via unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 5.x-2.10 and 6.x-1.10. SOLUTION: Update to version 5.x-2.10 or later or version 6.x-1.10 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits * mr.baileys, Drupal Security Team * Jakub Suchy, Drupal Security Team * hefox ORIGINAL ADVISORY: SA-CONTRIB-2010-095: http://drupal.org/node/919610 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 18:10:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 03:10:22 +0200 Subject: [SEC] [SA41539] Cisco IOS NAT Implementation Three Denial of Service Vulnerabilities Message-ID: <201009240110.o8O1AMA6030076@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS NAT Implementation Three Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41539 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41539/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41539 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41539/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41539/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41539 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Three vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An unspecified error in the NAT implementation while processing transit SIP packets using the UDP protocol can be exploited to cause a device reload. 2) An unspecified error in the NAT implementation while processing transit H.323 packets can be exploited to cause a device reload. 3) An unspecified error in the NAT implementation while processing transit H.225.0 packets for call signaling H.323 packets can be exploited to cause a device reload. Please see the vendor's advisory for details on affected versions. SOLUTION: Update to a fixed version. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-nat: http://www.cisco.com/warp/public/707/cisco-sa-20100922-nat.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 18:24:50 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 03:24:50 +0200 Subject: [SEC] [SA41593] SUSE update for flash-player Message-ID: <201009240124.o8O1Oog3018239@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for flash-player SECUNIA ADVISORY ID: SA41593 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41593 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41593/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41593/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41593 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA41434 SOLUTION: Apply updated packages via YaST Online Update or SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2010:042: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00007.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 18:45:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 03:45:27 +0200 Subject: [SEC] [SA41566] Drupal Embedded Media Field Module Security Bypass Message-ID: <201009240145.o8O1jRjw006678@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Embedded Media Field Module Security Bypass SECUNIA ADVISORY ID: SA41566 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41566/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41566 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41566/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41566/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41566 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Embedded Media Field module for Drupal, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability exists in the access control mechanism for video content and can be exploited to get access to restricted video content. SOLUTION: Update to version 5.x-1.11 or later, or version 6.x-2.1 or later, or version 6.x-1.25 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Stella Power, Drupal security team. ORIGINAL ADVISORY: SA-CONTRIB-2010-094 http://drupal.org/node/919580 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 19:15:48 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 04:15:48 +0200 Subject: [SEC] [SA41586] Fedora update for firefox and xulrunner Message-ID: <201009240215.o8O2FmAQ028435@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for firefox and xulrunner SECUNIA ADVISORY ID: SA41586 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41586/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41586 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41586/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41586/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41586 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued updates for firefox and xulrunner. These fix multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system. For more information: SA41297 SOLUTION: Apply updated packages via the yum utility ("yum update firefox xulrunner"). ORIGINAL ADVISORY: FEDORA-2010-15070: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048040.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048038.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 19:45:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 04:45:40 +0200 Subject: [SEC] [SA41549] Cisco IOS SIP Multiple Denial of Service Vulnerabilities Message-ID: <201009240245.o8O2jeC2017280@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS SIP Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41549 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41549/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41549 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41549/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41549/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41549 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error exists when processing SIP INVITE messages. For more information see vulnerability #1: SA36498 2) An error when processing certain unspecified Session Initiation Protocol (SIP) traffic can be exploited to cause a device to reload. 3) An error when processing specially crafted Session Initiation Protocol (SIP) packets can be exploited to cause a device to reload. Successful exploitation of the vulnerabilities requires that SIP voice services are enabled. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-sip: http://www.cisco.com/warp/public/707/cisco-sa-20100922-sip.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 20:10:41 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 05:10:41 +0200 Subject: [SEC] [SA41565] RivetTracker "page_number" Cross-Site Scripting Vulnerability Message-ID: <201009240310.o8O3AfXv005924@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: RivetTracker "page_number" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41565 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41565/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41565 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41565/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41565/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41565 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RivetTracker, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "page_number" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 1.03. SOLUTION: Update to version 1.03. PROVIDED AND/OR DISCOVERED BY: Reportedly disclosed in a forum. ORIGINAL ADVISORY: http://forums.rivetcode.com/viewtopic.php?f=5&t=74 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 20:45:16 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 05:45:16 +0200 Subject: [SEC] [SA41552] Cisco IOS SSL VPN Memory Leak Denial of Service Vulnerability Message-ID: <201009240345.o8O3jGtw027389@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco IOS SSL VPN Memory Leak Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41552 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41552/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41552 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41552/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41552/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41552 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to the SSL VPN feature leaking transmission control blocks while processing abnormally disconnected SSL sessions when configured with HTTP port redirection. This can be exploited to exhaust available memory resources and e.g. cause a device reload or be unable to accept or create new TCP connections. Successful exploitation requires a TCP three-way handshake. SOLUTION: Update to a fixed version. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-sslvpn: http://www.cisco.com/warp/public/707/cisco-sa-20100922-sslvpn.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 21:11:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 06:11:20 +0200 Subject: [SEC] [SA41585] Fedora update for roundup Message-ID: <201009240411.o8O4BKwT016083@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for roundup SECUNIA ADVISORY ID: SA41585 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41585/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41585 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41585/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41585/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41585 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for roundup. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA40433 SOLUTION: Apply updated packages via the yum utility ("yum update roundup"). ORIGINAL ADVISORY: FEDORA-2010-12261: https://admin.fedoraproject.org/updates/roundup-1.4.15-1.fc13 FEDORA-2010-12269: https://admin.fedoraproject.org/updates/roundup-1.4.15-1.fc12 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 21:45:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 06:45:39 +0200 Subject: [SEC] [SA41437] Cisco Unified Communications Manager Two Denial of Service Vulnerabilities Message-ID: <201009240445.o8O4jd4n005119@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Cisco Unified Communications Manager Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41437 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41437/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41437 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41437/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41437/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41437 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error when processing invalid "Refer-To" headers can be exploited to terminate a critical process and disrupt voice services via specially crafted SIP messages. 2) An error in the SIP Registration implementation when using the UDP protocol can be exploited to terminate a critical process and disrupt voice services via specially crafted SIP messages. Please see the vendor's advisory for details on affected versions. SOLUTION: Update to the latest version. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20100922-cucmsip: http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 23 22:10:53 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 07:10:53 +0200 Subject: [SEC] [SA41581] VideoCharge Studio Insecure Library Loading Vulnerability Message-ID: <201009240510.o8O5Arsj026181@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VideoCharge Studio Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41581 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41581/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41581 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41581/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41581/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41581 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in VideoCharge Studio, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a VSC file located on a remote WebDAV or SMB share. Additionally, a vulnerable version of the Pthreads-win32 library is bundled, which loads quserex.dll in an insecure manner. For more information: SA41215 Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.9.0.632. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://packetstormsecurity.org/1009-exploits/videocharge-dllhijack.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 10:30:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 19:30:45 +0200 Subject: [SEC] [SA41567] Ubuntu update for quassel Message-ID: <201009241730.o8OHUjOO014623@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for quassel SECUNIA ADVISORY ID: SA41567 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41567/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41567 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41567/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41567/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41567 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for quassel. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA41528 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-991-1: http://www.ubuntu.com/usn/usn-991-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 11:31:33 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 20:31:33 +0200 Subject: [SEC] [SA41464] Ipswitch IMail Server Two Denial of Service Vulnerabilities Message-ID: <201009241831.o8OIVXbP004862@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ipswitch IMail Server Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41464 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41464/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41464 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41464/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41464/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41464 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and some vulnerabilities have been reported in Ipswitch IMail Server, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) Two boundary errors within SmtpDLL.dll can be exploited to crash the Queue Manager service (queuemgr.exe) by e.g. sending an e-mail with a specially crafted sender ("FROM:" field). Successful exploitation may require that the "Copy All Mail To:" and the archiving via SMTP options are enabled. 2) A boundary error within IMailSrv.exe when processing certain spool files can be exploited to cause a stack-based buffer overflow by sending specially crafted emails containing e.g. multiple "Reply-To:" or "Resent-From:" headers to the SMTP service. This can be used to e.g. spawn multiple Windows crash dialogs or fill up the disk space with spool files. NOTE: Execution of arbitrary code has not been proven, but cannot be completely ruled out. SOLUTION: Apply IMail v11.02 Patch 2. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) Abysssec ORIGINAL ADVISORY: Abysssec: http://www.exploit-db.com/moaub-15-ipswitch-imail-server-list-mailer-reply-to-address-memory-corruption/ Ipswitch: http://www.imailserver.com/support/releases/im1102p2.asp OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 12:31:27 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 21:31:27 +0200 Subject: [SEC] [SA41596] Poppler Multiple Vulnerabilities Message-ID: <201009241931.o8OJVRFt027486@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Poppler Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41596 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41596/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41596 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41596/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41596/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41596 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Poppler, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. The vulnerabilities are caused due to e.g. memory leak errors, array indexing errors, and the use of uninitialized memory when parsing malformed PDF files, which can be exploited to e.g. cause a crash by tricking a user into processing a specially crafted PDF file in an application using the library. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Joel Voss, Leviathan Security Group ORIGINAL ADVISORY: Poppler: http://cgit.freedesktop.org/poppler/poppler/commit/?id=473de6f88a055bb03470b4af5fa584be8cb5fda4 http://cgit.freedesktop.org/poppler/poppler/commit/?id=2fe825deac055be82b220d0127169cb3d61387a8 http://cgit.freedesktop.org/poppler/poppler/commit/?id=d2578bd66129466b2dd114b6407c147598e09d2b http://cgit.freedesktop.org/poppler/poppler/commit/?id=c6a091512745771894b54a71613fd6b5ca1adcb3 http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 http://cgit.freedesktop.org/poppler/poppler/commit/?id=a2dab0238a69240dad08eca2083110b52ce488b7 http://cgit.freedesktop.org/poppler/poppler/commit/?id=3422638b2a39cbdd33a114a7d7debc0a5f688501 http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f http://cgit.freedesktop.org/poppler/poppler/commit/?id=dfdf3602bde47d1be7788a44722c258bfa0c6d6e http://cgit.freedesktop.org/poppler/poppler/commit/?id=26a5817ffec9f05ac63db6c5cd5b1f0871d271c7 http://cgit.freedesktop.org/poppler/poppler/commit/?id=9706e28657ff7ea52aa69d9efb3f91d0cfaee70b OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 13:30:59 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 22:30:59 +0200 Subject: [SEC] [SA41604] HP-UX update for HP-UX Directory Server / Red Hat Directory Server for HP-UX Message-ID: <201009242030.o8OKUx8i017677@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP-UX update for HP-UX Directory Server / Red Hat Directory Server for HP-UX SECUNIA ADVISORY ID: SA41604 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41604/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41604 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41604/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41604/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41604 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for HP-UX Directory Server / Red Hat Directory Server for HP-UX. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to an unspecified error and can be exploited to disclose certain information or perform certain actions with escalated privileges. No further information is currently available. The vulnerability is reported in HP-UX B.11.11, B.11.23, and B.11.31 running HP-UX Directory Server versions B.08.10.02 and prior and Red Hat Directory Server for HP-UX versions B.08.00.01 and prior. SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBUX02587 SSRT100215: http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02522633 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 14:24:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 23:24:39 +0200 Subject: [SEC] [SA41606] VMware Server libpng Multiple Vulnerabilities Message-ID: <201009242124.o8OLOdPi007610@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VMware Server libpng Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41606 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41606/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41606 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41606/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41606/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41606 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged some vulnerabilities in VMware Workstation and Player, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. For more information: SA38774 SA40302 SOLUTION: There are no known workarounds. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: VMSA-2010-0014: http://lists.vmware.com/pipermail/security-announce/2010/000105.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 14:45:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Sep 2010 23:45:52 +0200 Subject: [SEC] [SA41605] VMware Workstation and Player libpng Multiple Vulnerabilities Message-ID: <201009242145.o8OLjqmR028475@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VMware Workstation and Player libpng Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41605 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41605/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41605 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41605/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41605/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41605 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged some vulnerabilities in VMware Workstation and Player, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. For more information: SA38774 SA40302 SOLUTION: There are currently no known workarounds. Patches are currently pending. ORIGINAL ADVISORY: VMSA-2010-0014: http://lists.vmware.com/pipermail/security-announce/2010/000105.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 15:13:30 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 00:13:30 +0200 Subject: [SEC] [SA41574] VMware Update for Workstation and Player Message-ID: <201009242213.o8OMDUP3017338@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VMware Update for Workstation and Player SECUNIA ADVISORY ID: SA41574 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41574/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41574 RELEASE DATE: 2010-09-24 DISCUSS ADVISORY: http://secunia.com/advisories/41574/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41574/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41574 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged a weakness and some vulnerabilities in VMware Workstation and Player, which can be exploited by malicious, local users to bypass certain security restrictions and malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA38774 SA40302 1) A weakness is caused due to the VMware Workstation and Player installers loading an "index.htm" file located in the current working directory, which can be exploited to display a malicious HTML file by placing it into the directory prior to a user running the installer. Note: This weakness does not affect already installed versions. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Alexander Trofimov and Marc Esher. ORIGINAL ADVISORY: VMSA-2010-0014: http://lists.vmware.com/pipermail/security-announce/2010/000105.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 15:47:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 00:47:23 +0200 Subject: [SEC] [SA41528] Quassel IRC "PRIVMSG" Denial of Service Vulnerability Message-ID: <201009242247.o8OMlNrx006392@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Quassel IRC "PRIVMSG" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41528 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41528/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41528 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41528/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41528/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41528 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Quassel IRC, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to the application responding with multiple "NOTICE" commands to multiple CTCP requests sent via a "PRIVMSG" command and can be exploited to disrupt the IRC service. The vulnerability is reported in versions prior to 0.6.3 and 0.7.1. SOLUTION: Update to version 0.6.3 or 0.7.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Jima. ORIGINAL ADVISORY: http://quassel-irc.org/node/115 http://bugs.quassel-irc.org/issues/1023 http://bugs.quassel-irc.org/issues/1024 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 16:13:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 01:13:39 +0200 Subject: [SEC] [SA41607] VMware ACE Management Server (AMS) Two Vulnerabilities Message-ID: <201009242313.o8ONDduG027491@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VMware ACE Management Server (AMS) Two Vulnerabilities SECUNIA ADVISORY ID: SA41607 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41607/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41607 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41607/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41607/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41607 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged some vulnerabilities in VMware ACE Management Server (AMS), which can be exploited by malicious people to gain access to potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA38776 NOTE: CVE-2010-0425 does not affect AMS running on Linux. SOLUTION: Apply patches when available. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: VMSA-2010-0014: http://lists.vmware.com/pipermail/security-announce/2010/000105.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 16:45:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 01:45:45 +0200 Subject: [SEC] [SA41571] Gromada Multimedia Conversion Library Insecure Library Loading Vulnerability Message-ID: <201009242345.o8ONjj3t016458@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gromada Multimedia Conversion Library Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41571 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41571/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41571 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41571/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41571/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41571 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Gromada Multimedia Conversion Library, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to libmcl-5.4.0.dll loading libraries (e.g. libgif-1.1.0.dll and libhav-1.0.1.dll) in an insecure manner. This can be exploited to load arbitrary libraries when an application using this library e.g. opens a file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 5.4.0. Other versions may also be affected. SOLUTION: Do not open untrusted files with an application using this library. PROVIDED AND/OR DISCOVERED BY: Reported in DVD PixPlay by anT!-Tr0J4n. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 17:13:40 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 02:13:40 +0200 Subject: [SEC] [SA41590] YLoader Insecure Library Loading Vulnerability Message-ID: <201009250013.o8P0DeIY005220@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: YLoader Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41590 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41590/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41590 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41590/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41590/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41590 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in YLoader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the Prof-UIS library, which loads libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a TXT file located on a remote WebDAV or SMB share Successful exploitation allows execution of arbitrary code, but requires that files are opened via the Windows Explorer "Open With" menu. For more information: SA41578 The vulnerability is confirmed in version 3.0.0.0. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://packetstormsecurity.org/1009-exploits/yloader-dllhijack.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 17:45:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 02:45:32 +0200 Subject: [SEC] [SA41589] DVD PixPlay Insecure Library Loading Vulnerability Message-ID: <201009250045.o8P0jWJL026595@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: DVD PixPlay Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41589 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41589/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41589 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41589/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41589/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41589 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in DVD PixPlay, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the Gromada Multimedia Conversion Library library, which loads libraries (e.g. libgif-1.1.0.dll and libhav-1.0.1.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a MPX or PXP file located on a remote WebDAV or SMB share Successful exploitation allows execution of arbitrary code. For more information: SA41571 The vulnerability is confirmed in version 6.12. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 18:10:36 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 03:10:36 +0200 Subject: [SEC] [SA41580] SmartSniff Insecure Library Loading Vulnerability Message-ID: <201009250110.o8P1AaMJ015235@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SmartSniff Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41580 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41580/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41580 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41580/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41580/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41580 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SmartSniff, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wpcap.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a CFG or SSP file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are opened via the Windows Explorer "Open With" menu. The vulnerability is confirmed in version 1.71. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://packetstormsecurity.org/1009-exploits/smartsniff-dllhijack.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 18:24:44 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 03:24:44 +0200 Subject: [SEC] [SA41603] SUSE update for kernel Message-ID: <201009250124.o8P1Oige003380@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41603 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41603 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41603/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41603/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41603 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA41055 SA41245 SA41263 SA41378 SA41440 SA41462 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:047: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00012.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 18:45:41 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 03:45:41 +0200 Subject: [SEC] [SA41578] Prof-UIS Insecure Library Loading Vulnerability Message-ID: <201009250145.o8P1jfla024242@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Prof-UIS Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41578 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41578/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41578 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41578/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41578/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41578 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Prof-UIS, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to the "CExtDWM::CExtDWM()" method in ProfUIS290m.dll and in ProfUIS290m-RDE.dll loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries when an application using this library e.g. opens a file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.9.0. Other versions may also be affected. SOLUTION: Do not open untrusted files with an application using this library. PROVIDED AND/OR DISCOVERED BY: Reported in YLoader by anT!-Tr0J4n. ORIGINAL ADVISORY: http://packetstormsecurity.org/1009-exploits/yloader-dllhijack.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 19:16:04 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 04:16:04 +0200 Subject: [SEC] [SA41598] SUSE update for kernel Message-ID: <201009250216.o8P2G4G9013629@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41598 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41598/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41598 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41598/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41598/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41598 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information and gain escalated privileges. For more information: SA41245 SA41284 SA41440 SA41462 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:044: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00009.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 19:45:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 04:45:29 +0200 Subject: [SEC] [SA41602] Sun Solaris GSS-API NULL Pointer Dereference Vulnerability Message-ID: <201009250245.o8P2jTRs002414@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Sun Solaris GSS-API NULL Pointer Dereference Vulnerability SECUNIA ADVISORY ID: SA41602 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41602/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41602 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41602/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41602/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41602 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA39762 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2010_1321_null_pointer OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 20:10:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 05:10:37 +0200 Subject: [SEC] [SA41600] Sun Solaris Samba SMB1 Packet Chaining Memory Corruption Vulnerability Message-ID: <201009250310.o8P3Ab8N023512@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Sun Solaris Samba SMB1 Packet Chaining Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA41600 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41600/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41600 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41600/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41600/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41600 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA40145 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2010_2063_buffer_overflow OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 20:25:25 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 05:25:25 +0200 Subject: [SEC] [SA41587] OvBB Multiple Local file Inclusion Vulnerabilities Message-ID: <201009250325.o8P3PPeR011684@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: OvBB Multiple Local file Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA41587 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41587/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41587 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41587/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41587/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41587 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in OvBB, which can be exploited by malicious people to disclose sensitive information. Input passed via the "CFG[skin]" parameter to e.g. skins/default/addevent.tpl.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled and "register_globals" is enabled. The vulnerabilities are confirmed in version 0.16a. Other versions may also be affected. NOTE: The following PHP files are also reportedly affected. http://[host]/skins/default/alreadyregistered.tpl.php http://[host]/skins/default/getip.tpl.php http://[host]/skins/default/unauthorized.tpl.php http://[host]/skins/default/calendar.tpl.php http://[host]/skins/default/deleteposts.tpl.php http://[host]/skins/default/deletethread.tpl.php http://[host]/skins/default/editevent.tpl.php http://[host]/skins/default/editpost.tpl.php http://[host]/skins/default/forgotdetails.tpl.php http://[host]/skins/default/index.tpl.php http://[host]/skins/default/justregistered.tpl.php http://[host]/skins/default/login.tpl.php http://[host]/skins/default/mailuser.tpl.php http://[host]/skins/default/memberlist.tpl.php http://[host]/skins/default/movecopythread.tpl.php http://[host]/skins/default/newpoll.tpl.php http://[host]/skins/default/online.tpl.php http://[host]/skins/default/pollresults.tpl.php http://[host]/skins/default/post.tpl.php http://[host]/skins/default/register.tpl.php http://[host]/skins/default/sysmessage.tpl.php http://[host]/skins/default/admincp/addattachment.tpl.php http://[host]/skins/default/admincp/addavatar.tpl.php http://[host]/skins/default/admincp/addforum.tpl.php http://[host]/skins/default/admincp/addposticon.tpl.php http://[host]/skins/default/admincp/addskin.tpl.php http://[host]/skins/default/admincp/addsmilie.tpl.php http://[host]/skins/default/admincp/addusergroup.tpl.php http://[host]/skins/default/admincp/addusergroupuser.tpl.php http://[host]/skins/default/admincp/attachments.tpl.php http://[host]/skins/default/admincp/avatars.tpl.php http://[host]/skins/default/admincp/censored.tpl.php http://[host]/skins/default/admincp/editattachment.tpl.php http://[host]/skins/default/admincp/editavatar.tpl.php http://[host]/skins/default/admincp/editforum.tpl.php http://[host]/skins/default/admincp/editposticon.tpl.php http://[host]/skins/default/admincp/editskin.tpl.php http://[host]/skins/default/admincp/editsmilie.tpl.php http://[host]/skins/default/admincp/editusergroup.tpl.php http://[host]/skins/default/admincp/forums.tpl.php http://[host]/skins/default/admincp/general.tpl.php http://[host]/skins/default/admincp/posticons.tpl.php http://[host]/skins/default/admincp/removeattachment.tpl.php http://[host]/skins/default/admincp/removeavatar.tpl.php http://[host]/skins/default/admincp/removeforum.tpl.php http://[host]/skins/default/admincp/removeposticon.tpl.php http://[host]/skins/default/admincp/removeskin.tpl.php http://[host]/skins/default/admincp/removesmilie.tpl.php http://[host]/skins/default/admincp/removeusergroup.tpl.php http://[host]/skins/default/admincp/skins.tpl.php http://[host]/skins/default/admincp/smilies.tpl.php http://[host]/skins/default/admincp/style.tpl.php http://[host]/skins/default/admincp/usergroups.tpl.php http://[host]/skins/default/pm/folders.tpl.php http://[host]/skins/default/pm/inbox.tpl.php http://[host]/skins/default/pm/newmessage.tpl.php http://[host]/skins/default/pm/sentitems.tpl.php http://[host]/skins/default/pm/tracking.tpl.php http://[host]/skins/default/search/main.tpl.php http://[host]/skins/default/usercp/avatar.tpl.php http://[host]/skins/default/usercp/buddylist.tpl.php http://[host]/skins/default/usercp/ignorelist.tpl.php http://[host]/skins/default/usercp/main.tpl.php http://[host]/skins/default/usercp/options.tpl.php http://[host]/skins/default/usercp/password.tpl.php http://[host]/skins/default/usercp/profile.tpl.php SOLUTION: Use another product. PROVIDED AND/OR DISCOVERED BY: cOndemned OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 20:45:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 05:45:56 +0200 Subject: [SEC] [SA41594] SUSE update for kernel Message-ID: <201009250345.o8P3juAK032524@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41594 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41594/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41594 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41594/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41594/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41594 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the SUSE Linux Enterprise 11 GA kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA41055 SA41462 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:043: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00008.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 21:11:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 06:11:20 +0200 Subject: [SEC] [SA41599] SUSE update for kernel Message-ID: <201009250411.o8P4BKFJ021198@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41599 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41599/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41599 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41599/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41599/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41599 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the SUSE Linux Enterprise 11 SP1 kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA41245 SA41378 SA41462 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:045: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00010.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 21:46:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 06:46:15 +0200 Subject: [SEC] [SA41601] SUSE update for kernel Message-ID: <201009250446.o8P4kFEH010281@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA41601 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41601/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41601 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41601/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41601/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41601 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some weaknesses, security issues and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, disclose system and potentially sensitive information, cause a DoS (Denial of Service), conduct DNS cache poisoning attacks, and gain escalated privileges, and by malicious people to cause a DoS. For more information: SA35265 SA38594 SA39316 SA39344 SA39982 SA40205 SA40656 SA40691 SA40965 SA41055 SA41234 SA41245 SA41378 SA41462 SA41263 SA41284 SA41440 1) A race condition within the "find_keyring_by_name()" function in security/keys/keyring.c can be exploited to access freed memory and e.g. cause a system panic. 2) The "btrfs_ioctl_clone()" function in fs/btrfs/ioctl.c does not properly check a user's read access to the source file before cloning the file, which can be exploited to e.g. disclose sensitive information. 3) An error exists within the "do_gfs2_set_flags()" function, which can be exploited to change certain file attributes of files on an GFS2 file system. 4) An error in btrfs allows local users to set ACLs for arbitrary files. 5) An error exists within eCryptfs when generating hash values, which can be exploited to e.g. cause a kernel panic or gain escalated privileges. 6) Errors within the implementation of the External Data Representation (XDR) for NFSv4 can be exploited to cause a kernel panic and potentially execute arbitrary code by sending specially crafted compound requests to the NFSv4 server. 7) Incorrect permission checks within the "btrfs_ioctl_clone()" function in fs/btrfs/ioctl.c can be exploited to overwrite append-only files. 8) An integer overflow within the "btrfs_ioctl_clone()" function in fs/btrfs/ioctl.c can be exploited to e.g. disclose sensitive information. 9) An error within the GFS2 file system when handing certain rename operations can be exploited to cause a kernel crash. 10) An error exists within the "keyctl_session_to_parent()" function in security/keys/keyctl.c, which can be exploited to cause a NULL pointer dereference by e.g. calling "keyctl()" with KEYCTL_SESSION_TO_PARENT. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2010:046: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00011.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Sep 24 22:11:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 07:11:08 +0200 Subject: [SEC] [SA41592] HP OpenView Network Node Manager Denial of Service Vulnerability Message-ID: <201009250511.o8P5B8gd031325@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: HP OpenView Network Node Manager Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41592 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41592/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41592 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41592/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41592/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41592 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error, which can be exploited to cause a DoS. No further information is currently available. The vulnerability is reported in versions 7.51 and 7.53 running on HP-UX, Linux RedHat4AS-x86_64, Solaris, and Windows. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02585 SSRT100256: http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02521481 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Sep 25 10:29:41 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Sep 2010 19:29:41 +0200 Subject: [SEC] [SA41588] RSA Authentication Agent for Web Directory Traversal Vulnerability Message-ID: <201009251729.o8PHTfbL019691@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: RSA Authentication Agent for Web Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA41588 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41588/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41588 RELEASE DATE: 2010-09-25 DISCUSS ADVISORY: http://secunia.com/advisories/41588/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41588/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41588 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RSA Authentication Agent for Web, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an input validation error, which can be exploited to gain access to certain protected data via directory traversal attacks. The vulnerability is reported in the following products: * RSA Authentication Agent 7.0 for Web for Apache Web Server * RSA Authentication Agent 7.0 for Web for Internet Information Services SOLUTION: Update to RSA Authentication Agent 7.0 P2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Tim Brown of Portcullis Computer Security Ltd. ORIGINAL ADVISORY: ESA-2010-017: http://archives.neohapsis.com/archives/bugtraq/2010-09/0181.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 10:28:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Sep 2010 19:28:18 +0200 Subject: [SEC] [SA41597] e107 Forum Plugin Cross-Site Request Forgery Vulnerability Message-ID: <201009271728.o8RHSIGe006902@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: e107 Forum Plugin Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41597 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41597/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41597 RELEASE DATE: 2010-09-27 DISCUSS ADVISORY: http://secunia.com/advisories/41597/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41597/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41597 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in e107, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any checks to verify the requests. This can be exploited to e.g. change the "Viewable by" and "Post permission" settings of a forum by tricking a logged in administrator into visiting a malicious web site. Successful exploitation requires the "Forum" plugin to be enabled (disabled by default). NOTE: Additionally, a SQL injection vulnerability exists in e107_plugins/forum/forum_admin.php, which is accessible to administrative users only, but can also be exploited via a cross-site request forgery attack. The vulnerability is confirmed in version 0.7.24 and Forum plugin version 1.2. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: SQL injection reported by High-Tech Bridge SA Additional information provided by Secunia Research. ORIGINAL ADVISORY: High-Tech Bridge SA (HTB22604): http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_e107_2.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 11:28:02 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Sep 2010 20:28:02 +0200 Subject: [SEC] [SA41577] Gokhun Asp Stok Sistemi Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201009271828.o8RIS2NU029518@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gokhun Asp Stok Sistemi Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41577 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41577/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41577 RELEASE DATE: 2010-09-27 DISCUSS ADVISORY: http://secunia.com/advisories/41577/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41577/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41577 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Gokhun Asp Stok Sistemi, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "olayD" parameter to default.asp (when "eylemD" is set to "hizmetlerimiz") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "kimlikD" parameter to default.asp (when "eylemD" is set to "urunler" and "islemD" is set to "duzenle") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: KnocKout OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 12:28:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Sep 2010 21:28:21 +0200 Subject: [SEC] [SA41543] Entrans Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201009271928.o8RJSLwr019765@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Entrans Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA41543 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41543/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41543 RELEASE DATE: 2010-09-27 DISCUSS ADVISORY: http://secunia.com/advisories/41543/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41543/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41543 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in Entrans, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed to the "query" parameter in search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "parent_id" and "root" parameters to main.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. 3) Input passed via the "edit" parameter to list.php (when "category" is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Input passed via the "query_lookup" parameter to lookup.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 5) Input passed to the "query" parameter in search.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 6) Input passed via the "query_lookup" parameter to lookup.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of vulnerabilities #5 and #6 requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 0.3.2. Prior versions may also be affected. SOLUTION: Update to version 0.3.3. PROVIDED AND/OR DISCOVERED BY: 1, 2) High-Tech Bridge SA 3-6) Reported by the vendor ORIGINAL ADVISORY: Entrans: http://sourceforge.net/mailarchive/forum.php?thread_name=4C8F5875.1020400%40users.sourceforge.net&forum_name=entrans-users High-Tech Bridge SA: http://www.htbridge.ch/advisory/xss_vulnerability_in_entrans.html http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_entrans.html http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_entrans_1.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 13:28:07 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Sep 2010 22:28:07 +0200 Subject: [SEC] [SA41556] FreePBX "usersnum" File Upload Vulnerability Message-ID: <201009272028.o8RKS7Jd009988@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: FreePBX "usersnum" File Upload Vulnerability SECUNIA ADVISORY ID: SA41556 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41556/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41556 RELEASE DATE: 2010-09-27 DISCUSS ADVISORY: http://secunia.com/advisories/41556/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41556/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41556 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in FreePBX, which can be exploited by malicious users to compromise a vulnerable system. Input passed via the "usersnum" parameter when uploading recorded files in the administrative section is not properly sanitised before being used. This can be exploited to upload and save arbitrary files in a web accessible location or to inject and execute arbitrary shell commands. Successful exploitation allows execution of arbitrary code, but requires an administrative user account. The vulnerability is confirmed in version 2.8.0. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Wendel G. Henrique, Trustwave's SpiderLabs. Additional information about shell command injection provided by Secunia Research. ORIGINAL ADVISORY: FreePBX: http://www.freepbx.org/trac/ticket/4553 TWSL2010-005: https://www.trustwave.com/spiderlabs/advisories/TWSL2010-005.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 14:22:33 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Sep 2010 23:22:33 +0200 Subject: [SEC] [SA41573] LINGO Insecure Library Loading Vulnerabilities Message-ID: <201009272122.o8RLMX23032383@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: LINGO Insecure Library Loading Vulnerabilities SECUNIA ADVISORY ID: SA41573 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41573/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41573 RELEASE DATE: 2010-09-27 DISCUSS ADVISORY: http://secunia.com/advisories/41573/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41573/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41573 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in LINGO, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system. 1) The application loads libraries (e.g. myuser.dll) in an insecure manner, which can be exploited to load arbitrary libraries by tricking a user into e.g. opening a LINGO document (.ltf) located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. 2) The application is installed in a directory in the system root with insecure permissions by default (granting members of the "Users" group permissions to create files and directories). This can be exploited to execute arbitrary code with the privileges of another user running the application by placing e.g. a malicious library file in the installation directory. NOTE: This is a general problem for the majority of Windows applications when installed outside the "Program Files" folder due to unsafe default permissions combined with the way libraries are located. The vulnerabilities are confirmed in versions 11.0.1.6 and 12.0.2.20. Other versions may also be affected. SOLUTION: Set secure permissions on the installation directory and do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: APA-IUTcert Vulnerability Analysis Team Additional information provided by Secunia Research. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 14:43:06 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Sep 2010 23:43:06 +0200 Subject: [SEC] [SA41575] TuneUp Utilities Insecure Library Loading Vulnerability Message-ID: <201009272143.o8RLh6BV020829@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: TuneUp Utilities Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41575 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41575/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41575 RELEASE DATE: 2010-09-27 DISCUSS ADVISORY: http://secunia.com/advisories/41575/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41575/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41575 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in TuneUp Utilities, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. wscapi.dll, vclib32.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a TuneUp Visual Style (.tvs) file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in versions 2009 8.0.3310 and 2010 9.0.4600. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: APA-IUTcert Vulnerability Analysis Team OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 15:01:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 00:01:01 +0200 Subject: [SEC] [SA41616] VirIT eXplorer Insecure Library Loading Vulnerability Message-ID: <201009272201.o8RM11eE009161@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VirIT eXplorer Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41616 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41616/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41616 RELEASE DATE: 2010-09-27 DISCUSS ADVISORY: http://secunia.com/advisories/41616/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41616/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41616 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in VirIT eXplorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. tg-scan.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. scanning a file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are scanned via the Windows Explorer "Scan With" menu. The vulnerability is confirmed in version 6.7.34 Lite. Other versions may also be affected. SOLUTION: Do not scan files using the Windows Explorer "Scan With" menu. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n ORIGINAL ADVISORY: http://packetstormsecurity.org/1009-exploits/virit-dllhijack.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 15:25:23 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 00:25:23 +0200 Subject: [SEC] [SA41622] Collaborative Passwords Manager Local File Inclusion Vulnerability Message-ID: <201009272225.o8RMPNLj030290@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Collaborative Passwords Manager Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA41622 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41622/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41622 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41622/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41622/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41622 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Collaborative Passwords Manager, which can be exploited by malicious users to disclose sensitive information. Input passed via the "language" POST parameter is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 1.61. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: sh00t0ut OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 15:46:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 00:46:09 +0200 Subject: [SEC] [SA41620] Traidnt Up Cross-Site Request Forgery Vulnerability Message-ID: <201009272246.o8RMk9nW018750@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Traidnt Up Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41620 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41620/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41620 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41620/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41620/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41620 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Traidnt Up, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add an administrative user by tricking a logged in administrative user into visiting a malicious web site. The vulnerability is reported in version 3.0. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: G0D-F4Th3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 16:11:55 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 01:11:55 +0200 Subject: [SEC] [SA41591] Mura CMS "FILEID" Information Disclosure Vulnerability Message-ID: <201009272311.o8RNBtb3007448@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Mura CMS "FILEID" Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA41591 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41591/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41591 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41591/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41591/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41591 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Mura CMS, which can be exploited by malicious people to disclose sensitive information. Input passed via the "FILEID" parameter to tasks/render/file/ is not properly verified before being used to access files in fileManager.cfc. This can be exploited to read content from arbitrary files via directory traversal sequences. The vulnerability is reported in versions prior to 5.2.2809. SOLUTION: Apply available patches. PROVIDED AND/OR DISCOVERED BY: Rohan Stelling and Steven Seel, stratsec ORIGINAL ADVISORY: Mura CMS http://www.getmura.com/index.cfm/blog/critical-security-patch/ stratsec: http://www.stratsec.net/Research/Advisories/Blue-River-Mura-CMS-Directory-Traversal-%28SS-2010-0 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 16:44:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 01:44:09 +0200 Subject: [SEC] [SA41569] GIT "is_git_directory()" Buffer Overflow Vulnerability Message-ID: <201009272344.o8RNi9Su028820@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: GIT "is_git_directory()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41569 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41569/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41569 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41569/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41569/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41569 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in GIT, which can be exploited by malicious, local users to potentially gain escalated privileges. The vulnerability is caused due to a boundary error in the "is_git_directory()" function in setup.c when processing ".git" files and can be exploited to cause a stack-based buffer overflow via an overly long "gitdir" parameter. The vulnerability is reported in versions 1.5.6 through 1.7.1. Other versions may also be affected. SOLUTION: Update to version 1.7.2 or later. PROVIDED AND/OR DISCOVERED BY: Greg Brockman ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2010/07/22/1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 17:11:46 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 02:11:46 +0200 Subject: [SEC] [SA41582] Debian update for git-core Message-ID: <201009280011.o8S0BkF6017607@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for git-core SECUNIA ADVISORY ID: SA41582 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41582/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41582 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41582/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41582/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41582 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for git-core. This fixes a vulnerability, which can be exploited by malicious, local users to potentially gain escalated privileges. For more information: SA41569 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2114-1: http://www.us.debian.org/security/2010/dsa-2114 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 17:44:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 02:44:22 +0200 Subject: [SEC] [SA41636] Fedora update for php-nusoap Message-ID: <201009280044.o8S0iMEk006609@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for php-nusoap SECUNIA ADVISORY ID: SA41636 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41636/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41636 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41636/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41636/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41636 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for php-nusoap. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA41254 SOLUTION: Apply updated packages via the yum utility ("yum update php-nusoap"). ORIGINAL ADVISORY: FEDORA-2010-14098: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048317.html FEDORA-2010-14100: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048325.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 18:09:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 03:09:26 +0200 Subject: [SEC] [SA41632] Fedora update for lvm2 Message-ID: <201009280109.o8S19QrH027663@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for lvm2 SECUNIA ADVISORY ID: SA41632 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41632/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41632 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41632/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41632/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41632 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for lvm2. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA40759 SOLUTION: Apply updated packages via the yum utility ("yum update lvm2"). ORIGINAL ADVISORY: FEDORA-2010-12250: https://admin.fedoraproject.org/updates/lvm2-2.02.72-4.fc12 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 18:23:12 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 03:23:12 +0200 Subject: [SEC] [SA41637] Fedora update for bzip2 Message-ID: <201009280123.o8S1NCqv015819@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for bzip2 SECUNIA ADVISORY ID: SA41637 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41637/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41637 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41637/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41637/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41637 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA41452 SOLUTION: Apply updated packages via the yum utility ("yum update bzip2"). ORIGINAL ADVISORY: FEDORA-2010-15120: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048294.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 18:44:13 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 03:44:13 +0200 Subject: [SEC] [SA41635] Fedora update for lib3ds Message-ID: <201009280144.o8S1iD1k004268@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for lib3ds SECUNIA ADVISORY ID: SA41635 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41635/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41635 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41635/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41635/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41635 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for lib3ds. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library. For more information: SA38185 SOLUTION: Apply updated packages via the yum utility ("yum update lib3ds"). ORIGINAL ADVISORY: FEDORA-2010-14632: https://admin.fedoraproject.org/updates/lib3ds-1.3.0-9.fc12 FEDORA-2010-14644: https://admin.fedoraproject.org/updates/lib3ds-1.3.0-9.fc13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Sep 27 19:14:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 04:14:32 +0200 Subject: [SEC] [SA41630] Tiki Wiki CMS Groupware Multiple Vulnerabilities Message-ID: <201009280214.o8S2EWiC027206@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Tiki Wiki CMS Groupware Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41630 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41630/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41630 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41630/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41630/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41630 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: John Leitch has discovered some vulnerabilities in Tiki Wiki CMS Groupware, which can be exploited by malicious users to disclose sensitive information and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed via the "type" parameter to tiki-edit_wiki_section.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrative password by tricking a logged in administrative user into visiting a malicious web site. 3) Input passed via the "language" parameter to tiki-jsplugin.php is not properly verified before being used to read files. This can be exploited to download arbitrary files from local resources via directory traversal sequences. The vulnerabilities are confirmed in version 5.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: John Leitch ORIGINAL ADVISORY: John Leitch: http://www.johnleitch.net/Vulnerabilities/Tiki.Wiki.CMS.Groupware.5.2.Reflected.Cross-site.Scripting/44 http://www.johnleitch.net/Vulnerabilities/Tiki.Wiki.CMS.Groupware.5.2.Cross-site.Request.Forgery/45 http://www.johnleitch.net/Vulnerabilities/Tiki.Wiki.CMS.Groupware.5.2.Local.File.Inclusion/46 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 10:28:10 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 19:28:10 +0200 Subject: [SEC] [SA41623] Red Hat update for mikmod Message-ID: <201009281728.o8SHSAGR023519@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for mikmod SECUNIA ADVISORY ID: SA41623 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41623/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41623 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41623/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41623/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41623 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for mikmod. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA33485 SA37775 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0720-1: https://rhn.redhat.com/errata/RHSA-2010-0720.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 11:27:54 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 20:27:54 +0200 Subject: [SEC] [SA41634] iBrowser "lang" Local File Inclusion Vulnerability Message-ID: <201009281827.o8SIRsTR013740@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: iBrowser "lang" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA41634 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41634/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41634 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41634/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41634/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41634 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in iBrowser, which can be exploited by malicious people to disclose sensitive information. Input passed via the "lang" parameter to ibrowser.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 1.4.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Originally reported in CMScout by John Leitch. ORIGINAL ADVISORY: John Leitch: http://www.johnleitch.net/Vulnerabilities/CMScout.2.09.IBrowser.TinyMCE.Plugin.Local.File.Inclusion/33 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 12:27:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 21:27:56 +0200 Subject: [SEC] [SA41610] iWorkstation Playlist Processing Buffer Overflow Vulnerability Message-ID: <201009281927.o8SJRuGd003948@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: iWorkstation Playlist Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41610 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41610/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41610 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41610/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41610/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41610 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in iWorkstation, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the use of a vulnerable version of a MultiMedia Soft component. For more information: SA41519 The vulnerability is confirmed in version 9.3.2.1.4. Other versions may also be affected. SOLUTION: Do not open playlist files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Sanjeev Gupta ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15133/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 13:27:52 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 22:27:52 +0200 Subject: [SEC] [SA41487] Synology DiskStation Manager Script Insertion Vulnerability Message-ID: <201009282027.o8SKRqv2026601@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Synology DiskStation Manager Script Insertion Vulnerability SECUNIA ADVISORY ID: SA41487 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41487/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41487 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41487/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41487/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41487 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Synology DiskStation Manager, which can be exploited by malicious people to conduct script insertion attacks. The vulnerability is caused due to input from failed FTP login attempts not being sanitised before being displayed in the log files in the web-based interface. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrative user's browser session in context of an affected site. Successful exploitation may allow performing arbitrary administrative actions. SOLUTION: The vulnerability is reportedly fixed in DSM version 3.0-1337. PROVIDED AND/OR DISCOVERED BY: Rodrigo Rubira Branco, Check Point Vulnerability Discovery Team (VDT) and Aditya K. Sood, Secniche ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0375.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 14:22:08 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 23:22:08 +0200 Subject: [SEC] [SA41617] Achievo Cross-Site Request Forgery and Security Bypass Vulnerabilities Message-ID: <201009282122.o8SLM8dr016573@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Achievo Cross-Site Request Forgery and Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA41617 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41617/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41617 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41617/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41617/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41617 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Pablo G. Milano has discovered some vulnerabilities in Achievo, which can be exploited by malicious users to bypass certain security restrictions and malicious people to conduct cross-site request forgery attacks. 1) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. delete a project or delete hours entry of a project if a logged-in user visits a specially crafted web site. 2) An error in the handling of access permissions while adding or deleting hours of a project in the "Time Registration" section can be exploited to add or delete hours of another user. The vulnerabilities are confirmed in version 1.4.4. Prior versions may also be affected. SOLUTION: Update to version 1.4.5. PROVIDED AND/OR DISCOVERED BY: Pablo G. Milano, CYBSEC ORIGINAL ADVISORY: Achievo: http://www.achievo.org/blog/archives/662-Achievo-1.4.5-Security-Bugfix-release.html CYBSEC: http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0902_Achievo_1_4_3_CSRF.pdf http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0901_Achievo_1_4_3_Multiple_Authorization_Flaws.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 14:43:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 23:43:01 +0200 Subject: [SEC] [SA41608] PBBoard Multiple Vulnerabilities Message-ID: <201009282143.o8SLh14q005023@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: PBBoard Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41608 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41608/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41608 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41608/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41608/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41608 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in PBBoard, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system, and by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "URL" field when setting the location of a new avatar is not properly sanitised before being used and returned to the user. This can be exploited to insert arbitrary HTML and script code which will be executed in a user's browser session when the malicious data is being viewed. 2) The application insecurely validates uploaded file types. This can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. a ".pht" file extension 3) Input passed via the "username" POST parameter to index.php and admin.php (when "page" is set to "login" and "login" is set to "1") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can further be exploited to bypass the log-in mechanism. 4) Input passed via the "id" parameter (when "page" is set to "forum" and "show" is set) and via the "username" parameter (when "page" is set to "profile" and "show" is set) to index.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can further be exploited to conduct cross-site scripting attacks via SQL error messages. Successful exploitation of vulnerabilities #3 and #4 requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 2.1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and uploaded file types are securely validated. PROVIDED AND/OR DISCOVERED BY: JIKO OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 14:57:47 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Sep 2010 23:57:47 +0200 Subject: [SEC] [SA41553] Open Text ECM Cross-Site Scripting and Request Forgery Vulnerabilities Message-ID: <201009282157.o8SLvlr0025631@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Open Text ECM Cross-Site Scripting and Request Forgery Vulnerabilities SECUNIA ADVISORY ID: SA41553 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41553/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41553 RELEASE DATE: 2010-09-28 DISCUSS ADVISORY: http://secunia.com/advisories/41553/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41553/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41553 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Alejandro Ramos has reported some vulnerabilities in Open Text ECM, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change folder permissions by tricking a logged in administrative user into visiting a malicious web site. 2) Input passed via the "viewType" and "sort" parameters to livelink/livelink (when e.g. "func" is set to "ll", "objAction" is set to "browse", and "objId" is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "nodeid", "setctx", and "support " parameters to livelinkdav/nodes/OOB_DAVWindow.html (when e.g. "func" is set to "oobget" and "ctxval" is set to an arbitrary value) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 9.7.1. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. Filter malicious characters and character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: Alejandro Ramos ORIGINAL ADVISORY: Alejandro Ramos: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0359.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 15:23:54 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 00:23:54 +0200 Subject: [SEC] [SA41613] Digital Music Pad Playlist Processing Buffer Overflow Vulnerability Message-ID: <201009282223.o8SMNsIx014440@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Digital Music Pad Playlist Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA41613 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41613/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41613 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41613/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41613/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41613 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Abhishek Lyall has discovered a vulnerability in Digital Music Pad, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the use of a vulnerable version of a MultiMedia Soft component. For more information: SA41519 The vulnerability is confirmed in version 8.2.3.3.4. Other versions may also be affected. SOLUTION: Do not open playlist files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Abhishek Lyall ORIGINAL ADVISORY: http://aslitsecurity.blogspot.com/2010/09/digital-music-pad-version-82334-seh.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 15:47:10 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 00:47:10 +0200 Subject: [SEC] [SA41612] Nero Products Insecure Library Loading Vulnerabilities Message-ID: <201009282247.o8SMlAeu003001@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Nero Products Insecure Library Loading Vulnerabilities SECUNIA ADVISORY ID: SA41612 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41612/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41612 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41612/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41612/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41612 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in Nero, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to certain bundled applications loading various libraries in an insecure manner and also including vulnerable versions of mfc71.dll and mfc71u.dll, which load libraries (e.g. mfc71enu.dll, mfc71loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a Quicktime Movie (.mov), Windows Bitmap Image (.bmp), Nero CD Cover Document (.cdc), CUE Image (.cue), Nero BackItUp Archive (.nba), or Nero SoundTrax Project (.npf) located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerabilities are confirmed in the following products bundled with Nero 7.11.10.0 Premium: * Nero ShowTime 3.10.1.0 * Nero PhotoSnap 1.2.0.25 * Nero PhotoSnap Viewer 1.2.0.25 * Nero CoverDesigner 2.10.1.1 * Nero Burning ROM 7.11.10.0 * Nero BackItUp 2.10.6.4 * Nero Vision 4.9.7.6 * Nero SoundTrax 2.10.1.0 SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Mister Teatime Additional information provided by Secunia Research. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 16:12:29 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 01:12:29 +0200 Subject: [SEC] [SA41568] Nero Products Insecure Library Loading Vulnerabilities Message-ID: <201009282312.o8SNCT92024083@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Nero Products Insecure Library Loading Vulnerabilities SECUNIA ADVISORY ID: SA41568 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41568 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41568/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41568/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41568 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in Nero, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to certain bundled applications loading various libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a Nero CD Cover Document (.cdc) or Nero BackItUp Archive (.nba) located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerabilities are confirmed in the following products bundled with Nero 8.3.13 Ultra: * Nero CoverDesigner 3.3.3.0: * Nero BackItUp 3.5.4.0 SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Mister Teatime OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 16:44:47 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 01:44:47 +0200 Subject: [SEC] [SA41643] Digital Music Pad Insecure Library Loading Vulnerability Message-ID: <201009282344.o8SNilwO013085@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Digital Music Pad Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA41643 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41643/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41643 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41643/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41643/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41643 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Digital Music Pad, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc71u.dll, which loads libraries (e.g. mfc71enu.dll and mfc71loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a M3U or PLS file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code, but requires that files are opened via the Windows Explorer "Open With" menu. The vulnerability is confirmed in version 8.2.3.3.4. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Mister Teatime OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 17:12:00 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 02:12:00 +0200 Subject: [SEC] [SA41614] SLURM Insecure LD_LIBRARY_PATH Privilege Escalation Message-ID: <201009290012.o8T0C0KM001789@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SLURM Insecure LD_LIBRARY_PATH Privilege Escalation SECUNIA ADVISORY ID: SA41614 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41614/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41614 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41614/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41614/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41614 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two security issues have been reported in SLURM, which can be exploited by malicious, local users to gain escalated privileges. The security issues are caused due to the slurm and slurmdbd scripts incorrectly setting the environment variable LD_LIBRARY_PATH. This can be exploited to gain escalated privileges e.g. by tricking a user into running the scripts in a directory containing a malicious library. The security issues are reported in versions prior to 2.1.14. SOLUTION: Update to version 2.1.14. PROVIDED AND/OR DISCOVERED BY: The vendor credits Raphael Geissert. ORIGINAL ADVISORY: http://sourceforge.net/projects/slurm/files/slurm/version_2.1/2.1.14/RELEASE_NOTES_2.1.14/view OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Sep 28 17:44:48 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 02:44:48 +0200 Subject: [SEC] [SA41641] Fedora update for libmspack and cabextract Message-ID: <201009290044.o8T0imOx023244@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for libmspack and cabextract SECUNIA ADVISORY ID: SA41641 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41641/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41641 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41641/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41641/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41641 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libmspack and cabextract. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA40719 SA40854 SOLUTION: Apply updated packages via the yum utility ("yum update libmspack cabextract"). ORIGINAL ADVISORY: FEDORA-2010-14634: https://admin.fedoraproject.org/updates/libmspack-0.2-0.1.20100723alpha.fc12,cabextract-1.3-1.fc12 FEDORA-2010-14722: https://admin.fedoraproject.org/updates/libmspack-0.2-0.1.20100723alpha.fc13,cabextract-1.3-1.fc13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 10:28:04 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 19:28:04 +0200 Subject: [SEC] [SA41627] Horde IMP "fm_id" Cross-Site Scripting Vulnerability Message-ID: <201009291728.o8THS4LV024111@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Horde IMP "fm_id" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41627 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41627/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41627 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41627/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41627/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41627 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Moritz Naumann has reported a vulnerability in Horde IMP, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "fm_id" parameter to fetchmailprefs.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in Horde IMP 4.3.7 or earlier. SOLUTION: Update to version 4.3.8. PROVIDED AND/OR DISCOVERED BY: Moritz Naumann ORIGINAL ADVISORY: Horde IMP: http://lists.horde.org/archives/announce/2010/000558.html Moritz Naumann: http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0379.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 11:28:17 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 20:28:17 +0200 Subject: [SEC] [SA41579] Horde Groupware Webmail Edition Two Vulnerabilities Message-ID: <201009291828.o8TISHdk014356@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Horde Groupware Webmail Edition Two Vulnerabilities SECUNIA ADVISORY ID: SA41579 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41579/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41579 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41579/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41579/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41579 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA41627 SA41639 SOLUTION: Update to version 1.2.7. ORIGINAL ADVISORY: http://lists.horde.org/archives/announce/2010/000568.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 12:28:04 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 21:28:04 +0200 Subject: [SEC] [SA41615] SAP Management Console Denial of Service Vulnerability Message-ID: <201009291928.o8TJS4L7004566@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: SAP Management Console Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41615 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41615/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41615 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41615/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41615/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41615 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in certain SAP products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the SAP Management Console, which can be exploited to trigger a NULL pointer dereference causing a DoS. The vulnerability is reported in the following components: * SAP KERNEL RELEASE 6.40 * SAP KERNEL RELEASE 7.00 * SAP KERNEL RELEASE 7.10 SOLUTION: Patches are available via SAP Notes 1469804 and 1151410. PROVIDED AND/OR DISCOVERED BY: Jordan Santarsieri, Onapsis ORIGINAL ADVISORY: http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2010-007 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 13:28:07 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 22:28:07 +0200 Subject: [SEC] [SA41650] Linux Kernel "snd_ctl_new()" Integer Overflow Vulnerability Message-ID: <201009292028.o8TKS7Kb027206@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Linux Kernel "snd_ctl_new()" Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA41650 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41650/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41650 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41650/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41650/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41650 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges. The vulnerability is caused due to an integer overflow error when allocating memory within the "snd_ctl_new()" function in sound/core/control.c, which can be exploited to cause a heap-based buffer overflow. Successful exploitation requires permissions to open "/dev/snd/controlC*". SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: http://git.kernel.org/?p=linux/kernel/git/tiwai/sound-2.6.git;a=commitdiff;h=5591bf07225523600450edd9e6ad258bb877b779 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 14:22:05 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 23:22:05 +0200 Subject: [SEC] [SA41624] Horde Gollem "file" Cross-Site Scripting Vulnerability Message-ID: <201009292122.o8TLM588017179@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Horde Gollem "file" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41624 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41624/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41624 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41624/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41624/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41624 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Horde Gollem, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "file" parameter to view.php is not properly sanitised before being returned to the user in error messages. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 1.1.2. SOLUTION: Update to version 1.1.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits nightmare.lmw. ORIGINAL ADVISORY: Horde Gollem: http://lists.horde.org/archives/announce/2010/000565.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 14:43:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 23:43:01 +0200 Subject: [SEC] [SA41638] MODx Cross-Site Scripting and Local File Inclusion Vulnerabilities Message-ID: <201009292143.o8TLh1uB005656@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MODx Cross-Site Scripting and Local File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA41638 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41638/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41638 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41638/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41638/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41638 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: John Leitch has discovered some vulnerabilities in MODx, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. 1) Input passed via the "modahsh" parameter to manager/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that the victim is logged out. 2) Input passed via the "class_key" parameter to manager/controllers/default/resource/tvs.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled The vulnerabilities are confirmed in version 2.0.2-pl. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. PROVIDED AND/OR DISCOVERED BY: John Leitch ORIGINAL ADVISORY: John Leitch: http://www.johnleitch.net/Vulnerabilities/MODx.Revolution.2.0.2-pl.Reflected.Cross-site.Scripting/47 http://www.johnleitch.net/Vulnerabilities/MODx.Revolution.2.0.2-pl.Local.File.Inclusion/49 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 14:57:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Sep 2010 23:57:35 +0200 Subject: [SEC] [SA41645] MPlayer FLIC Processing Multiple Array Indexing Vulnerabilities Message-ID: <201009292157.o8TLvZ5c026240@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: MPlayer FLIC Processing Multiple Array Indexing Vulnerabilities SECUNIA ADVISORY ID: SA41645 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41645/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41645 RELEASE DATE: 2010-09-29 DISCUSS ADVISORY: http://secunia.com/advisories/41645/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41645/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41645 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in MPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to the use of a vulnerable version of a FFmpeg library. For more information: SA41626 The vulnerabilities are reported in version 1.0rc3. Other versions may also be affected. SOLUTION: Fixed in SVN snapshot 2010-09-29. PROVIDED AND/OR DISCOVERED BY: Cesar Bernardini and Felipe Felipe Andres Manzano, reported via oCERT. ORIGINAL ADVISORY: oCERT: http://www.ocert.org/advisories/ocert-2010-004.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 15:25:35 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 00:25:35 +0200 Subject: [SEC] [SA41639] Horde DIMP Cross-Site Scripting Vulnerability Message-ID: <201009292225.o8TMPZ8J015124@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Horde DIMP Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA41639 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41639/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41639 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41639/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41639/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41639 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Horde DIMP, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the folder label in the mailbox page is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 1.1.5. SOLUTION: Update to version 1.1.5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Horde DIMP: http://lists.horde.org/archives/announce/2010/000561.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 15:46:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 00:46:24 +0200 Subject: [SEC] [SA41625] phpMyFAQ Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201009292246.o8TMkOAl003587@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: phpMyFAQ Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA41625 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41625/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41625 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41625/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41625/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41625 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in phpMyFAQ, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 2.6.9. SOLUTION: Update to version 2.6.9. PROVIDED AND/OR DISCOVERED BY: The vendor credits Yam Mesicka. ORIGINAL ADVISORY: phpMyFAQ: http://www.phpmyfaq.de/advisory_2010-09-28.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 16:12:15 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 01:12:15 +0200 Subject: [SEC] [SA41631] NetBSD update for bzip2 Message-ID: <201009292312.o8TNCFfM024700@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: NetBSD update for bzip2 SECUNIA ADVISORY ID: SA41631 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41631/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41631 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41631/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41631/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41631 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: NetBSD has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA41452 SOLUTION: Fixed in the CVS repository (please see the vendor advisory for details). ORIGINAL ADVISORY: NetBSD-SA2010-007: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-007.txt.asc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 16:44:37 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 01:44:37 +0200 Subject: [SEC] [SA41647] IBM WebSphere Application Server Community Edition Tomcat Vulnerability Message-ID: <201009292344.o8TNibQO013701@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server Community Edition Tomcat Vulnerability SECUNIA ADVISORY ID: SA41647 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41647/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41647 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41647/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41647/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41647 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM WebSphere Application Server Community Edition, which can be exploited by malicious people to disclose certain system information and cause a DoS (Denial of Service). The application bundles a vulnerable version of Apache Tomcat. For more information see vulnerability #2 in: SA39574 The vulnerability is reported in version 2.1.1.4 running on AIX, Linux, Solaris, and Windows. SOLUTION: Follow the patch instructions. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www-01.ibm.com/support/docview.wss?uid=swg21448032 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 17:11:51 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 02:11:51 +0200 Subject: [SEC] [SA41648] Sun Solaris FreeType CFF Font Parsing Vulnerability Message-ID: <201009300011.o8U0Bp9l002419@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Sun Solaris FreeType CFF Font Parsing Vulnerability SECUNIA ADVISORY ID: SA41648 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41648/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41648 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41648/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41648/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41648 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a user's system. For more information: SA40816 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2010_1797_buffer_overflow OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 17:44:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 02:44:31 +0200 Subject: [SEC] [SA41654] BIND Denial of Service and Security Bypass Vulnerabilities Message-ID: <201009300044.o8U0iVBa023862@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: BIND Denial of Service and Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA41654 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41654/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41654 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41654/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41654/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41654 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in BIND, which can be exploited by malicious people to bypass certain restrictions or cause a DoS (Denial of Service). 1) An error may allow access to the cache via recursion even though an ACL disallows it. Successful exploitation requires BIND running as both authoritative and recursive DNS server in the same view. 2) An error when processing records from an authoritative server during DNSSEC query validation can be exploited to cause a server to crash via a bad signature in the response. Successful exploitation requires BIND to be configured as a DNSSEC validating server with multiple trust anchors configured for the same zone. The vulnerabilities are reported in version 9.7.2 through 9.7.2-P1. SOLUTION: Update to version 9.7.2-P2. PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Alexandre Simon. 2) Reported by the vendor. ORIGINAL ADVISORY: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Sep 29 18:09:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 03:09:32 +0200 Subject: [SEC] [SA41626] FFmpeg FLIC Processing Multiple Array Indexing Vulnerabilities Message-ID: <201009300109.o8U19WpD012513@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: FFmpeg FLIC Processing Multiple Array Indexing Vulnerabilities SECUNIA ADVISORY ID: SA41626 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41626/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41626 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41626/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41626/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41626 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to compromise an application using the library. The vulnerabilities are caused due to array-indexing errors in the FLIC Video Decoder (libavcodec/flicvideo.c) component within the "flic_decode_frame_8BPP()" and "flic_decode_frame_15_16BPP()" functions. This can be exploited to corrupt heap-based memory e.g. via a specially crafted FLI or FLC file. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in version 0.6. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Cesar Bernardini and Felipe Felipe Andres Manzano, reported via oCERT. ORIGINAL ADVISORY: oCERT: http://www.ocert.org/advisories/ocert-2010-004.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 10:27:49 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 19:27:49 +0200 Subject: [SEC] [SA41618] VMware ESX Server Service Console Multiple Vulnerabilities Message-ID: <201009301727.o8UHRn1k006060@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: VMware ESX Server Service Console Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41618 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41618/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41618 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41618/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41618/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41618 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged multiple vulnerabilities in VMware ESX Server, where one has an unknown impact and the others can be exploited by malicious, local users to disclose potentially sensitive information and bypass certain security restrictions and by malicious people to manipulate certain data, conduct spoofing attacks, bypass certain security features, and cause a DoS (Denial of Service). For more information: SA37291 SA37355 SA38091 SA38427 SA38807 SA39165 SA40002 The vulnerabilities are reported in version 4.0 and 4.1. SOLUTION: Apply patches if available. Restrict local and network access to trusted users only. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: VMSA-2010-0015: http://lists.vmware.com/pipermail/security-announce/2010/000106.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 11:27:56 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 20:27:56 +0200 Subject: [SEC] [SA41655] phpCAS Multiple Vulnerabilities Message-ID: <201009301827.o8UIRusk028716@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: phpCAS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41655 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41655/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41655 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41655/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41655/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41655 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and some vulnerabilities have been reported in phpCAS, which can be exploited by malicious users to perform certain actions with escalated privileges and disclose sensitive information and by malicious people to conduct cross-site scripting attacks. 1) The security issue is caused due to an error in the "write()" function in PGTStorage/pgt-file.php when writing to "PGT Iou" files. This can be exploited to overwrite arbitrary files via symlink attacks. 2) Certain unspecified input is not properly verified before being used to read files in the "validatePGT()" function in CAS/client.php. This can be exploited to read arbitrary files from local resources via directory traversal sequences. 3) Input passed via the "pgtId" and the "pgtIou" parameters is not properly sanitised in the "callback()" function in CAS/client.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The security issue and the vulnerabilities are reported in versions 1.0.1, 1.1.0, 1.1.1, and 1.1.2. SOLUTION: Fixed in the SVN repository. Reportedly, the security issue and the vulnerabilities will be fixed in the upcoming versions 1.1.3 and 1.2.0. PROVIDED AND/OR DISCOVERED BY: Reported by Raphael Geissert in a Debian bug. ORIGINAL ADVISORY: https://issues.jasig.org/browse/PHPCAS-80 https://developer.jasig.org/source/changelog/jasigsvn?cs=21538 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 12:27:58 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 21:27:58 +0200 Subject: [SEC] [SA41531] 3Com H3C 3100 / 3600 Switches DHCP Denial of Service Vulnerability Message-ID: <201009301927.o8UJRwDX018957@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: 3Com H3C 3100 / 3600 Switches DHCP Denial of Service Vulnerability SECUNIA ADVISORY ID: SA41531 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41531/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41531 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41531/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41531/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41531 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in 3Com H3C 3100 and 3600 Series switches, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing DHCP packets and can be exploited to cause a device to reboot via a specially crafted BOOTP or DHCP packet without the "Discover" (53) option. Successful exploitation requires DHCP snooping to be enabled. The vulnerability is reported in the following products: * 3Com H3C S3100-EI * 3Com H3C S3600-SI * 3Com H3C S3600-EI SOLUTION: Update to the latest version. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: 3Com (LSOD10083, LSOD10084): http://support.3com.com/documents/93010/H3C_S3600EI_CMW3.10.R1702P18_Release_Notes.pdf http://support.3com.com/documents/93010/H3C_S3100EI_CMW3.10.R2211P06_Release_Notes.pdf http://support.3com.com/documents/93010/H3C_S3600SI_CMW3.10.R1702P18_Release_Notes.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 13:27:55 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 22:27:55 +0200 Subject: [SEC] [SA41653] Fedora update for mantis Message-ID: <201009302027.o8UKRtGo009213@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for mantis SECUNIA ADVISORY ID: SA41653 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41653/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41653 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41653/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41653/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41653 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mantis. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. For more information: SA40832 SA41278 SOLUTION: Apply updated packages via the yum utility ("yum update mantis"). ORIGINAL ADVISORY: FEDORA-2010-15080: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048639.html FEDORA-2010-15082: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048659.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 14:22:01 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 23:22:01 +0200 Subject: [SEC] [SA41668] webSPELL Multiple Vulnerabilities Message-ID: <201009302122.o8ULM1Vh031595@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: webSPELL Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41668 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41668/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41668 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41668/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41668/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41668 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in webSPELL, which can be exploited by malicious people to conduct SQL injection attacks and bypass certain security restrictions. 1) Input passed via the "search" parameter to asearch.php (when "site" is set to "search" and "table", "column", "identifier", and "searchtemp" are set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via the "cwID" parameter to clanwars_details.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 3) Certain input passed to contact.php is not properly sanitised before being used to construct an email message and can be exploited to inject arbitrary email addresses. 4) Certain input passed to shoutbox_content.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions prior to 4.2.2a. SOLUTION: Update to version 4.2.2a. PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Trex, also reported by silent vapor. 2 - 4) Reported by the vendor. ORIGINAL ADVISORY: http://www.webspell.org/index.php?site=news&show=Webspell%20Release OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 14:44:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Sep 2010 23:44:19 +0200 Subject: [SEC] [SA41662] Fedora update for php-pecl-apc Message-ID: <201009302144.o8ULiJxH020136@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Fedora update for php-pecl-apc SECUNIA ADVISORY ID: SA41662 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41662/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41662 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41662/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41662/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41662 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for php-pecl-apc. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA41661 SOLUTION: Apply updated packages using the yum utility ("yum update php-pecl-apc"). ORIGINAL ADVISORY: FEDORA-2010-15004: http://lists.fedoraproject.org/pipermail/package-announce/2010-September/048630.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 15:13:31 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 00:13:31 +0200 Subject: [SEC] [SA41651] Joomla JE Guestbook Component Multiple Vulnerabilities Message-ID: <201009302213.o8UMDVJW009099@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Joomla JE Guestbook Component Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41651 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41651/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41651 RELEASE DATE: 2010-09-30 DISCUSS ADVISORY: http://secunia.com/advisories/41651/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41651/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41651 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in JE Guestbook component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks and disclose sensitive information. 1) Input passed e.g. via the "d_itemid" parameter to index.php (when "option" is set to "com_jeguestbook" and "view" is set to "item_detail") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via the "view" parameter to index.php (when "option" is set to "com_jeguestbook") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. PROVIDED AND/OR DISCOVERED BY: Salvatore Fresta ORIGINAL ADVISORY: Salvatore Fresta: http://adv.salvatorefresta.net/JE_Guestbook_1.0_Joomla_Component_Multiple_Remote_Vulnerabilities-30092010.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 15:46:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 00:46:19 +0200 Subject: [SEC] [SA41675] Artica Multiple Vulnerabilities Message-ID: <201009302246.o8UMkJTW030509@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Artica Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41675 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41675/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41675 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41675/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41675/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41675 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Julien Cayssol has reported some vulnerabilities in Artica, which can be exploited by malicious users to disclose sensitive information, manipulate certain data, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, SQL injection attacks, and disclose sensitive information. 1) Input passed via the "mailattach" parameter to images.listener.php and the is not properly verified before being used to read files. This an be exploited to download arbitrary files from local resources via directory traversal sequences. 2) Input passed via e.g. the "ajax-events" parameter to artica.update.php is not properly verified before being used in the "artica_update_query_logs()" function in framework/cmd.php to read files. This can be exploited to read arbitrary files from local resources via directory traversal sequences. 3) Input passed via e.g. the "create-subdir" parameter to share-a-folder.php is not properly verified before being used in the "directory_create_user()" function in framework/cmd.php to create directories. This can be exploited to create arbitrary directories on the server. 4) Input passed via the "ShowID" parameter to artica.events.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 5) The application does not properly restrict access to certain log files and stats files. This can be exploited to view the logs and stats via e.g. postfix.events.php, logs/php.log, cgi-bin/awstats.pl, server-status, and server-config. 6) An error in the handling of access permissions in tree.php can be exploited to e.g. display the directory structure. 7) Certain unspecified input is not properly sanitised in a search function before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 1.4.090119. Other versions may also be affected. SOLUTION: The vulnerabilities are fixed in nightly build 1.4.092921. PROVIDED AND/OR DISCOVERED BY: Julien Cayssol ORIGINAL ADVISORY: http://www.artica.fr/index.php/get-a-download-artica/nightly-builds OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 16:11:45 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 01:11:45 +0200 Subject: [SEC] [SA41663] Drupal Memcache Module Multiple Vulnerabilities Message-ID: <201009302311.o8UNBjJL019223@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Memcache Module Multiple Vulnerabilities SECUNIA ADVISORY ID: SA41663 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41663/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41663 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41663/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41663/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41663 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and a vulnerability have been reported in the Memcache module for Drupal, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks. 1) The security issue is caused due to incorrect handling of the $user object, which could lead to a role change not being recognised until the user logs in again. 2) Input passed via unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 5.x-1.10 and 6.x-1.6. SOLUTION: Update to version 5.x-1.10 or later or 6.x-1.6 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Justin James Grevich * Moshe Weitzman ORIGINAL ADVISORY: SA-CONTRIB-2010-098: http://drupal.org/node/927016 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 16:47:09 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 01:47:09 +0200 Subject: [SEC] [SA41661] PECL Alternative PHP Cache "apc.php" Cross-Site Scripting Message-ID: <201009302347.o8UNl9Do008350@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: PECL Alternative PHP Cache "apc.php" Cross-Site Scripting SECUNIA ADVISORY ID: SA41661 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41661/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41661 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41661/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41661/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41661 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the PECL Alternative PHP Cache (APC) extension, which can potentially be exploited by malicious people to conduct cross-site scripting attacks. Input passed to apc.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Fixed in version 3.1.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://pecl.php.net/package-info.php?package=APC&version=3.1.4 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 17:12:04 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 02:12:04 +0200 Subject: [SEC] [SA41676] Drupal Imagemenu Module Cross-Site Request Forgery Vulnerability Message-ID: <201010010012.o910C4bh029429@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Imagemenu Module Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41676 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41676/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41676 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41676/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41676/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41676 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Imagemenu module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks. The module allows users to perform certain actions via HTTP requests without properly verifying the validity of the requests. This can be exploited to e.g. change settings in the module back-end by tricking a logged-in administrative user into visiting a malicious web site. The vulnerability is reported in versions prior to 5.x-1.2. SOLUTION: Update to version 5.x-1.2 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Ivo Van Geertruyen. ORIGINAL ADVISORY: SA-CONTRIB-2010-097: http://drupal.org/node/926734 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 17:44:39 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 02:44:39 +0200 Subject: [SEC] [SA41669] Drupal Imagemenu Module Script Insertion Vulnerabilities Message-ID: <201010010044.o910idkR018440@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Drupal Imagemenu Module Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA41669 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41669/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41669 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41669/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41669/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41669 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in the Imagemenu module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Input passed via menu titles and the menu item description is not properly sanitised before being used and returned to the user. This can be exploited to insert arbitrary HTML and script code, which will get executed in a user's browser session when the malicious data is being viewed. Successful exploitation requires "administer imagemenu" privileges. The vulnerabilities are reported in versions prior to 6.x-1.3. SOLUTION: Update to version 6.x-1.3 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Joachim Noreiko * Ivo Van Geertruyen ORIGINAL ADVISORY: SA-CONTRIB-2010-097: http://drupal.org/node/926734 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 18:09:46 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 03:09:46 +0200 Subject: [SEC] [SA41629] Zimplit Cross-Site Request Forgery Vulnerability Message-ID: <201010010109.o9119kZE007116@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Zimplit Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41629 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41629/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41629 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41629/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41629/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41629 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in Zimplit, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add arbitrary posts by tricking the administrator into visiting a malicious web site. The vulnerability is confirmed in version 3.0. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: High-Tech Bridge SA (HTB22605): http://www.htbridge.ch/advisory/xsrf_csrf_in_zimplit.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 18:23:43 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 03:23:43 +0200 Subject: [SEC] [SA41619] Pluck Cross-Site Request Forgery Vulnerability Message-ID: <201010010123.o911Nhv2027689@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Pluck Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA41619 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41619/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41619 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41619/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41619/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41619 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Pluck, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the site settings, or create or delete arbitrary posts by tricking the administrator into visiting a malicious web site. This can further be exploited to conduct script insertion attacks via the "administration center". The vulnerability is confirmed in version 4.6.3. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: * Script insertion reported by High-Tech Bridge SA. * Independently reported by Russ McRee via Secunia. ORIGINAL ADVISORY: High-Tech Bridge SA (HTB22610): http://www.htbridge.ch/advisory/xss_vulnerability_in_pluck.html Russ McRee: http://holisticinfosec.org/content/view/154/45/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 18:44:32 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 03:44:32 +0200 Subject: [SEC] [SA41642] Gentoo fence Insecure Temporary Files Message-ID: <201010010144.o911iWpn016165@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Gentoo fence Insecure Temporary Files SECUNIA ADVISORY ID: SA41642 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41642/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41642 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41642/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41642/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41642 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has acknowledged some security issues in fence, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA31887 SOLUTION: The vendor recommends to remove the package. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://www.gentoo.org/security/en/glsa/glsa-201009-09.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 19:12:19 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 04:12:19 +0200 Subject: [SEC] [SA41658] Ubuntu update for libhx Message-ID: <201010010212.o912CJlO005429@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for libhx SECUNIA ADVISORY ID: SA41658 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41658/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41658 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41658/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41658/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41658 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libhx. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library. For more information: SA41290 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-994-1: http://www.ubuntu.com/usn/usn-994-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 19:43:20 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 04:43:20 +0200 Subject: [SEC] [SA41659] Ubuntu update for libgdiplus Message-ID: <201010010243.o912hKbY026787@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for libgdiplus SECUNIA ADVISORY ID: SA41659 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41659/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41659 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41659/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41659/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41659 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libgdiplus. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA40792 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-993-1: http://www.ubuntu.com/usn/usn-993-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 19:55:18 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 04:55:18 +0200 Subject: [SEC] [SA41667] Red Hat update for kernel Message-ID: <201010010255.o912tIRF014876@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA41667 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41667/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41667 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41667/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41667/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41667 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities and weaknesses, which can be exploited by malicious local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or gain escalated privileges, and by malicious people to disclose potentially sensitive information. For more information: SA38601 SA39490 SA40205 SA41245 1) An error exists within eCryptfs when generating hash values, which can be exploited to e.g. cause a kernel panic or gain escalated privileges. 2) An error within the GFS2 file system when handing certain rename operations can be exploited to cause a kernel crash. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: https://rhn.redhat.com/errata/RHSA-2010-0723.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 20:08:24 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 05:08:24 +0200 Subject: [SEC] [SA41633] Debian update for moodle Message-ID: <201010010308.o9138OnC002994@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Debian update for moodle SECUNIA ADVISORY ID: SA41633 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41633/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41633 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41633/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41633/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41633 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for moodle. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting, script insertion, cross-site request forgery, and SQL injection attacks. For more information: SA39129 SA40248 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: DSA-2115-1: http://lists.debian.org/debian-security-announce/2010/msg00164.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 20:22:22 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 05:22:22 +0200 Subject: [SEC] [SA41660] Ubuntu update for avahi Message-ID: <201010010322.o913MMaA023576@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for avahi SECUNIA ADVISORY ID: SA41660 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41660/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41660 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41660/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41660/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41660 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for avahi. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA34083 SA40470 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-992-1: http://www.ubuntu.com/usn/usn-992-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 20:43:21 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 05:43:21 +0200 Subject: [SEC] [SA41649] Ubuntu update for mako Message-ID: <201010010343.o913hL0u012056@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for mako SECUNIA ADVISORY ID: SA41649 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41649/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41649 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41649/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41649/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41649 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for mako. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting or script insertion attacks. For more information: SA39935 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-996-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Sep 30 20:55:26 2010 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Oct 2010 05:55:26 +0200 Subject: [SEC] [SA41657] Ubuntu update for libmikmod Message-ID: <201010010355.o913tQhf032548@CRON-IX-2.intnet> ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Ubuntu update for libmikmod SECUNIA ADVISORY ID: SA41657 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41657/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41657 RELEASE DATE: 2010-10-01 DISCUSS ADVISORY: http://secunia.com/advisories/41657/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41657/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41657 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libmikmod. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA33485 SA37775 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-995-1: http://www.ubuntu.com/usn/usn-995-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ----------------------------------------------------------------------