From sec-adv at secunia.com Mon Aug 1 10:34:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 1 Aug 2011 19:34:09 +0200 Subject: [SEC] [SA45494] SUSE update for libsndfile Message-ID: <201108011734.p71HY97r017010@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for libsndfile SECUNIA ADVISORY ID: SA45494 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45494/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45494 RELEASE DATE: 2011-08-01 DISCUSS ADVISORY: http://secunia.com/advisories/45494/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45494/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45494 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libsndfile. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library and potentially compromise an application using the library. For more information: SA35266 SA45125 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0854-1: https://hermes.opensuse.org/messages/10207276 SUSE-SU-2011:0856-1: https://hermes.opensuse.org/messages/10387559 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 11:32:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 1 Aug 2011 20:32:21 +0200 Subject: [SEC] [SA45479] Link Station Pro "username" and "password" SQL Injection Vulnerabilities Message-ID: <201108011832.p71IWLMn007799@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Link Station Pro "username" and "password" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45479 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45479/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45479 RELEASE DATE: 2011-08-01 DISCUSS ADVISORY: http://secunia.com/advisories/45479/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45479/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45479 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Link Station Pro, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "username" and "password" parameters to resources/admin/index.php (when "op" is set to "adminlogin") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Raghavendra Karthik D OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 12:32:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 1 Aug 2011 21:32:30 +0200 Subject: [SEC] [SA45486] Slackware update for libpng Message-ID: <201108011932.p71JWUpj031113@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Slackware update for libpng SECUNIA ADVISORY ID: SA45486 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45486/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45486 RELEASE DATE: 2011-08-01 DISCUSS ADVISORY: http://secunia.com/advisories/45486/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45486/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45486 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA45046 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.617466 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 13:33:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 1 Aug 2011 22:33:01 +0200 Subject: [SEC] [SA45468] World of Padman Command Injection Vulnerability Message-ID: <201108012033.p71KX195022029@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: World of Padman Command Injection Vulnerability SECUNIA ADVISORY ID: SA45468 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45468/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45468 RELEASE DATE: 2011-08-01 DISCUSS ADVISORY: http://secunia.com/advisories/45468/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45468/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45468 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in World of Padman, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input validation error within the used Icculus.org Quake 3 Engine. For more information: SA45417 The vulnerability is reported in version 1.5 and 1.5.1. SOLUTION: Apply hotfix 1.5.1.1. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://worldofpadman.com/website/news/en/article/266/wop-1-5-1-1-hotfix-released-for-linux.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 14:26:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 1 Aug 2011 23:26:44 +0200 Subject: [SEC] [SA45433] SUSE update for libsndfile Message-ID: <201108012126.p71LQiZa012582@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for libsndfile SECUNIA ADVISORY ID: SA45433 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45433/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45433 RELEASE DATE: 2011-08-01 DISCUSS ADVISORY: http://secunia.com/advisories/45433/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45433/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45433 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libsndfile. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library. For more information: SA45125 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0855-1: https://hermes.opensuse.org/messages/10387521 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 14:47:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 1 Aug 2011 23:47:30 +0200 Subject: [SEC] [SA45219] AccessData FTK CorelDRAW Parser Buffer Overflow Vulnerability Message-ID: <201108012147.p71LlUI8001437@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: AccessData FTK CorelDRAW Parser Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45219 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45219/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45219 RELEASE DATE: 2011-08-01 DISCUSS ADVISORY: http://secunia.com/advisories/45219/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45219/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45219 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in AccessData Forensic Toolkit, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the software bundling a vulnerable Outside In library. For more information see vulnerability #1: SA45297 The vulnerability is reported in version 3.2. Other versions may also be affected. SOLUTION: Do not click on untrusted CDR files. PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: US-CERT VU#103425: http://www.kb.cert.org/vuls/id/103425 http://www.kb.cert.org/vuls/id/WDON-8J4JE3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 15:12:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 00:12:16 +0200 Subject: [SEC] [SA45484] IBM System Storage DS8000 Series Java Double Literal Denial of Service Vulnerability Message-ID: <201108012212.p71MCG8P022996@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM System Storage DS8000 Series Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45484 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45484/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45484 RELEASE DATE: 2011-08-01 DISCUSS ADVISORY: http://secunia.com/advisories/45484/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45484/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45484 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM System Storage DS8000 series, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA43262 Please see the vendor's advisory for the list of affected products. SOLUTION: Apply Updates. Please see the vendor's advisory for details. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=ssg1S1003877 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 15:47:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 00:47:13 +0200 Subject: [SEC] [SA45493] Fedora update for erlang Message-ID: <201108012247.p71MlD5R012601@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for erlang SECUNIA ADVISORY ID: SA45493 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45493/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45493 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45493/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45493/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45493 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for erlang. This fixes a security issue, which can be exploited by malicious people to conduct brute force attacks. For more information: SA44709 SOLUTION: Apply updated packages via the yum utility ("yum update erlang"). ORIGINAL ADVISORY: FEDORA-2011-9657: http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063115.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 16:13:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 01:13:04 +0200 Subject: [SEC] [SA45490] Fedora update for systemtap Message-ID: <201108012313.p71ND4Pp001715@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for systemtap SECUNIA ADVISORY ID: SA45490 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45490/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45490 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45490/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45490/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45490 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for systemtap. This fixes two security issues, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA45377 SOLUTION: Apply updated packages via the yum utility ("yum update systemtap"). ORIGINAL ADVISORY: FEDORA-2011-9739: http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063230.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 16:47:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 01:47:26 +0200 Subject: [SEC] [SA45492] Fedora update for libpng Message-ID: <201108012347.p71NlQLU023762@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for libpng SECUNIA ADVISORY ID: SA45492 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45492/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45492 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45492/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45492/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45492 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libpng. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA45046 SOLUTION: Apply updated packages via the yum utility ("yum update libpng"). ORIGINAL ADVISORY: FEDORA-2011-9336: http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 1 17:15:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 02:15:24 +0200 Subject: [SEC] [SA45491] Fedora update for xml-security-c Message-ID: <201108020015.p720FOEU013026@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for xml-security-c SECUNIA ADVISORY ID: SA45491 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45491/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45491 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45491/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45491/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45491 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for xml-security-c. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library. For more information: SA45151 SOLUTION: Apply updated packages via the yum utility ("yum update xml-security-c"). ORIGINAL ADVISORY: FEDORA-2011-9501: http://lists.fedoraproject.org/pipermail/package-announce/2011-July/063159.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 10:33:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 19:33:07 +0200 Subject: [SEC] [SA45380] ZoneMinder Local File Inclusion Vulnerability Message-ID: <201108021733.p72HX7GG021765@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: ZoneMinder Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA45380 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45380/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45380 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45380/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45380/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45380 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ZoneMinder, which can be exploited by malicious users to disclose sensitive information. Input passed to the e.g. "view" parameter in index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is reported in version 1.24.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Iye ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17593/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 11:32:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 20:32:21 +0200 Subject: [SEC] [SA45471] Red Hat update for foomatic Message-ID: <201108021832.p72IWLPm012608@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for foomatic SECUNIA ADVISORY ID: SA45471 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45471/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45471 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45471/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45471/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45471 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for foomatic. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45196 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1109-01: https://rhn.redhat.com/errata/RHSA-2011-1109.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 12:32:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 21:32:46 +0200 Subject: [SEC] [SA45474] Fedora update for java-1.6.0-openjdk Message-ID: <201108021932.p72JWkHP003515@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for java-1.6.0-openjdk SECUNIA ADVISORY ID: SA45474 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45474/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45474 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45474/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45474/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45474 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for java-1.6.0-openjdk. This fixes a security issue, which can be exploited by malicious people to disclose sensitive information. An error within the JNLP (Java Network Launching Protocol) implementation allows an unsigned Java Web Start application or Java Applet to read the path of the cache directory and disclose the username and path to the user's home directory. SOLUTION: Apply updated packages via the yum utility ("yum update java-1.6.0-openjdk"). ORIGINAL ADVISORY: FEDORA-2011-9523: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063264.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 13:33:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 22:33:20 +0200 Subject: [SEC] [SA45477] Red Hat update for foomatic Message-ID: <201108022033.p72KXKCN026855@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for foomatic SECUNIA ADVISORY ID: SA45477 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45477/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45477 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45477/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45477/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45477 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for foomatic. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45196 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1110-01: https://rhn.redhat.com/errata/RHSA-2011-1110.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 14:27:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 23:27:37 +0200 Subject: [SEC] [SA45457] Android Browser Sandbox Security Bypass Security Issue Message-ID: <201108022127.p72LRbnA017448@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Android Browser Sandbox Security Bypass Security Issue SECUNIA ADVISORY ID: SA45457 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45457/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45457 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45457/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45457/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45457 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Android, which can be exploited by malicious people to bypass certain security features. The security issue is caused due to an error within the the URL loading of the Android Browser, which can be exploited to bypass the sandbox and inject and execute script code in the context of an arbitrary domain. Successful exploitation requires that a malicious application is installed and used. The security issue is reported in version 3.1. Other versions may also be affected. SOLUTION: Update to version 3.2. PROVIDED AND/OR DISCOVERED BY: Roee Hay and Yair Amit, IBM Rational Application Security Research Group ORIGINAL ADVISORY: http://blog.watchfire.com/files/advisory-android-browser.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 14:48:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 2 Aug 2011 23:48:41 +0200 Subject: [SEC] [SA45463] Elgg Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201108022148.p72LmfFw006351@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Elgg Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45463 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45463/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45463 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45463/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45463/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45463 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Aung Khant has discovered multiple vulnerabilities in Elgg, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed to the "page_owner" parameter in mod/file/search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "content" parameter in mod/riverdashboard/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed to the "internalname" parameter in engine/handlers/pagehandler.php (when "handler" is set to "embed" and "page" is set to "upload") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Input passed to the "page" parameter in engine/handlers/pagehandler.php (when handler is set to "pages") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 5) Input passed to the "send_to" parameter in engine/handlers/pagehandler.php (when "handler" is set to "messages" and "page" is set to "compose") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 6) Input passed to the "container_guid" parameter in engine/handlers/pagehandler.php (when "handler" is set to "pages" and "page" is set to "new") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of the vulnerabilities #5 and #6 may require that the victim is running Internet Explorer or Konqueror. The vulnerabilities are confirmed in version 1.7.9. Prior versions may also be affected. SOLUTION: Update to version 1.7.10. PROVIDED AND/OR DISCOVERED BY: Aung Khant, YGN Ethical Hacker Group ORIGINAL ADVISORY: YGN Ethical Hacker Group: http://yehg.net/lab/pr0js/advisories/%5Belgg_179%5D_cross_site_scripting Elgg Blog: http://blog.elgg.org/pg/blog/brett/read/186/elgg-1710-released OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 15:13:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 00:13:07 +0200 Subject: [SEC] [SA45466] SUSE update for kernel Message-ID: <201108022213.p72MD74A027853@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA45466 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45466/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45466 RELEASE DATE: 2011-08-02 DISCUSS ADVISORY: http://secunia.com/advisories/45466/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45466/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45466 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people to cause a DoS, and by malicious people with physical access to potentially compromise a vulnerable system. For more information: SA43496 SA43716 SA44091 SA44094 SA44164 SA44248 SA44625 SA44754 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0860-1: https://hermes.opensuse.org/messages/10455026 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 15:47:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 00:47:28 +0200 Subject: [SEC] [SA45458] SUSE update for kernel Message-ID: <201108022247.p72MlS3I017433@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA45458 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45458/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45458 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45458/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45458/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45458 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), conduct session hijack attacks, and potentially gain escalated privileges, by malicious people to cause a DoS and potentially compromise a vulnerable system, and by malicious people with physical access to potentially compromise a vulnerable system. For more information: SA41493 SA43009 SA43496 SA43576 SA43716 SA43841 SA44091 SA44094 SA44164 SA44754 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0861-1: https://hermes.opensuse.org/messages/10455025 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 16:13:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 01:13:05 +0200 Subject: [SEC] [SA45076] Novell ZENworks Handheld Management Arbitrary File Creation Vulnerability Message-ID: <201108022313.p72ND5XU006570@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Novell ZENworks Handheld Management Arbitrary File Creation Vulnerability SECUNIA ADVISORY ID: SA45076 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45076/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45076 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45076/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45076/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45076 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Novell ZENworks Handheld Management, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input sanitation error in the Common.dll library when processing the "messageID" field of certain requests. This can be exploited to create arbitrary files with controlled content via directory traversal sequences in a specially crafted packet sent to TCP port 2398. Successful exploitation allows execution of arbitrary code, but requires guessing the "InstallationID" parameter, which is based on a Windows time value. The vulnerability is confirmed in version 7.0.2.61213. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/zfhsrvr_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 16:47:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 01:47:24 +0200 Subject: [SEC] [SA45455] MyBB MyTabs Plugin "tab" SQL Injection Vulnerability Message-ID: <201108022347.p72NlOpg028562@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: MyBB MyTabs Plugin "tab" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45455 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45455/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45455 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45455/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45455/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45455 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the MyTabs plugin for MyBB, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "tab" parameter to index.php is not properly sanitised in inc/plugins/mytabs.php before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.31. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoRUN & dR.sqL OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 17:15:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 02:15:16 +0200 Subject: [SEC] [SA45473] Fedora update for mapserver Message-ID: <201108030015.p730FGRM017832@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for mapserver SECUNIA ADVISORY ID: SA45473 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45473/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45473 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45473/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45473/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45473 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mapserver. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks and potentially compromise a vulnerable system. For more information: SA45257 SOLUTION: Apply updated packages via the yum utility ("yum update mapserver"). ORIGINAL ADVISORY: FEDORA-2011-9555: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063274.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 17:47:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 02:47:52 +0200 Subject: [SEC] [SA45287] Crafty Syntax Live Help "pageurl" URL Redirect and Cross-Site-Scripting Vulnerabilities Message-ID: <201108030047.p730lqQT007328@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Crafty Syntax Live Help "pageurl" URL Redirect and Cross-Site-Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45287 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45287/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45287 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45287/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45287/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45287 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Rosinei Muniz has discovered a weakness and a vulnerability in Crafty Syntax Live Help, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks. 1) Input passed via the "pageurl" parameter to livehelp.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "pageurl" parameter to livehelp.php is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. The weakness and the vulnerability are confirmed in version 3.1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. PROVIDED AND/OR DISCOVERED BY: Rosinei Muniz OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 2 18:12:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 03:12:23 +0200 Subject: [SEC] [SA45465] SUSE update for libapr1 Message-ID: <201108030112.p731CNAI028825@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for libapr1 SECUNIA ADVISORY ID: SA45465 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45465/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45465 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45465/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45465/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45465 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libapr1. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA41701 SA44490 SA44558 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0859-1: https://hermes.opensuse.org/messages/10420089 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 10:34:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 19:34:48 +0200 Subject: [SEC] [SA45131] libmodplug Multiple Vulnerabilities Message-ID: <201108031734.p73HYmeX002278@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: libmodplug Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45131 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45131/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45131 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45131/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45131/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45131 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in libmodplug, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. 1) An integer overflow error exists within the "CSoundFile::ReadWav()" function (src/load_wav.cpp) when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WAV file. 2) Boundary errors within the "CSoundFile::ReadS3M()" function (src/load_s3m.cpp) when processing S3M files can be exploited to cause stack-based buffer overflows by tricking a user into opening a specially crafted S3M file. 3) An off-by-one error within the "CSoundFile::ReadAMS()" function (src/load_ams.cpp) can be exploited to cause a stack corruption by tricking a user into opening a specially crafted AMS file. 4) An off-by-one error within the "CSoundFile::ReadDSM()" function (src/load_dms.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted DSM file. 5) An off-by-one error within the "CSoundFile::ReadAMS2()" function (src/load_ams.cpp) can be exploited to cause a memory corruption by tricking a user into opening a specially crafted AMS file. The vulnerabilities are reported in version 0.8.8.3. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Update to version 0.8.8.4 when available. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1-3) Hossein Lotfi via Secunia. 4, 5) Reported by the vendor. ORIGINAL ADVISORY: http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=2d4c56de314ab13e4437bd8b609f0b751066eee8 http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=f4e5295658fff000379caa122e75c9200205fe20 http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=26243ab9fe1171f70053e9aec4b20e9f7de9e4ef http://modplug-xmms.git.sourceforge.net/git/gitweb.cgi?p=modplug-xmms/modplug-xmms;a=commitdiff;h=16d7a78efe14d345a6c5b241f88422ad0ee483ea OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 11:36:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 20:36:28 +0200 Subject: [SEC] [SA45438] D-Link DPH 150s IP Phone Multiple Vulnerabilities Message-ID: <201108031836.p73IaShK025701@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: D-Link DPH 150s IP Phone Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45438 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45438/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45438 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45438/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45438/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45438 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Positive Research Center has reported multiple vulnerabilities in D-Link DPH 150s IP Phone, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable device. 1) The web management interface does not restrict access to the device configuration file, which can be exploited to disclose certain system configuration (e.g. administrative credentials). 2) An error within the web management interface can be exploited to upload a configuration file to the device. 3) An error within the web management interface can be exploited to modify the message shown on the device LCD display. 4) An error within the web management interface can be exploited to reboot the device. The vulnerabilities are reported in firmware versions FRU1.7.291.130 and prior. SOLUTION: Reportedly, the vendor has issued a fix. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Alexander Zaitsev, Gleb Gritsai, and Yuri Goltsev, Positive Research Center ORIGINAL ADVISORY: Positive Research Center: http://en.securitylab.ru/lab/PT-2011-08 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 13:16:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 22:16:10 +0200 Subject: [SEC] [SA45480] Ubuntu update for kernel Message-ID: <201108032016.p73KGAmP013091@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA45480 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45480/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45480 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45480/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45480/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45480 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information and cause a DoS (Denial of Service). For more information: SA42061 SA43594 SA44220 SA44248 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1183-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-August/001389.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 13:16:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 22:16:12 +0200 Subject: [SEC] [SA44321] IntegraXor Unspecified Cross-Site Scripting Vulnerability Message-ID: <201108032016.p73KGCdH013142@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IntegraXor Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44321 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44321/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44321 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/44321/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44321/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44321 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IntegraXor, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 3.60 Build 4080. SOLUTION: Update to version 3.60 Build 4080. PROVIDED AND/OR DISCOVERED BY: An anonymous researcher via ICS CERT. ORIGINAL ADVISORY: IntegraXor: http://www.integraxor.com/blog/security-issue-xss-vulnerability-note ICS CERT (ICSA-11-147-02): http://www.us-cert.gov/control_systems/pdf/ICSA-11-147-02.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 13:16:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 22:16:14 +0200 Subject: [SEC] [SA44885] UUSee UUPlayer ActiveX Control Two Vulnerabilities Message-ID: <201108032016.p73KGEV5013189@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: UUSee UUPlayer ActiveX Control Two Vulnerabilities SECUNIA ADVISORY ID: SA44885 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44885/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44885 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/44885/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44885/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44885 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered two vulnerabilities in UUSee, which can be exploited by malicious people to compromise a user's system. 1) A boundary error in the UUPlayer ActiveX control when handling the "SendLogAction()" method can be exploited to cause a heap-based buffer overflow via an overly long argument. 2) An input validation error in the UUPlayer ActiveX control when handling the "Play()" method can be exploited to execute an arbitrary program via a UNC path passed in the "MPlayerPath" parameter. Successful exploitation of these vulnerabilities allows execution of arbitrary code. The vulnerabilities are confirmed in version 2010 6.11.0609.2 bundling UUPlayer.ocx version 6.0.0.1. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2011-59/ http://secunia.com/secunia_research/2011-60/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 13:16:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 22:16:26 +0200 Subject: [SEC] [SA45470] FactoryTalk Services Platform Diagnostics Viewer File Processing Vulnerability Message-ID: <201108032016.p73KGQWQ013492@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: FactoryTalk Services Platform Diagnostics Viewer File Processing Vulnerability SECUNIA ADVISORY ID: SA45470 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45470/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45470 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45470/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45470/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45470 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in FactoryTalk Services Platform, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the FactoryTalk Diagnostics Viewer using a vulnerable version of Microsoft Visual Studio Active Template Library (ATL). This can be exploited to corrupt memory via a specially crafted configuration (".ftd") file. Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious file. For more information: SA35967 The vulnerability is reported in version 2.10.x (CPR9 SR2) and prior. SOLUTION: Update to version 2.30.00 (CPR9 SR3). PROVIDED AND/OR DISCOVERED BY: Billy Rios and Terry McCorkle via ICS CERT. ORIGINAL ADVISORY: Rockwell Automation: http://rockwellautomation.custhelp.com/app/answers/detail/a_id/448424 ICS CERT (ICSA-11-175-01): http://www.us-cert.gov/control_systems/pdf/ICSA-11-175-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 14:27:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 23:27:14 +0200 Subject: [SEC] [SA45481] vBulletin AdminCP Unspecified Cross-Site Scripting Vulnerability Message-ID: <201108032127.p73LRE4W005982@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: vBulletin AdminCP Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45481 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45481/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45481 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45481/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45481/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45481 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in vBulletin Publishing Suite and vBulletin Forum Classic, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input related to the AdminCP is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Please see the vendor's advisory for the list of affected products. SOLUTION: Apply patch. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://www.vbulletin.com/forum/showthread.php/385133-vBulletin-4.1.3-4.1.4-and-4.1.5-Security-Patch OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 14:48:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 3 Aug 2011 23:48:17 +0200 Subject: [SEC] [SA45416] TimThumb Domain Name Security Bypass and Insecure Cache Handling Vulnerabilities Message-ID: <201108032148.p73LmHbr027306@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: TimThumb Domain Name Security Bypass and Insecure Cache Handling Vulnerabilities SECUNIA ADVISORY ID: SA45416 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45416/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45416 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45416/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45416/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45416 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and a vulnerability have been reported in TimThumb, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system. 1) The application does not properly store content in the cache directory when processing input passed via the "src" parameter, which can be exploited to e.g. upload and execute arbitrary PHP files. The vulnerability is reported in versions prior to 1.33. 2) The application does not properly verify domain names passed via the "src" parameter, which can be exploited to bypass the allowed sites filter by providing a specially crafted domain. The weakness is reported in versions prior to 1.34. SOLUTION: Update to version 1.34. PROVIDED AND/OR DISCOVERED BY: Disclosed in SVN commits. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 15:12:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 00:12:53 +0200 Subject: [SEC] [SA45497] SUSE update for java-1_5_0-ibm Message-ID: <201108032212.p73MCr7h016412@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for java-1_5_0-ibm SECUNIA ADVISORY ID: SA45497 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45497/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45497 RELEASE DATE: 2011-08-03 DISCUSS ADVISORY: http://secunia.com/advisories/45497/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45497/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45497 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_5_0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA45206 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0863-1: https://hermes.opensuse.org/messages/10468668 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 15:48:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 00:48:42 +0200 Subject: [SEC] [SA45496] Ubuntu update for samba Message-ID: <201108032248.p73Mmge9006053@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for samba SECUNIA ADVISORY ID: SA45496 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45496/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45496 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45496/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45496/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45496 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for samba. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. For more information: SA45393 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1182-1: http://www.ubuntu.com/usn/usn-1182-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 16:13:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 01:13:31 +0200 Subject: [SEC] [SA45498] Google Chrome Multiple Vulnerabilities Message-ID: <201108032313.p73NDVmN027581@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45498 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45498/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45498 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45498/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45498/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45498 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact while others can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, and compromise a user's system. 1) An unspecified error exists when confirming an extension install via a browser dialog. 2) An error in rendering due to bad line box tracking can lead to a stale pointer. 3) The application does not prompt when downloading dangerous files. 4) An error exists within file permissions when handling drag and drop events. This vulnerability affects builds for Linux only. 5) An error when installing a developer mode NPAPI extension does not confirm the install via a browser dialog. 6) An unspecified error can be exploited to disclose the local file path via GL program log. 7) An input sanitisation error exists when handling homepage URL in extensions. 8) The application does not verify that the speech input bubble is on-screen. 9) An error due to re-entrancy issue in GPU lock can be exploited to cause a crash. 10) An error within inspector serialization can be exploited to cause a buffer overflow. 11) A use-after-free error exists within Pepper plug-in instantiation. 12) A use-after-free error exists when handling floating styles. 13) An unspecified error within ICU can be exploited to cause an out-of-bounds write. 14) A use-after-free error exists within float removal. 15) A use-after-free error exists within media selectors. 16) An unspecified error within text iteration can be exploited to cause an out-of-bounds read. 17) An unspecified error can lead to a cross-frame function leak. 18) A use-after-free error exists within Skia. 19) A use-after-free error exists within resource caching. 20) An unspecified error leads to internal schemes being web accessible. 21) A use-after-free error exists within HTML range handling. 22) An unspecified error can lead to client-side redirect target being leaked. 23) An error exists with v8 when handling const lookups. 24) An unspecified error when handling Skia paths can be exploited to cause an out-of-bounds read. 25) A use-after-free error exists within the frame loader. 26) A use-after-free error exists within display box rendering. 27) An unspecified error when handling nested functions within a PDF file can lead to a crash. 28) An unspecified error can lead to cross-origin script injection. 29) An unspecified error can lead to cross-origin violation in base URI handling. SOLUTION: Upgrade to version 13.0.782.107. PROVIDED AND/OR DISCOVERED BY: 1, 5, 28, 29) Sergey Glazunov 2) miaubiz and Martin Barbella 3, 6, 7, 9) kuzzcc 4) Evan Martin, Chromium development community 8) Olli Pettay, Mozilla 10) Mikolaj Malecki 11) Mario Gomes and kuzzcc 12, 14, 15, 16, 19, 21, 25) miaubiz 13) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of Sciences. 17) Shih Wei-Long 18) Inferno, Google Chrome Security Team and Kostya Serebryany, Chromium development community. 20) sirdarckcat, Google Security Team 22) Juho Nurminen 23) Christian Holler 24) Google Chrome Security Team (Inferno) 26) Martin Barbella 27) Aki Helin, OUSPG ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 16:50:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 01:50:49 +0200 Subject: [SEC] [SA45482] mt LinkDatenbank "b" Cross-Site Scripting Vulnerability Message-ID: <201108032350.p73NonJj017303@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: mt LinkDatenbank "b" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45482 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45482/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45482 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45482/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45482/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45482 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in mt LinkDatenbank, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "b" parameter in links.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Err0r ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/103674/mtlinkdatenbank-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 17:23:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 02:23:47 +0200 Subject: [SEC] [SA45483] NC LinkList "searchstring" Cross-Site Scripting Vulnerability Message-ID: <201108040023.p740Nl2T006805@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: NC LinkList "searchstring" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45483 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45483/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45483 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45483/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45483/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45483 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in NC LinkList, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "searchstring" POST parameter in index.php (when "action" is set to "search") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 1.3.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Err0r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 3 17:53:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 02:53:44 +0200 Subject: [SEC] [SA45042] Provideo ActiveX Controls Buffer Overflow Vulnerabilities Message-ID: <201108040053.p740riGN028583@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Provideo ActiveX Controls Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA45042 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45042/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45042 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45042/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45042/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45042 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered multiple vulnerabilities in Provideo ActiveX controls, which can be exploited by malicious people to compromise a user's system. 1) A boundary error in the alarm ActiveX control (2way.dll) when handling the "voice()" method can be exploited to cause a stack-based buffer overflow via an overly long "strIp" argument. 2) A boundary error in the GMAXPlayer ActiveX control when receiving network responses from a device connection specified via the "URL" and "CtrlPort" object parameters can be exploited to cause a stack-based buffer overflow. 3) A boundary error in the GMAXPlayer ActiveX control when processing the "UserName" and "Password" object parameters can be exploited to cause a heap-based buffer overflow. 4) A boundary error in the PAxPlayer ActiveX control when processing the "GetString()" method can be exploited to cause a heap-based buffer overflow via an overly long string passed in the "Id" parameter. 5) A boundary error in the PAxPlayer ActiveX control when processing the "ConnectIPCam()" method can be exploited to cause a stack-based buffer overflow via an overly long string passed in the "strAdr" parameter. Successful exploitation of these vulnerabilities allows execution of arbitrary code. The vulnerabilities are confirmed in the following controls (other versions may also be affected): * Provideo alarm ActiveX Control version 1.0.3.1. * Provideo GMAXPlayer ActiveX Control (AXPlayer.ocx) version 2.0.8.2. * Provideo PAxPlayer ActiveX Control (PAxPlayer.ocx) version 3.0.0.9. SOLUTION: Set the kill-bit for the affected ActiveX controls. PROVIDED AND/OR DISCOVERED BY: Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2011-56/ http://secunia.com/secunia_research/2011-57/ http://secunia.com/secunia_research/2011-58/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 10:41:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 19:41:13 +0200 Subject: [SEC] [SA45516] Apple QuickTime Multiple Vulnerabilities Message-ID: <201108041741.p74HfDHf030119@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45516 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45516/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45516 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45516/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45516/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45516 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. For more information: SA43814 SA45054 1) An error within the processing of GIF files can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted GIF file. 2) Multiple errors within the processing of H.264 files can be exploited to cause stack-based buffer overflows by tricking a user into opening a specially crafted file. 3) An error within the QuickTime ActiveX control when processing QTL files can be exploited to cause a stack-based buffer overflow by tricking a user into visiting a malicious website. Note: Vulnerabilities #1 through #3 do not affect Mac OS X versions. 4) An error within the processing of STSC atoms in QuickTime movie files can be exploited to cause a heap-based buffer overflow by tricking a user into opening specially crafted QuickTime movie files. 5) An error within the processing of STSS atoms in QuickTime movie files can be exploited to cause a heap-based buffer overflow by tricking a user into opening specially crafted QuickTime movie files. 6) An error within the processing of STSZ atoms in QuickTime movie files can be exploited to cause a heap-based buffer overflow by tricking a user into opening specially crafted QuickTime movie files. 7) An error within the processing of STTS atoms in QuickTime movie files can be exploited to cause a heap-based buffer overflow by tricking a user into opening specially crafted QuickTime movie files. SOLUTION: Update to version 7.7. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) An anonymous person via Beyond Security's SecuriTeam Secure Disclosure 2) Roi Mallo and Sherab Giovannini via ZDI 3) Chkr_d591 via ZDI 4 - 7) Matt 'j00ru' Jurczyk via ZDI ORIGINAL ADVISORY: http://support.apple.com/kb/HT4826 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 11:39:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 20:39:25 +0200 Subject: [SEC] [SA45502] Zabbix "backurl" Cross-Site Scripting Vulnerability Message-ID: <201108041839.p74IdPVh020918@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Zabbix "backurl" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45502 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45502/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45502 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45502/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45502/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45502 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Zabbix, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "backurl" parameter in acknow.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 1.8.6. SOLUTION: Update to version 1.8.6. PROVIDED AND/OR DISCOVERED BY: Reported by Damian Tommasino in a bug report. ORIGINAL ADVISORY: https://support.zabbix.com/browse/ZBX-3835 http://www.zabbix.com/rn1.8.6.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 12:38:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 21:38:18 +0200 Subject: [SEC] [SA45476] Wonderware Information Server Unspecified ActiveX Controls Buffer Overflow Vulnerabilities Message-ID: <201108041938.p74JcIhr011739@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Wonderware Information Server Unspecified ActiveX Controls Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA45476 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45476/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45476 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45476/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45476/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45476 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Wonderware Information Server, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to errors in unspecified ActiveX controls and can be exploited to cause a stack-based buffer overflow within the affected control. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in versions 3.1, 4.0, and 4.0 SP1. SOLUTION: Reportedly a patch has been released. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: Billy Rios and Terry McCorkle via ICS-CERT. ORIGINAL ADVISORY: ICS-CERT (ICSA-11-195-01): http://www.us-cert.gov/control_systems/pdf/ICSA-11-195-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 13:41:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 22:41:20 +0200 Subject: [SEC] [SA45472] Drupal iWebkit Theme Menu Links Script Insertion Vulnerability Message-ID: <201108042041.p74KfK3G002775@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Drupal iWebkit Theme Menu Links Script Insertion Vulnerability SECUNIA ADVISORY ID: SA45472 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45472/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45472 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45472/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45472/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45472 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the iWebkit theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain input related to menu links is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires "administer menu" permissions. The vulnerability is reported in 6.x-2.x versions prior to 6.x-2.2. SOLUTION: Update to version 6.x-2.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Thomas Turnbull. ORIGINAL ADVISORY: SA-CONTRIB-2011-033: http://drupal.org/node/1238534 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 14:34:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 4 Aug 2011 23:34:28 +0200 Subject: [SEC] [SA45447] Drupal Display Suite Module Unspecified Script Insertion Vulnerability Message-ID: <201108042134.p74LYSBu025748@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Drupal Display Suite Module Unspecified Script Insertion Vulnerability SECUNIA ADVISORY ID: SA45447 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45447/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45447 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45447/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45447/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45447 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Display Suite module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is reported in versions prior to 7.x-1.3. SOLUTION: Update to version 7.x-1.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Rolf van de Krol and Kristof De Jaeger. ORIGINAL ADVISORY: SA-CONTRIB-2011-034: http://drupal.org/node/1238556 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 15:07:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 00:07:41 +0200 Subject: [SEC] [SA45464] Mongoose HTTP PUT Request Processing Vulnerability Message-ID: <201108042207.p74M7fjp015281@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Mongoose HTTP PUT Request Processing Vulnerability SECUNIA ADVISORY ID: SA45464 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45464/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45464 RELEASE DATE: 2011-08-04 DISCUSS ADVISORY: http://secunia.com/advisories/45464/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45464/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45464 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Mongoose, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. The vulnerability is caused due to an error in the "put_dir()" function (mongoose.c) when processing HTTP PUT web requests. This can be exploited to cause an assertion error or a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code, but requires the server to be compiled with the "-DNDEBUG" option. The vulnerability is reported in version 3.0. Other versions may also be affected. SOLUTION: Fixed in the Mercurial repository. PROVIDED AND/OR DISCOVERED BY: Reported by Nico Golde to the oss-sec mailing list. ORIGINAL ADVISORY: http://seclists.org/oss-sec/2011/q3/267 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 15:34:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 00:34:16 +0200 Subject: [SEC] [SA45505] AlphaLPD Packet Processing Denial of Service Vulnerability Message-ID: <201108042234.p74MYG6g004465@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: AlphaLPD Packet Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45505 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45505/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45505 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45505/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45505/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45505 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in AlphaLPD, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an indexing error when processing certain requests and can be exploited to dereference an invalid memory location via specially crafted packets sent to TCP port 515. Successful exploitation requires knowing a valid printer queue name. The vulnerability is confirmed in version 4.0e. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Craig Freyman (cd1zz) OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 16:05:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 01:05:02 +0200 Subject: [SEC] [SA45475] Microsoft Windows CSRSS "SrvGetConsoleTitle()" Type Casting Weakness Message-ID: <201108042305.p74N52bn026293@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Windows CSRSS "SrvGetConsoleTitle()" Type Casting Weakness SECUNIA ADVISORY ID: SA45475 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45475/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45475 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45475/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45475/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45475 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Matthew Jurczyk has reported a weakness in Microsoft Windows, which can be exploited by malicious, local users to disclose potentially sensitive information or cause a DoS (Denial of Service). The weakness is caused due to a type casting error in the "SrvGetConsoleTitle()" function (winsrv.dll) within the Client/Server Run-time Subsystem (CSRSS) when performing a certain size check. This can be exploited to disclose some CSRSS memory or dereference invalid memory causing the kernel to crash. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Matthew Jurczyk (j00ru) ORIGINAL ADVISORY: http://j00ru.vexillium.org/?p=971 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 16:27:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 01:27:44 +0200 Subject: [SEC] [SA45397] FlexNet Publisher License Server Manager Buffer Overflow Vulnerability Message-ID: <201108042327.p74NRiCj015291@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: FlexNet Publisher License Server Manager Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45397 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45397/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45397 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45397/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45397/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45397 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in FlexNet Publisher, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error within the License Server Manager component (lmadmin) when processing opcode 0x2f packets. This can be exploited to cause a heap-based buffer overflow by sending specially crafted packets to e.g. TCP port 27000. The vulnerability is reported in version 11.9. Other versions may also be affected. SOLUTION: Restrict access to the affected service to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma via ZDI. ORIGINAL ADVISORY: ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-244/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 16:49:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 01:49:10 +0200 Subject: [SEC] [SA45513] WordPress WP e-Commerce Plugin "cart_messages[]" Cross-Site Scripting Vulnerability Message-ID: <201108042349.p74NnAOf004201@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress WP e-Commerce Plugin "cart_messages[]" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45513 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45513/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45513 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45513/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45513/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45513 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in the WP e-Commerce plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "cart_messages[]" parameter in wp-content/plugins/wp-e-commerce/wpsc-theme/wpsc-cart_widget.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that "register_globals" is enabled. The vulnerability is confirmed in version 3.8.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA. ORIGINAL ADVISORY: HTB23031: http://www.htbridge.ch/advisory/xss_in_wp_e_commerce.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 17:22:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 02:22:41 +0200 Subject: [SEC] [SA45512] HESK Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201108050022.p750Mf9S026185@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: HESK Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45512 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45512/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45512 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45512/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45512/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45512 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in HESK, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed to the "hesk_settings[tmp_title]" and "hesklang[ENCODING]" parameters in /inc/header.inc.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that "register_globals" is enabled. 2) Input passed via the URL to language/en/test.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 2.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA. ORIGINAL ADVISORY: HTB23030: http://www.htbridge.ch/advisory/multiple_xss_in_hesk.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 17:53:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 02:53:40 +0200 Subject: [SEC] [SA45499] Drupal Mail Logger Module Log Output Script Insertion Vulnerabilities Message-ID: <201108050053.p750rehM015610@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Drupal Mail Logger Module Log Output Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA45499 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45499/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45499 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45499/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45499/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45499 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in the Mail Logger module for Drupal, which can be exploited by malicious people to conduct script insertion attacks. Certain input related to addressee information, subject, and body of emails when logging outgoing emails is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in versions prior to 6.x-1.1. SOLUTION: Update to version 6.x-1.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Ivo Van Geertruyen and Daniel G. Siegel. ORIGINAL ADVISORY: SA-CONTRIB-2011-032: http://drupal.org/node/1238326 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 4 18:16:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 03:16:19 +0200 Subject: [SEC] [SA45459] Adium File Name Script Insertion Vulnerability Message-ID: <201108050116.p751GJ5N004571@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Adium File Name Script Insertion Vulnerability SECUNIA ADVISORY ID: SA45459 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45459/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45459 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45459/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45459/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45459 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Levent Kayan has reported a vulnerability in Adium, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the file name in a message is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in context of an affected application when the malicious data is being viewed. The vulnerability is reported in version 1.4.2 and prior. SOLUTION: Do not open messages from untrusted contacts. PROVIDED AND/OR DISCOVERED BY: Levent Kayan (noptrix) ORIGINAL ADVISORY: http://www.noptrix.net/advisories/adium_inject.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 5 10:38:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 19:38:48 +0200 Subject: [SEC] [SA45501] Bugzilla Multiple Vulnerabilities Message-ID: <201108051738.p75Hcm0U010469@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Bugzilla Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45501 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45501/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45501 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45501/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45501/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45501 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Bugzilla, which can be exploited by malicious, local users to gain access to potentially sensitive information and by malicious users to disclose potentially sensitive information, conduct script insertion and spoofing attacks. 1) Input passed via patch attachments is not properly sanitised before being viewed in "Raw Unified" mode. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires the victim to use Internet Explorer or Safari browsers. 2) Two errors when handling certain URLs during creation or editing of a bug and custom searches can be exploited to disclose the existence of a confidential group and its name. 3) An input sanitation error when processing attachment descriptions can be exploited to inject email headers when a flagmail notification is sent. 4) Insecure handling of temporary files for uploaded attachments can be exploited by local users to disclose the contents. The vulnerabilities are reported in versions 3.4.11 and prior, 3.5.1 through 3.6.5, 3.7.1 through 4.0.1, and 4.1.1 through 4.1.2. SOLUTION: Update to version 3.4.12, 3.6.6, or 4.1.3 (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor provides a bundled list of credits: Fr?d?ric Buclin Byron Jones Max Kanat-Alexander Reed Loden Neal Poole Neil Rashbrook David Lawrence ORIGINAL ADVISORY: http://www.bugzilla.org/security/3.4.11/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 5 11:39:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 20:39:11 +0200 Subject: [SEC] [SA45485] Xataface "-lang" File Disclosure Vulnerability Message-ID: <201108051839.p75IdBuJ001334@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Xataface "-lang" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA45485 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45485/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45485 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45485/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45485/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45485 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Xataface, which can be exploited by malicious people to disclose sensitive information. Input passed via the "-lang" parameter is not properly sanitised in Application.php before being used. This can be exploited to disclose the contents of arbitrary files from local resources via directory traversal sequences. The vulnerability is reported in versions prior to 1.1.6, 1.2.7, and 1.3rc5. SOLUTION: Update to version 1.1.6, 1.2.7, or 1.3rc5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://xataface.com/forum/viewtopic.php?f=8&t=6163 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 5 12:35:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 21:35:24 +0200 Subject: [SEC] [SA45519] SUSE update for virtualbox Message-ID: <201108051935.p75JZO70024485@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for virtualbox SECUNIA ADVISORY ID: SA45519 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45519/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45519 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45519/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45519/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45519 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for virtualbox. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA45316 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0873-1: https://hermes.opensuse.org/messages/10606835 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 5 13:34:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 22:34:49 +0200 Subject: [SEC] [SA45515] Fedora update for phpMyAdmin Message-ID: <201108052034.p75KYnvq015353@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for phpMyAdmin SECUNIA ADVISORY ID: SA45515 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45515/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45515 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45515/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45515/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45515 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for phpMyAdmin. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct cross-site scripting attacks and potentially compromise a vulnerable system and by malicious people to disclose potentially sensitive information and potentially compromise a vulnerable system. For more information: SA45365 SOLUTION: Apply updated packages via the yum utility ("yum update phpMyAdmin"). ORIGINAL ADVISORY: FEDORA-2011-9725: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 5 14:28:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 5 Aug 2011 23:28:41 +0200 Subject: [SEC] [SA45511] ThreeDify Designer ActiveX Control Insecure Method and Buffer Overflow Vulnerabilities Message-ID: <201108052128.p75LSf5C005899@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: ThreeDify Designer ActiveX Control Insecure Method and Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA45511 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45511/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45511 RELEASE DATE: 2011-08-05 DISCUSS ADVISORY: http://secunia.com/advisories/45511/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45511/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45511 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has reported multiple vulnerabilities in ThreeDify Designer, which can be exploited by malicious people to manipulate certain data and compromise a user's system. 1) The insecure "cmdSave()" method in the ThreeDify.ThreeDifyDesigner.1 (ActiveSolid.dll) ActiveX control can be exploited to create or overwrite arbitrary files in the context of the currently logged-on user. 2) Some boundary errors in the ThreeDify.ThreeDifyDesigner.1 (ActiveSolid.dll) ActiveX control can be exploited to cause buffer overflows via overly long strings passed to the "cmdExport()", "cmdImport()", "cmdOpen()", and "cmdSave()" methods. Successful exploitation of this vulnerability may allow execution of arbitrary code. The vulnerabilities are reported in version 5.0.2. Other versions may also be affected. SOLUTION: Update to version 5.1.1. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23020: http://www.htbridge.ch/advisory/threedify_designer_activex_control_multiple_buffer_overflow_vulnerabilities.html HTB23021: http://www.htbridge.ch/advisory/threedify_designer_activex_control_insecure_method.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 10:35:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 8 Aug 2011 19:35:31 +0200 Subject: [SEC] [SA45504] XpressEngine Multiple Script Insertion Vulnerabilities Message-ID: <201108081735.p78HZVo5007128@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: XpressEngine Multiple Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA45504 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45504/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45504 RELEASE DATE: 2011-08-08 DISCUSS ADVISORY: http://secunia.com/advisories/45504/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45504/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45504 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in XpressEngine, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the "nick_name", "homepage", and "blog" parameters to index.php via the member info form is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are confirmed in version 1.4.5.8. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: v0nSch3lling OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 11:32:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 8 Aug 2011 20:32:56 +0200 Subject: [SEC] [SA45557] TYPO3 Multiple Vulnerabilities Message-ID: <201108081832.p78IWu7u030324@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: TYPO3 Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45557 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45557/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45557 RELEASE DATE: 2011-08-08 DISCUSS ADVISORY: http://secunia.com/advisories/45557/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45557/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45557 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in TYPO3, which can be exploited by malicious users to bypass certain security restrictions, conduct script insertion attacks, disclose system information, and delete arbitrary files and by malicious people to enumerate user accounts, bypass certain security restrictions, and conduct cross-site scripting attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that the "realurl" extension is not used or that its configuration parameter "doNotRawUrlEncodeParameterNames" is set to "TRUE". 2) The application returns different HTTP responses depending on whether an unsuccessful login attempt is performed with a valid or invalid username. 3) An error in the backend login can be exploited to bypass the mandatory delay upon failed authentication attempts. 4) Input passed via the username in the admin panel is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 5) Input passed via link attributes in the browse_links wizard is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 6) Input passed via page titles in the system extension recycler is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires that the user visits the recycler when containing a page with a malicious title. 7) Input passed via page titles in the tcemain flash message is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires that the user copies or moves a page with a malicious title. 8) An error due to an insecure configuration in css_styled_content system extension can be exploited to read arbitrary data from TYPO3 database when using the "getText" feature on headlines of content elements. 9) An error when handling certain serialised user input of BE editors can be exploited to delete arbitrary files. 10) Certain unspecified input is not properly sanitised in the "RemoveXSS()" function before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that the victim uses Internet Explorer 6. 11) The application does not properly restrict access to ExtDirect endpoints, which can be exploited to allow arbitrary users to consume any available ExtDirect endpoint. The vulnerabilities are reported in versions 4.3.11, 4.4.8, and 4.5.3. Prior versions may also be affected. SOLUTION: Update to version 4.3.12, 4.4.9, or 4.5.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Marco Bresch 2, 3) Sebastian Schinzel 4, 5, and 7) Georg Ringer, TYPO3 Security Team. 6) Steffen Gebert, TYPO3 Core Team. 8) Mads Chr. Olesen 9) Marcus Krause, TYPO3 Security Team. 10) Vladimir Podkovanov 11) Helmut Hummel, TYPO3 Security Team. ORIGINAL ADVISORY: TYPO3-CORE-SA-2011-001: http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-001/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 12:33:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 8 Aug 2011 21:33:32 +0200 Subject: [SEC] [SA45558] Debian update for typo3-src Message-ID: <201108081933.p78JXWoV021256@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for typo3-src SECUNIA ADVISORY ID: SA45558 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45558/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45558 RELEASE DATE: 2011-08-08 DISCUSS ADVISORY: http://secunia.com/advisories/45558/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45558/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45558 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for typo3-src. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, conduct script insertion attacks, disclose system information, and delete arbitrary files and by malicious people to enumerate user accounts, bypass certain security restrictions, and conduct cross-site scripting attacks. For more information: SA45557 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2289-1: http://www.debian.org/security/2011/dsa-2289 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 13:32:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 8 Aug 2011 22:32:39 +0200 Subject: [SEC] [SA44819] Debian update for squirrelmail Message-ID: <201108082032.p78KWdNA012101@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for squirrelmail SECUNIA ADVISORY ID: SA44819 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44819/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44819 RELEASE DATE: 2011-08-08 DISCUSS ADVISORY: http://secunia.com/advisories/44819/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44819/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44819 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for squirrelmail. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct script insertion and cross-site scripting attacks and bypass certain security restrictions. For more information: SA45197 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA 2291-1: http://lists.debian.org/debian-security-announce/2011/msg00165.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 14:26:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 8 Aug 2011 23:26:36 +0200 Subject: [SEC] [SA45555] IBM Tivoli Federated Identity Manager Products Multiple Vulnerabilities Message-ID: <201108082126.p78LQang002674@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: IBM Tivoli Federated Identity Manager Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45555 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45555/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45555 RELEASE DATE: 2011-08-08 DISCUSS ADVISORY: http://secunia.com/advisories/45555/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45555/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45555 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway, where some have an unknown impact while one can be exploited by malicious people to cause a DoS (Denial of Service). 1) The application bundles a vulnerable version of IBM Java. For more information: SA43295 2) Two unspecified errors related to the management console exists. No further information is currently available. 3) An unspecified error related to the runtime exists. No further information is currently available. The vulnerabilities are reported in versions prior to 6.2.0 Fix Pack 9. SOLUTION: Apply Fix Pack 9. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IV03048, IV03050, IV03074): http://www.ibm.com/support/docview.wss?uid=swg24029497 http://www.ibm.com/support/docview.wss?uid=swg24029498 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 14:47:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 8 Aug 2011 23:47:29 +0200 Subject: [SEC] [SA45487] Moodle Two Security Bypass Security Issues Message-ID: <201108082147.p78LlTrl024018@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Moodle Two Security Bypass Security Issues SECUNIA ADVISORY ID: SA45487 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45487/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45487 RELEASE DATE: 2011-08-08 DISCUSS ADVISORY: http://secunia.com/advisories/45487/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45487/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45487 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two security issues have been reported in Moodle, which can be exploited by malicious users to bypass certain security restrictions. 1) An error in the "role_assign()" function of the role assignment web service does not validate access permissions and can be exploited to assign roles. 2) An error in the handling of access permissions of a course creator can be exploited to change the local filter settings for a course. The security issues are reported in versions prior to 2.0.4 and 2.1.1. SOLUTION: Update to version 2.0.4 or 2.1.1 and manually alter the permissions to remove rights from course creators. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Petr Skoda 2) Ray Lawrence ORIGINAL ADVISORY: Moodle (MSA-11-0021, MSA-11-0022): http://moodle.org/mod/forum/discuss.php?d=182738 http://moodle.org/mod/forum/discuss.php?d=182739 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 15:12:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 00:12:55 +0200 Subject: [SEC] [SA45503] WordPress Register Plus Redux Plugin Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201108082212.p78MCt70013171@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Register Plus Redux Plugin Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45503 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45503/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45503 RELEASE DATE: 2011-08-08 DISCUSS ADVISORY: http://secunia.com/advisories/45503/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45503/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45503 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: MustLive has discovered multiple vulnerabilities in the Register Plus Redux plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "user_login", "user_email", "first_name", "last_name", "aim", "yahoo", "jabber", "about", "password", and "invitation_code" parameters to wp-login.php (when "action" is set to "register") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 3.7.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: MustLive ORIGINAL ADVISORY: http://websecurity.com.ua/4542/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 15:47:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 00:47:26 +0200 Subject: [SEC] [SA45451] CMS Pro! Cross-Site Request Forgery Vulnerability Message-ID: <201108082247.p78MlQLZ002733@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: CMS Pro! Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA45451 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45451/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45451 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45451/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45451/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45451 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CMS Pro!, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change a user's permissions by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerability is reported in version 2.08. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Xadpritox OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 16:12:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 01:12:58 +0200 Subject: [SEC] [SA45535] WordPress UPM Polls Plugin "qid" SQL Injection Vulnerability Message-ID: <201108082312.p78NCwSP024337@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress UPM Polls Plugin "qid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45535 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45535/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45535 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45535/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45535/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45535 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the UPM Polls plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "qid" parameter to wp-content/plugins/upm-polls/includes/poll_logs.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.0.3. Prior versions may also be affected. SOLUTION: Update to version 1.0.4. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: UPM Polls: http://wordpress.org/extend/plugins/upm-polls/changelog/ http://plugins.trac.wordpress.org/changeset/420308/upm-polls/tags/1.0.3 Miroslav Stampar: http://unconciousmind.blogspot.com/2011/08/upm-polls-103-sql-injection.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 16:48:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 01:48:00 +0200 Subject: [SEC] [SA45527] Novell Data Synchronizer Mobility Pack Multiple Vulnerabilities Message-ID: <201108082348.p78Nm0wG013966@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Novell Data Synchronizer Mobility Pack Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45527 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45527/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45527 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45527/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45527/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45527 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Novell Data Synchronizer, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct session fixation and cross-site scripting attacks. 1) An unspecified error within the Mobility Pack and can be exploited to disclose potentially sensitive information related to GroupWise. 2) An error in the handling of sessions in the Web Admin can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link. 3) Certain input passed via cookie values (when the "HTTPOnly" flag is not set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Additionally, a weakness exists NOTE: Additionally, a weakness exists due to the LDAP password of the Data Synchronizer Admin being transmitted in clear text. The vulnerabilities are reported in Mobility Pack versions prior to 1.2. SOLUTION: Update to Mobility Pack version 1.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=7009053 http://www.novell.com/support/viewContent.do?externalId=7009054 http://www.novell.com/support/viewContent.do?externalId=7009055 http://www.novell.com/support/viewContent.do?externalId=7009058 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 17:15:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 02:15:46 +0200 Subject: [SEC] [SA45534] WordPress Media Library Categories Plugin "termid" SQL Injection Vulnerability Message-ID: <201108090015.p790FkF8003216@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Media Library Categories Plugin "termid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45534 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45534/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45534 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45534/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45534/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45534 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the Media Library Categories plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "termid" parameter to wp-content/plugins/media-library-categories/sort.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.0.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/media-library-categories-106-sql.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 17:47:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 02:47:48 +0200 Subject: [SEC] [SA45488] Debian update for samba Message-ID: <201108090047.p790lm0T025104@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for samba SECUNIA ADVISORY ID: SA45488 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45488/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45488 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45488/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45488/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45488 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for samba. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. For more information: SA45393 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2290-1: http://www.debian.org/security/2011/dsa-2290 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 18:12:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 03:12:33 +0200 Subject: [SEC] [SA45556] IBM Tivoli Integrated Portal Java Double Literal Denial of Service Vulnerability Message-ID: <201108090112.p791CXUJ014221@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: IBM Tivoli Integrated Portal Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45556 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45556/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45556 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45556/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45556/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45556 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM Tivoli Integrated Portal, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA43262 The vulnerability is reported in versions prior to 1.1.1.15. SOLUTION: Update to eWAS version 6.1.0.39 or update to TIP version 1.1.1.15. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21508061 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 8 18:47:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 03:47:47 +0200 Subject: [SEC] [SA45554] SUSE update for libsoup Message-ID: <201108090147.p791llqH003841@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for libsoup SECUNIA ADVISORY ID: SA45554 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45554/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45554 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45554/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45554/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45554 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libsoup. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information. For more information: SA45426 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0876-1: https://hermes.opensuse.org/messages/10656310 openSUSE-SU-2011:0875-1: https://hermes.opensuse.org/messages/10653875 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 10:48:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 19:48:27 +0200 Subject: [SEC] [SA45522] HP Performance Insight Security Bypass and Script Insertion Vulnerabilities Message-ID: <201108091748.p79HmRRE022412@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: HP Performance Insight Security Bypass and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA45522 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45522/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45522 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45522/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45522/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45522 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in HP Performance Insight, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions. 1) An unspecified error in the application can be exploited to gain unauthorized access. No further information is currently available. 2) Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply hotfix 07. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMU02695 SSRT100480: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02942411 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 11:51:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 20:51:32 +0200 Subject: [SEC] [SA45509] Ubuntu update for linux-lts-backport-maverick Message-ID: <201108091851.p79IpWUp011817@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-lts-backport-maverick SECUNIA ADVISORY ID: SA45509 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45509/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45509 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45509/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45509/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45509 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-lts-backport-maverick. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive and certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and to potentially gain escalated privileges, by malicious people to cause a DoS, and by malicious people with physical access to potentially compromise a vulnerable system. For more information: SA41440 SA41693 SA42061 SA42126 SA42148 SA42176 SA42570 SA42684 SA42765 SA43009 SA43358 SA43477 SA43537 SA43569 SA43693 SA43594 SA43716 SA43966 1) An error within the RDS implementation can be exploited to execute arbitrary code with kernel privileges. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1187-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-August/001391.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 12:52:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 21:52:33 +0200 Subject: [SEC] [SA45514] Microsoft Report Viewer Control Cross-Site Scripting Vulnerability Message-ID: <201108091952.p79JqXd7028553@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Report Viewer Control Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45514 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45514/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45514 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45514/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45514/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45514 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Report Viewer, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input passed to the Microsoft Report Viewer Control is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Adam Bixby, Gotham Digital Science ORIGINAL ADVISORY: MS11-067 (KB2578230, KB2548826, KB2579115): http://www.microsoft.com/technet/security/Bulletin/MS11-067.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 13:51:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 22:51:11 +0200 Subject: [SEC] [SA45346] Microsoft Visio Two Vulnerabilities Message-ID: <201108092051.p79KpBgI014607@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Visio Two Vulnerabilities SECUNIA ADVISORY ID: SA45346 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45346/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45346 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45346/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45346/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45346 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Visio, which can be exploited by malicious people to compromise a user's system. 1) An error when validating certain objects in memory during parsing of Visio files can be exploited to execute arbitrary code. 2) An error when handling certain objects in memory during parsing of Visio files can be exploited to execute arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits LinLin. ORIGINAL ADVISORY: MS11-060 (KB2560978): http://www.microsoft.com/technet/security/Bulletin/MS11-060.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 14:34:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 9 Aug 2011 23:34:44 +0200 Subject: [SEC] [SA45565] Microsoft Internet Explorer Internet Explorer Iframe Cookie Disclosure Weakness Message-ID: <201108092134.p79LYil9021582@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Internet Explorer Internet Explorer Iframe Cookie Disclosure Weakness SECUNIA ADVISORY ID: SA45565 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45565/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45565 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45565/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45565/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45565 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Internet Explorer, which can be exploited by malicious people to trick users into disclosing sensitive information. For more information see vulnerability #2 in: SA19057 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Rosario Valotta ORIGINAL ADVISORY: MS11-057 (KB2559049): http://www.microsoft.com/technet/security/bulletin/MS11-057.mspx Rosario Valotta: http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0475.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 15:01:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 00:01:23 +0200 Subject: [SEC] [SA45564] Microsoft Windows DNS Service Domain Lookup Denial of Service Vulnerability Message-ID: <201108092201.p79M1Nem010788@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Windows DNS Service Domain Lookup Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45564 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45564/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45564 RELEASE DATE: 2011-08-09 DISCUSS ADVISORY: http://secunia.com/advisories/45564/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45564/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45564 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #2 in: SA45552 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor ORIGINAL ADVISORY: MS11-058 (KB2562485): http://www.microsoft.com/technet/security/Bulletin/MS11-058.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 15:26:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 00:26:39 +0200 Subject: [SEC] [SA45478] Windows Client/Server Run-time Subsystem Privilege Escalation Message-ID: <201108092226.p79MQdCQ032334@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Windows Client/Server Run-time Subsystem Privilege Escalation SECUNIA ADVISORY ID: SA45478 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45478/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45478 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45478/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45478/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45478 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the Client/Server Run-time Subsystem (CSRSS) when handling inter-process device event messages. This can be exploited to execute arbitrary code in context of another process via a specially crafted application sending a device event message to a higher-integrity process. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Alex Ionescu, Winsider Seminars & Solutions Inc. ORIGINAL ADVISORY: MS11-063 (KB2567680): http://www.microsoft.com/technet/security/bulletin/ms11-063.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 15:47:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 00:47:24 +0200 Subject: [SEC] [SA45408] Windows Remote Access Service NDISTAPI Driver Privilege Escalation Message-ID: <201108092247.p79MlObb021242@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Windows Remote Access Service NDISTAPI Driver Privilege Escalation SECUNIA ADVISORY ID: SA45408 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45408/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45408 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45408/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45408/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45408 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an input validation error in the Remote Access Service NDISTAPI driver (NDISTAPI.sys) when passing certain user-mode input to the kernel. This can be exploited to execute arbitrary code with kernel privileges via a specially crafted application. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Lufeng Li, Neusoft Corporation. ORIGINAL ADVISORY: MS11-062 (KB2566454): http://www.microsoft.com/technet/security/Bulletin/MS11-062.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 16:13:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 01:13:21 +0200 Subject: [SEC] [SA45508] Microsoft .NET Framework Chart Control Information Disclosure Message-ID: <201108092313.p79NDLF0010397@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft .NET Framework Chart Control Information Disclosure SECUNIA ADVISORY ID: SA45508 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45508/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45508 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45508/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45508/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45508 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to gain knowledge of sensitive information. The vulnerability is caused due to an error in the ASP.NET Chart controls when encountering special characters within a URI. This can be exploited to read the contents of arbitrary files (e.g. web.config) in the web site directory or subdirectories via a specially crafted GET request to a server hosting the Chart controls. Successful exploitation requires a web application using Microsoft Chart Control (not installed by default). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Nico Leidecker and James Forshaw, Context Information Security. ORIGINAL ADVISORY: MS11-066 (KB2567943, KB2487367, KB2500170): http://www.microsoft.com/technet/security/Bulletin/MS11-066.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 16:48:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 01:48:34 +0200 Subject: [SEC] [SA45552] Microsoft Windows DNS Service Two Vulnerabilities Message-ID: <201108092348.p79NmYcE032457@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Windows DNS Service Two Vulnerabilities SECUNIA ADVISORY ID: SA45552 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45552/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45552 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45552/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45552/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45552 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. 1) An error exists within the Windows DNS server when processing a query for a NAPTR (Name Authority Pointer) resource record. Successful exploitation of this vulnerability may allow execution of arbitrary code, but requires that the server is setup as a non-authoritative DNS server. 2) An error within the Windows DNS server when processing a query for a non-existent domain can be exploited to cause the server to stop responding. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Grischa Zengel, Zengel Medizintechnik 2) Reported by the vendor ORIGINAL ADVISORY: MS11-058 (KB2562485): http://www.microsoft.com/technet/security/Bulletin/MS11-058.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 17:15:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 02:15:42 +0200 Subject: [SEC] [SA45517] Microsoft .NET Framework Socket Restriction Bypass Vulnerability Message-ID: <201108100015.p7A0Fg50021688@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft .NET Framework Socket Restriction Bypass Vulnerability SECUNIA ADVISORY ID: SA45517 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45517/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45517 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45517/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45517/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45517 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to bypass certain security restrictions or gain knowledge of sensitive information. The vulnerability is caused due to an error when validating the trust level within the System.Net.Sockets namespace and can be exploited to bypass CAS (Code Access Security) restrictions or disclose information via a specially crafted web page viewed using a browser that supports XBAPs (XAML Browser Applications). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Michael J. Liu. ORIGINAL ADVISORY: MS11-069 (KB2567951, KB2539631, KB2539633, KB2539634, KB2539635, KB2539636): http://www.microsoft.com/technet/security/Bulletin/MS11-069.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 17:48:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 02:48:00 +0200 Subject: [SEC] [SA45562] Microsoft Windows Remote Desktop Protocol Denial of Service Vulnerability Message-ID: <201108100048.p7A0m0YE011163@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Windows Remote Desktop Protocol Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45562 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45562/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45562 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45562/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45562/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45562 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within Remote Desktop Services when processing certain RDP packets. This can be exploited to restart the system by sending a sequence of specially crafted RDP packets. Successful exploitation requires that Remote Desktop for Administration is enabled (disabled by default). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-065 (KB2570222): http://www.microsoft.com/technet/security/Bulletin/MS11-065.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 18:12:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 03:12:58 +0200 Subject: [SEC] [SA45561] Microsoft Windows Remote Desktop Web Access Cross-Site Scripting Vulnerability Message-ID: <201108100112.p7A1Cwvj032697@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Windows Remote Desktop Web Access Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45561 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45561/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45561 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45561/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45561/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45561 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input passed to the Remote Desktop Web Access logon page is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Sven Taute. ORIGINAL ADVISORY: MS11-061 (KB2546250): http://www.microsoft.com/technet/security/Bulletin/MS11-061.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 18:48:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 03:48:02 +0200 Subject: [SEC] [SA45510] Microsoft Windows Kernel File Metadata Parsing Denial of Service Message-ID: <201108100148.p7A1m2Mk022340@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Windows Kernel File Metadata Parsing Denial of Service SECUNIA ADVISORY ID: SA45510 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45510/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45510 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45510/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45510/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45510 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the kernel when parsing metadata information in files and can be exploited to cause a system to crash. Successful exploitation requires that a user is tricked into browsing to a folder containing a specially crafted file (e.g. by navigating to a network share or website referencing a network share). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Zheng Wenbin, Qihoo 360 Security Center. ORIGINAL ADVISORY: MS11-068 (KB2556532): http://www.microsoft.com/technet/security/Bulletin/MS11-068.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 19:22:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 04:22:36 +0200 Subject: [SEC] [SA45246] Windows Data Access Components Insecure Library Loading Vulnerability Message-ID: <201108100222.p7A2MaCY012431@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Windows Data Access Components Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA45246 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45246/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45246 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45246/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45246/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45246 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to Windows Data Access Tracing component loading libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a Microsoft Excel file (.xlsx) located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-059 (KB2560656): http://www.microsoft.com/technet/security/Bulletin/MS11-059.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 19:47:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 04:47:32 +0200 Subject: [SEC] [SA45506] McAfee SaaS Endpoint Protection ActiveX Controls Two Vulnerabilities Message-ID: <201108100247.p7A2lWdC001486@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: McAfee SaaS Endpoint Protection ActiveX Controls Two Vulnerabilities SECUNIA ADVISORY ID: SA45506 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45506/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45506 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45506/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45506/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45506 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in McAfee SaaS Endpoint Protection, which can be exploited by malicious people to compromise a user's system. 1) An error within the MyASUtil ActiveX control (MyAsUtil5.2.0.603.dll) when processing the "CreateSecureObject()" method can be exploited to inject and execute arbitrary commands. 2) The insecure "Start()" method within the MyCioScan ActiveX control (myCIOScn.dll) can be exploited to write to arbitrary files in the context of the currently logged-on user. The vulnerabilities are reported in versions 5.2.1 and prior. SOLUTION: Update to version 5.2.2. PROVIDED AND/OR DISCOVERED BY: Jonathan Andersson, TippingPoint DVLabs ORIGINAL ADVISORY: McAfee (SB10016): https://kc.mcafee.com/corporate/index?page=content&id=SB10016 TippingPoint: http://dvlabs.tippingpoint.com/advisory/TPTI-11-12 http://dvlabs.tippingpoint.com/advisory/TPTI-11-13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 20:12:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 05:12:53 +0200 Subject: [SEC] [SA45540] Fedora update for quake3 Message-ID: <201108100312.p7A3Crw4023082@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for quake3 SECUNIA ADVISORY ID: SA45540 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45540/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45540 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45540/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45540/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45540 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for quake3. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA45417 SOLUTION: Apply updated packages via the yum utility ("yum update quake3"). ORIGINAL ADVISORY: FEDORA-2011-9898: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063460.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 20:48:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 05:48:10 +0200 Subject: [SEC] [SA45507] Ubuntu update for kernel Message-ID: <201108100348.p7A3mAf8012724@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA45507 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45507/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45507 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45507/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45507/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45507 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information and cause a DoS (Denial of Service). For more information: SA41440 SA42172 SA42176 SA42354 SA42395 SA43594 SA43806 SA44754 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1186-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-August/001390.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 21:13:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 06:13:22 +0200 Subject: [SEC] [SA45560] AContent Multiple Vulnerabilities Message-ID: <201108100413.p7A4DMKS001811@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: AContent Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45560 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45560/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45560 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45560/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45560/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45560 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krstic has discovered multiple vulnerabilities in AContent, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "p" parameter to documentation/frame_header.php, the "password_error" parameter to register.php, the "oauth_token" and "oauth_callback" parameters to themes/default/login.tmpl.php, and the "id" parameter to themes/default/user/user_group_create_edit.tmpl.php and themes/default/language/language_add_edit.tmpl.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input appended to the URL after multiple scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Examples: http://[host]/themes/default/confirmmessage.tmpl.php http://[host]/themes/default/course_category/index.tmpl.php http://[host]/themes/default/language/index.tmpl.php http://[host]/themes/default/language/language_add_edit.tmpl.php http://[host]/themes/default/login.tmpl.php http://[host]/themes/default/tests/create_edit_test.tmpl.php http://[host]/themes/default/tests/question_cats_manage.tmpl.php http://[host]/themes/default/tests/questions.tmpl.php http://[host]/themes/default/user/index.tmpl.php http://[host]/themes/default/user/user_group.tmpl.php http://[host]/themes/default/user/user_group_create_edit.tmpl.php 3) Input passed via the "category_name" parameter to course_category/index.php is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires "Course category management" permissions. 4) Input passed via the "id" parameter to user/user_create_edit.php, the "myown_patch_id" parameter to updater/patch_edit.php, and the "field" parameter to user/index_inline_editor_submit.php, updater/myown_patches_inline_editor_submit.php, and language/index_inline_editor_submit.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 5) Input passed via the "query" parameter to documentation/search.php, the "id" parameter to search.php, the "oauth_token" parameter to oauth/authorization.php, and the "consumer" parameter to oauth/register_consumer.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Gjoko 'LiquidWorm' Krstic ORIGINAL ADVISORY: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5031.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5032.php http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5033.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 21:47:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 06:47:41 +0200 Subject: [SEC] [SA45537] Fedora update for drupal7 Message-ID: <201108100447.p7A4lfA8023840@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for drupal7 SECUNIA ADVISORY ID: SA45537 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45537/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45537 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45537/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45537/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45537 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for drupal7. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions. For more information: SA45394 SOLUTION: Apply updated packages via the yum utility ("yum update drupal7"). ORIGINAL ADVISORY: FEDORA-2011-9893: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063560.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 9 22:13:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 07:13:08 +0200 Subject: [SEC] [SA45559] AChecker Multiple Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201108100513.p7A5D8re012991@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: AChecker Multiple Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45559 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45559/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45559 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45559/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45559/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45559 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krstic has discovered multiple vulnerabilities in AChecker, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed to the "id" parameter in themes/default/language/language_add_edit.tmpl.php and in themes/default/user/user_group_create_edit.tmpl.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "p" parameter in documentation/frame_header.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed to the "id" parameter in user/user_create_edit.php and the "myown_patch_id" parameter in updater/patch_edit.php is not properly sanitised before being returned to the user within an SQL error message in the "execute()" function (include/classes/DAO/DAO.class.php). This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Input passed to the "id" parameter in user/user_create_edit.php and the "myown_patch_id" parameter in updater/patch_edit.php is not properly sanitised before being used in a SQL query in the "execute()" function (include/classes/DAO/DAO.class.php). This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Gjoko 'LiquidWorm' Krstic ORIGINAL ADVISORY: ZSL-2011-5034: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5034.php ZSL-2011-5035: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5035.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 10:34:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 19:34:46 +0200 Subject: [SEC] [SA45526] SAP NetWeaver J2EE Engine Unspecified Vulnerability Message-ID: <201108101734.p7AHYkdT006146@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SAP NetWeaver J2EE Engine Unspecified Vulnerability SECUNIA ADVISORY ID: SA45526 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45526/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45526 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45526/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45526/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45526 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SAP NetWeaver, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error within the J2EE Engine. No further information is currently available. The vulnerability is reported in versions 7.3 and prior. SOLUTION: Reportedly, the vendor has issued a workaround. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Alexander Polyakov, ERPScan. ORIGINAL ADVISORY: https://www.blackhat.com/html/bh-us-11/bh-us-11-briefings.html#Polyakov OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 11:35:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 20:35:37 +0200 Subject: [SEC] [SA45575] Check Point SSL VPN On-Demand Applications Unspecified Vulnerability Message-ID: <201108101835.p7AIZb2Q029484@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Check Point SSL VPN On-Demand Applications Unspecified Vulnerability SECUNIA ADVISORY ID: SA45575 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45575/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45575 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45575/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45575/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45575 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability have been reported in Check Point SSL VPN On-Demand applications, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error in the helper application (e.g. "Check Point Deployment Agent" ActiveX control). No further information is currently available. Successful exploitation may allow execution of arbitrary code. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply updates. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: The vendor credits Johannes Greil, SEC Consult. ORIGINAL ADVISORY: https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk62410 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 12:36:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 21:36:52 +0200 Subject: [SEC] [SA45521] HP ProLiant SL Advanced Power Manager User Validation Security Bypass Vulnerability Message-ID: <201108101936.p7AJaqDh020438@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: HP ProLiant SL Advanced Power Manager User Validation Security Bypass Vulnerability SECUNIA ADVISORY ID: SA45521 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45521/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45521 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45521/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45521/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45521 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP ProLiant SL Advanced Power Manager, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an unspecified error and can be exploited to validate a user. The vulnerability is reported in firmware versions 1.10 and 1.11. Please see the vendor's advisory for a list of affected servers. SOLUTION: Update to firmware version 1.20 or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBHF02699 SSRT100592: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02950841 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 13:35:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 22:35:47 +0200 Subject: [SEC] [SA45577] Ubuntu update for ecryptfs-utils Message-ID: <201108102035.p7AKZlN4011270@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for ecryptfs-utils SECUNIA ADVISORY ID: SA45577 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45577/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45577 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45577/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45577/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45577 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for ecryptfs-utils. This fixes multiple security issues, which can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA45563 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1188-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-August/001392.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 14:28:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 23:28:21 +0200 Subject: [SEC] [SA45580] BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities Message-ID: <201108102128.p7ALSLL1001731@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities SECUNIA ADVISORY ID: SA45580 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45580/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45580 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45580/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45580/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45580 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in BlackBerry Enterprise Server, which can be exploited by malicious people to compromise a vulnerable system. 1) An unspecified error within the BlackBerry MDS Connection Service when processing PNG and TIFF images can be exploited when a specially crafted PNG or TIFF image on a webpage is being viewed on a BlackBerry smartphone. 2) An unspecified error within the BlackBerry Messaging Agent when processing embedded PNG and TIFF images in emails can be exploited via a specially crafted PNG or TIFF image being sent in an email to a BlackBerry smartphone. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply updates. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.blackberry.com/btsc/KB27244 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 14:49:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 10 Aug 2011 23:49:08 +0200 Subject: [SEC] [SA45543] HP WebOS Calendar and Contacts Applications Cross-Site Scripting and Script Insertion Message-ID: <201108102149.p7ALn8fi023084@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: HP WebOS Calendar and Contacts Applications Cross-Site Scripting and Script Insertion SECUNIA ADVISORY ID: SA45543 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45543/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45543 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45543/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45543/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45543 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in HP WebOS, which can be exploited by malicious people to conduct cross-site scripting and script insertion vulnerabilities. 1) Certain unspecified input related to the contacts application is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in context of an affected device. 2) Certain unspecified input related to the calender application is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in context of an affected device when the malicious data is being viewed. The vulnerabilities are reported in version 3.0.0. SOLUTION: Update to version 3.0.2. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) The vendor credits hankei6km. ORIGINAL ADVISORY: HPSBGN02694 SSRT100586: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02937744 HPSBGN02696 SSRT100590: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02945437 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 15:14:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 00:14:23 +0200 Subject: [SEC] [SA45520] Sybase Unwired Platform Blackberry Encryption Bypass Security Issue Message-ID: <201108102214.p7AMENNX012201@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Sybase Unwired Platform Blackberry Encryption Bypass Security Issue SECUNIA ADVISORY ID: SA45520 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45520/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45520 RELEASE DATE: 2011-08-10 DISCUSS ADVISORY: http://secunia.com/advisories/45520/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45520/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45520 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Sybase Unwired Platform, which can be exploited by malicious people with physical access to bypass certain security restrictions. The security issue is caused due to an unspecified error, which may lead to the device database not being encrypted properly. The security issue is reported in Blackberry device applications developed on SUP versions 1.5.2, 1.5.3, 1.5.5, and 2.0. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Sybase: http://www.sybase.com/detail?id=1094412 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 15:49:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 00:49:43 +0200 Subject: [SEC] [SA45538] StatusNet "tag stream" Pages Cross-Site Scripting Vulnerability Message-ID: <201108102249.p7AMnhe7001792@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: StatusNet "tag stream" Pages Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45538 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45538/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45538 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45538/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45538/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45538 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in StatusNet, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain input passed via the URL related to "tag stream" pages is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 0.8.x through 0.9.8. SOLUTION: Update to version 0.9.9. PROVIDED AND/OR DISCOVERED BY: The vendor credits Yvan Boily, Mozilla Security Team. ORIGINAL ADVISORY: http://status.net/2011/08/02/security-alert-for-all-versions-of-statusnet OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 16:16:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 01:16:16 +0200 Subject: [SEC] [SA45563] eCryptfs Multiple Security Issues Message-ID: <201108102316.p7ANGGe7023444@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: eCryptfs Multiple Security Issues SECUNIA ADVISORY ID: SA45563 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45563/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45563 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45563/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45563/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45563 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple security issues have been reported in eCryptfs, which can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and potentially gain escalated privileges. 1) Insufficient permission checks when mounting a mountpoint can be exploited to mount arbitrary locations. 2) Insufficient permission checks when unmounting a mountpoint can be exploited to unmount arbitrary locations. 3) Insufficient validation of the mount source directory can be exploited to mount an arbitrary directory. 4) Incorrect error handling when modifying the mtab file can be exploited to corrupt the mtab file and potentially unmount arbitrary locations. 5) Keys are not properly handled when setting up new encrypted directories, which can be exploited to manipulate keys when creating a new user. 6) Incorrect permission handling during the recovery process can be exploited to e.g. access another user's data. 7) An error exists when handling lock counters, which can be exploited to overwrite arbitrary files. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: 1, 2, 3) Vasiliy Kulikov and Dan Rosenberg 4) Dan Rosenberg and Marc Deslauriers 5, 6) Marc Deslauriers 7) Vasiliy Kulikov ORIGINAL ADVISORY: Launchpad Bug #732628: https://bugs.launchpad.net/ecryptfs/+bug/732628 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 16:51:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 01:51:01 +0200 Subject: [SEC] [SA45549] WordPress Social Slider Plugin "rA[]" SQL Injection Vulnerability Message-ID: <201108102351.p7ANp1BL013061@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Social Slider Plugin "rA[]" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45549 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45549/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45549 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45549/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45549/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45549 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Social Slider plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "rA[]" POST parameter in social-slider-2/ajax.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 5.6.5. Other versions may also be affected. SOLUTION: Fixed in the SVN repository or upgrade to version 6.0.0. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: Miroslav Stampar: http://www.exploit-db.com/exploits/17617/ Social Slider SVN: http://plugins.trac.wordpress.org/changeset/419869/social-slider-2/trunk/ajax.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 17:17:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 02:17:20 +0200 Subject: [SEC] [SA45574] Fedora update for wireshark Message-ID: <201108110017.p7B0HKu4002182@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for wireshark SECUNIA ADVISORY ID: SA45574 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45574/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45574 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45574/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45574/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45574 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wireshark. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45086 SOLUTION: Apply updated packages via the yum utility ("yum update wireshark"). ORIGINAL ADVISORY: FEDORA-2011-9640: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063591.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 17:49:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 02:49:11 +0200 Subject: [SEC] [SA45518] SUSE update for apache2-mod_fcgid Message-ID: <201108110049.p7B0nBZZ024075@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for apache2-mod_fcgid SECUNIA ADVISORY ID: SA45518 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45518/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45518 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45518/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45518/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45518 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for apache2-mod_fcgid. This fixes a security issue, which can be exploited by malicious, local users to potentially gain escalated privileges. For more information: SA42288 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0884-1: https://hermes.opensuse.org/messages/10934305 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 18:14:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 03:14:23 +0200 Subject: [SEC] [SA45525] Joomla! TNR ESearch Component "searchId" SQL Injection Vulnerability Message-ID: <201108110114.p7B1ENEj013208@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Joomla! TNR ESearch Component "searchId" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45525 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45525/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45525 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45525/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45525/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45525 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in TNR ESearch component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "searchId" parameter in components/com_esearch/esearch.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 3.0.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: NoGe ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17646/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 18:50:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 03:50:10 +0200 Subject: [SEC] [SA45587] Adobe Photoshop GIF Processing Memory Corruption Vulnerability Message-ID: <201108110150.p7B1oAaH002843@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Adobe Photoshop GIF Processing Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA45587 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45587/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45587 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45587/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45587/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45587 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Adobe Photoshop, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the processing of GIF images, which can be exploited to cause a memory corruption by tricking a user into opening a specially crafted GIF image. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions CS5 and CS5.1 (12.0 and 12.1) and prior for Windows and Macintosh. SOLUTION: Apply the patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Francis Provencher, Protek Research Lab's. ORIGINAL ADVISORY: APSB11-22: http://www.adobe.com/support/security/bulletins/apsb11-22.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 19:19:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 04:19:59 +0200 Subject: [SEC] [SA45584] Adobe Shockwave Player Multiple Vulnerabilities Message-ID: <201108110219.p7B2JxMb025060@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Adobe Shockwave Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45584 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45584/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45584 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45584/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45584/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45584 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Shockwave Player, which can be exploited by malicious people to compromise a user' system. 1) An unspecified error can be exploited to corrupt memory. 2) An unspecified error can be exploited to corrupt memory. 3) An unspecified error in IML32.dll can be exploited to corrupt memory. 4) An unspecified error can be exploited to corrupt memory. 5) An unspecified error in Dirapi.dll can be exploited to corrupt memory. 6) An unspecified error in TextXtra.x32 can be exploited to corrupt memory. 7) An unspecified error in the bundled version of msvcr90.dll can be exploited to corrupt memory. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in version 11.6.0.626 and prior for Windows and Macintosh. SOLUTION: Update to version 11.6.1.629. PROVIDED AND/OR DISCOVERED BY: 1, 2) The vendor credits Mark Yason, IBM X-Force. 3) The vendor credits Aaron Portnoy and Logan Brown, TippingPoint DVLabs. 4, 6, 7) The vendor credits Andrzej Dyjak, PJIIT. 5) Honggang Ren, Fortinet's FortiGuard Labs. ORIGINAL ADVISORY: http://www.adobe.com/support/security/bulletins/apsb11-19.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 19:48:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 04:48:44 +0200 Subject: [SEC] [SA45586] Adobe RoboHelp Unspecified Cross-Site Scripting Vulnerability Message-ID: <201108110248.p7B2miZ6014368@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Adobe RoboHelp Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45586 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45586/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45586 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45586/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45586/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45586 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Adobe RoboHelp, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in the following products: * RoboHelp 9 versions 9.0.1.232 and earlier * RoboHelp 8 * RoboHelp Server 9 * RoboHelp Server 8 for Windows Note: RoboHelp 9 version 9.0.1.262 is not affected. SOLUTION: Apply update (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Roberto Suggi Liverani, Security-Assessment.com. ORIGINAL ADVISORY: APSB11-23: http://www.adobe.com/support/security/bulletins/apsb11-23.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 20:14:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 05:14:33 +0200 Subject: [SEC] [SA45585] Adobe Flash Media Server Unspecified Denial of Service Vulnerability Message-ID: <201108110314.p7B3EXF5003503@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Adobe Flash Media Server Unspecified Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45585 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45585/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45585 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45585/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45585/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45585 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Adobe Flash Media Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error and can be exploited to corrupt memory. The vulnerability is reported in versions prior to 4.0.3 and 3.5.7. SOLUTION: Update to version 4.0.3 or 3.5.7. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Knud Erik H?jgaard, nsense. ORIGINAL ADVISORY: Adobe (APSB11-20): http://www.adobe.com/support/security/bulletins/apsb11-20.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 20:49:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 05:49:42 +0200 Subject: [SEC] [SA45529] Google Chrome Flash Player Multiple Vulnerabilities Message-ID: <201108110349.p7B3ngcJ025552@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Google Chrome Flash Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45529 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45529/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45529 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45529/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45529/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45529 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. The vulnerabilities are caused due to a bundled vulnerable version of Adobe Flash Player. For more information: SA45583 SOLUTION: Update to version 13.0.782.112. ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 21:14:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 06:14:28 +0200 Subject: [SEC] [SA45583] Adobe Flash Player Multiple Vulnerabilities Message-ID: <201108110414.p7B4ESwj014664@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Adobe Flash Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45583 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45583 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45583/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45583/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45583 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. 1) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 2) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 3) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code. 4) An integer overflow error can be exploited to corrupt memory and potentially execute arbitrary code. 5) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 6) An integer overflow error can be exploited to corrupt memory and potentially execute arbitrary code. 7) An unspecified error can be exploited to disclose certain information from another domain. 8) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code. 9) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 10) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 11) An integer overflow error can be exploited to corrupt memory and potentially execute arbitrary code. 12) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code. 13) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code. The vulnerabilities are reported in the following products: * Adobe Flash Player versions 10.3.181.36 and prior for Windows, Macintosh, Linux, and Solaris * Adobe Flash Player versions 10.3.185.25 and prior for Android * Adobe AIR versions 2.7 and prior for Windows, Macintosh, and Android SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor The vendor credits: 2) Yang Dingning, NCNIPC, Graduate University of Chinese Academy of Sciences 3) Wushi, Team 509 via iDefense Labs 4, 11) Vitaliy Toropov via iDefense Labs 5) Alexander Zaitsev, Positive Technologies 6, 8) An anonymous person via ZDI 7) Brandon Hardy 9) Bo Qu, Palo Alto Networks 10) Bo Qu, Palo Alto Networks and Honggang Ren, FortiGuard Labs 12) Marc Schoenefeld (Dr. rer. nat.), Red Hat Security Response Team 13) Honggang Ren, FortiGuard Labs ORIGINAL ADVISORY: Adobe (APSB11-21): http://www.adobe.com/support/security/bulletins/apsb11-21.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 21:49:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 06:49:30 +0200 Subject: [SEC] [SA45523] IBM Tivoli Netcool/OMNIbus Java Double Literal Denial of Service Vulnerability Message-ID: <201108110449.p7B4nUpN004252@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: IBM Tivoli Netcool/OMNIbus Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45523 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45523/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45523 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45523/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45523/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45523 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM Tivoli Netcool/OMNIbus, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA43262 The vulnerability is reported in versions prior to 7.3.1 Fix Pack 2. SOLUTION: Update to version 7.3.1 Fix Pack 2. ORIGINAL ADVISORY: IBM (IZ99240): http://www.ibm.com/support/docview.wss?uid=swg24029827 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 22:32:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 07:32:04 +0200 Subject: [SEC] [SA45539] Fedora update for openarena Message-ID: <201108110532.p7B5W4X2014112@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for openarena SECUNIA ADVISORY ID: SA45539 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45539/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45539 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45539/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45539/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45539 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for openarena. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA45417 SOLUTION: Apply updated packages via the yum utility ("yum update openarena"). ORIGINAL ADVISORY: FEDORA-2011-9898: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063461.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 10 22:32:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 07:32:00 +0200 Subject: [SEC] [SA45578] Red Hat update for dbus Message-ID: <201108110532.p7B5W0xA014044@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for dbus SECUNIA ADVISORY ID: SA45578 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45578/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45578 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45578/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45578/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45578 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for dbus. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA44896 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1132-1: https://rhn.redhat.com/errata/RHSA-2011-1132.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 10:36:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 19:36:16 +0200 Subject: [SEC] [SA45524] TORQUE Resource Manager Authentication Bypass Vulnerability Message-ID: <201108111736.p7BHaGp4001042@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: TORQUE Resource Manager Authentication Bypass Vulnerability SECUNIA ADVISORY ID: SA45524 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45524/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45524 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45524/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45524/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45524 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in TORQUE Resource Manager, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism, which does not properly verify the "PBS_O_HOST" variable of the client submitting a job request. This can be exploited to bypass the authentication mechanism and submit a job for an arbitrary client. The vulnerability is reported versions 2.5.7 and prior. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Bartlomiej Balcerek ORIGINAL ADVISORY: http://www.clusterresources.com/pipermail/torqueusers/2011-August/013194.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 11:35:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 20:35:42 +0200 Subject: [SEC] [SA45544] X.Org libXfont LZW Decompression Privilege Escalation Vulnerability Message-ID: <201108111835.p7BIZgsJ024377@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: X.Org libXfont LZW Decompression Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA45544 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45544/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45544 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45544/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45544/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45544 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in X.Org libXfont, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a boundary error within the "BufCompressedFill()" function (src/fontfile/decompress.c), which can be exploited to cause a heap-based buffer overflow via specially crafted font files. The vulnerability is reported in versions prior to 1.4.4. SOLUTION: Update to version 1.4.4. PROVIDED AND/OR DISCOVERED BY: Tomas Hoger, Red Hat Security Response Team ORIGINAL ADVISORY: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 12:36:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 21:36:39 +0200 Subject: [SEC] [SA45553] WordPress eShop Plugin Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201108111936.p7BJad8h015325@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress eShop Plugin Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45553 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45553/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45553 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45553/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45553/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45553 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in the eShop plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "eshoptemplate" parameter to wp-admin/admin.php (when "page" is set to "eshop-templates.php") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "action" and "viewemail" parameters to wp-admin/admin.php (when "page" is set to "eshop-orders.php") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 6.2.8. Prior versions may also be affected. SOLUTION: Update to version 6.2.9 or later. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: eShop: http://wordpress.org/extend/plugins/eshop/changelog/ HTB23034: http://www.htbridge.ch/advisory/multiple_xss_in_eshop_for_wordpress.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 13:36:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 22:36:14 +0200 Subject: [SEC] [SA45541] SUSE update for cgit Message-ID: <201108112036.p7BKaEUi006175@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for cgit SECUNIA ADVISORY ID: SA45541 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45541/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45541 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45541/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45541/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45541 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for cgit. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks. For more information: SA45358 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0891-1: https://hermes.opensuse.org/messages/10998459 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 14:30:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 23:30:07 +0200 Subject: [SEC] [SA45532] ffmpeg "decode_residual_block()" Signedness Error Vulnerability Message-ID: <201108112130.p7BLU7Em029159@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: ffmpeg "decode_residual_block()" Signedness Error Vulnerability SECUNIA ADVISORY ID: SA45532 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45532/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45532 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45532/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45532/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45532 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ffmpeg, which can be exploited by malicious people to potentially compromise an application using the library. The vulnerability is caused due to a signedness error within the "decode_residual_block()" function (libavcodec/cavsdec.c) when processing specially crafted Chinese AVS (CAVS) files, which can be exploited to cause a memory corruption by tricking a user into opening specially crafted CAVS files. The vulnerability is reported in versions prior to versions 0.7.3 and 0.8.2. SOLUTION: Update to version 0.7.3 or 0.8.2. PROVIDED AND/OR DISCOVERED BY: Emmanouel Kellinis via oCERT. ORIGINAL ADVISORY: oCERT #2011-002: http://www.ocert.org/advisories/ocert-2011-002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 14:50:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 11 Aug 2011 23:50:50 +0200 Subject: [SEC] [SA45595] Debian update for isc-dhcp and dhcp3 Message-ID: <201108112150.p7BLooHf018072@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for isc-dhcp and dhcp3 SECUNIA ADVISORY ID: SA45595 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45595/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45595 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45595/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45595/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45595 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for isc-dhcp and dhcp3. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45582 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2292-1: http://lists.debian.org/debian-security-announce/2011/msg00166.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 15:15:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 00:15:34 +0200 Subject: [SEC] [SA45590] Red Hat update for JBoss Communications Platform Message-ID: <201108112215.p7BMFYtU007153@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for JBoss Communications Platform SECUNIA ADVISORY ID: SA45590 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45590/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45590 RELEASE DATE: 2011-08-11 DISCUSS ADVISORY: http://secunia.com/advisories/45590/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45590/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45590 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for JBoss Communications Platform. This fixes a weakness, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA44316 SOLUTION: Apply update. Please see the vendor's advisory for details. ORIGINAL ADVISORY: RHSA-2011:1148-1: https://rhn.redhat.com/errata/RHSA-2011-1148.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 15:49:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 00:49:05 +0200 Subject: [SEC] [SA45593] Red Hat update for flash-plugin Message-ID: <201108112249.p7BMn5w0029108@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA45593 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45593 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45593/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45593/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45593 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA45583 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1144-1: https://rhn.redhat.com/errata/RHSA-2011-1144.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 16:16:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 01:16:17 +0200 Subject: [SEC] [SA45582] ISC DHCP Two Denial of Service Vulnerabilities Message-ID: <201108112316.p7BNGHW8018352@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: ISC DHCP Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA45582 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45582/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45582 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45582/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45582/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45582 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An unspecified error when processing a certain packet can be exploited to cause the server to halt by sending specially crafted packets. 2) Another unspecified error when processing a certain packet can be exploited to cause the server to halt by sending specially crafted packets. The vulnerabilities are reported in versions 3.1.0 through 3.1-ESV-R1, 4.1.0 through 4.1.2rc1, 4.1-ESV through 4.1-ESV-R3b1, and 4.2.0 through 4.2.2rc1. SOLUTION: Update to version 3.1-ESV-R3, 4.1-ESV-R3, or 4.2.2. PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits David Zych, University of Illinois. 2) Reported by the vendor. ORIGINAL ADVISORY: https://www.isc.org/software/dhcp/advisories/cve-2011-2748 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 16:49:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 01:49:25 +0200 Subject: [SEC] [SA43662] Symantec Endpoint Protection Manager Cross-Site Scripting and Request Forgery Message-ID: <201108112349.p7BNnPOE007843@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Symantec Endpoint Protection Manager Cross-Site Scripting and Request Forgery SECUNIA ADVISORY ID: SA43662 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43662/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43662 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/43662/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43662/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43662 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in Symantec Endpoint Protection Manager, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1) Input appended to the URL after /console/apps/sepm is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "token" parameter to portal/Help.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) The portal application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add an administrative user by tricking a logged in administrator into visiting a malicious web site. The vulnerabilities are confirmed in version 11.0.6 Maintenance Patch 2 (11.0.6200.754). Other versions may also be affected. SOLUTION: Update to version 11.0.7000 RU7. PROVIDED AND/OR DISCOVERED BY: Sow Ching Shiong via Secunia 1, 2) The vendor also credits Sachin Shinde(Cons0ul) ORIGINAL ADVISORY: Symantec: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 17:17:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 02:17:11 +0200 Subject: [SEC] [SA45528] Radfa Sabadkharid "add2cart" SQL Injection Vulnerability Message-ID: <201108120017.p7C0HBQQ029533@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Radfa Sabadkharid "add2cart" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45528 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45528/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45528 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45528/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45528/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45528 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Radfa Sabadkharid, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "add2cart" parameter to cart.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: hosinn OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 17:51:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 02:51:16 +0200 Subject: [SEC] [SA45500] Microsoft Windows TCP/IP Stack Denial of Service Vulnerabilities Message-ID: <201108120051.p7C0pGJf019105@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Microsoft Windows TCP/IP Stack Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA45500 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45500/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45500 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45500/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45500/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45500 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the TCP/IP stack (Tcpip.sys) when parsing received ICMP messages can be exploited to cause a system to stop responding or restart via a sequence of specially crafted ICMP messages. 2) An error in the TCP/IP stack (Tcpip.sys) when parsing URLs can be exploited to cause a system to stop responding or restart via a specially crafted URL request to a system serving web content with URL-based QoS (Quality of Service) enabled (disabled by default). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-064 (KB2563894): http://www.microsoft.com/technet/security/bulletin/ms11-064.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 11 18:26:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 03:26:00 +0200 Subject: [SEC] [SA45536] Intel Active System Console / Multi-Server Manager Denial of Service Vulnerability Message-ID: <201108120126.p7C1Q0jO008703@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Intel Active System Console / Multi-Server Manager Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45536 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45536/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45536 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45536/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45536/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45536 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Intel Active System Console and Multi-Server Manager, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error and can be exploited to render the service unresponsive. No further information is currently available. The vulnerability is reported in the following products: * Intel Active System Console version 4.4 * Intel Multi-Server Manager version 1.0 SOLUTION: Apply patch version 002. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits a business partner. ORIGINAL ADVISORY: INTEL-SA-00029: http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00029&languageid=en-fr OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 10:36:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 19:36:18 +0200 Subject: [SEC] [SA45588] WordPress Link Library Plugin "id" Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201108121736.p7CHaIW7014039@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Link Library Plugin "id" Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45588 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45588/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45588 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45588/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45588/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45588 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: mermenomachus has discovered two vulnerabilities in the Link Library plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "id" parameter to wp-content/plugins/link-library/tracker.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "id" parameter to wp-content/plugins/link-library/tracker.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 5.0.8. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: mermenomachus OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 11:37:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 20:37:47 +0200 Subject: [SEC] [SA45530] SUSE update for kernel Message-ID: <201108121837.p7CIblKo004988@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA45530 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45530/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45530 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45530/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45530/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45530 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose system information, conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS. For more information: SA41493 SA43716 SA44094 SA44164 SA44248 SA44754 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SA:2011:034: http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00010.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 12:36:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 21:36:32 +0200 Subject: [SEC] [SA45546] Calisto "txtEmail" and "txtUsuario" SQL Injection Vulnerabilities Message-ID: <201108121936.p7CJaWpS028242@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Calisto "txtEmail" and "txtUsuario" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45546 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45546/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45546 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45546/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45546/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45546 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Lostmon has reported two vulnerabilities in Calisto, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "txtEmail" parameter to admin/loginadmin.aspx and via the "txtUsuario" parameter to e.g. categoria.aspx or ofertas.aspx is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can further be exploited to bypass the authentication mechanism. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Lostmon ORIGINAL ADVISORY: http://lostmon.blogspot.com/2011/08/calisto-light-light-plus-and-full-sql.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 13:37:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 22:37:36 +0200 Subject: [SEC] [SA45579] WordPress All in One Adsense and YPN Plugin Security Bypass Vulnerability Message-ID: <201108122037.p7CKbaeM019197@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress All in One Adsense and YPN Plugin Security Bypass Vulnerability SECUNIA ADVISORY ID: SA45579 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45579/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45579 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45579/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45579/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45579 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: antion has discovered a vulnerability in the All in One Adsense and YPN plugin for WordPress, which can be exploited by malicious people to bypass certain security restrictions. The application does not properly restrict access to the wp-content/plugins/all-in-one-adsense-and-ypn/all-in-one-adsense-and-ypn.php script, which can be exploited to e.g. edit Google AdSense account details and conduct script insertion attacks. The vulnerability is confirmed in version 2.01. Other versions may also be affected. SOLUTION: Restrict access to the wp-content/plugins/all-in-one-adsense-and-ypn/all-in-one-adsense-and-ypn.php script (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: antion OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 14:31:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 23:31:08 +0200 Subject: [SEC] [SA45567] Phone Drive Lite Directory Traversal Vulnerability Message-ID: <201108122131.p7CLV8HI009731@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Phone Drive Lite Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA45567 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45567/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45567 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45567/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45567/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45567 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Khashayar Fereidani has discovered a vulnerability in Phone Drive Lite, which can be exploited by malicious people to disclose potentially sensitive information. For more information: SA45551 The vulnerability is confirmed in version 1.1.0. Other versions may also be affected. SOLUTION: Only use the file transfer functionality within a trusted network environment. PROVIDED AND/OR DISCOVERED BY: Khashayar Fereidani ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17645/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 14:51:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 12 Aug 2011 23:51:11 +0200 Subject: [SEC] [SA45542] Fedora update for glpi, glpi-data-injection, glpi-mass-ocs-import, and glpi-pdf Message-ID: <201108122151.p7CLpB6u031023@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for glpi, glpi-data-injection, glpi-mass-ocs-import, and glpi-pdf SECUNIA ADVISORY ID: SA45542 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45542/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45542 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45542/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45542/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45542 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for glpi, glpi-data-injection, glpi-mass-ocs-import, and glpi-pdf. This fixes a security issue, which can be exploited by malicious users to disclose potentially sensitive information. For more information: SA45366 SOLUTION: Apply updated packages via the yum utility ("yum update glpi glpi-data-injection glpi-mass-ocs-import glpi-pdf"). ORIGINAL ADVISORY: FEDORA-2011-9690: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063677.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063678.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063680.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063679.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 15:17:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 00:17:00 +0200 Subject: [SEC] [SA45545] Fedora update for NetworkManager Message-ID: <201108122217.p7CMH0GH020186@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for NetworkManager SECUNIA ADVISORY ID: SA45545 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45545/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45545 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45545/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45545/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45545 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for NetworkManager. This fixes a weakness, which can be exploited by malicious, local users to bypass certain security restrictions. For more information: SA44858 SOLUTION: Apply updated packages via the yum utility ("yum update NetworkManager"). ORIGINAL ADVISORY: FEDORA-2011-8612: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063665.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 15:51:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 00:51:17 +0200 Subject: [SEC] [SA45547] TeeChart Pro ActiveX Control "AddSeries()" Array Indexing Vulnerability Message-ID: <201108122251.p7CMpHcG009766@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: TeeChart Pro ActiveX Control "AddSeries()" Array Indexing Vulnerability SECUNIA ADVISORY ID: SA45547 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45547/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45547 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45547/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45547/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45547 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the TeeChart Pro ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an array indexing error when handling the "AddSeries()" method and can be exploited by e.g. tricking a user into visiting a specially crafted website. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in versions 5.0.1.0, 8.0.0.7, and 2010.0.0.3 and reported in versions 6.0.0.5 and 7.0.1.4. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Steven Seeley, stratsec ORIGINAL ADVISORY: http://www.stratsec.net/Research/Advisories/TeeChart-Professional-Integer-Overflow OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 16:14:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 01:14:32 +0200 Subject: [SEC] [SA45569] Red Hat update for libXfont Message-ID: <201108122314.p7CNEWQ7031205@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for libXfont SECUNIA ADVISORY ID: SA45569 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45569/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45569 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45569/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45569/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45569 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for libXfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA45544 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1154-1: https://rhn.redhat.com/errata/RHSA-2011-1154.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 16:49:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 01:49:16 +0200 Subject: [SEC] [SA45594] SUSE update for foomatic-filters Message-ID: <201108122349.p7CNnGwa020818@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for foomatic-filters SECUNIA ADVISORY ID: SA45594 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45594/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45594 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45594/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45594/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45594 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for foomatic-filters. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45196 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0892-1: https://hermes.opensuse.org/messages/11030786 SUSE-SU-2011:0895-1: https://hermes.opensuse.org/messages/11040895 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 17:17:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 02:17:04 +0200 Subject: [SEC] [SA45601] Unitronics OPC Server TeeChart Pro ActiveX Control Array Indexing Vulnerability Message-ID: <201108130017.p7D0H4m9010069@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Unitronics OPC Server TeeChart Pro ActiveX Control Array Indexing Vulnerability SECUNIA ADVISORY ID: SA45601 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45601/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45601 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45601/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45601/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45601 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Unitronics OPC Server, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the TeeChart Pro ActiveX control. For more information: SA45547 The vulnerability is confirmed in version 1.3.8. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Steven Seeley, stratsec ORIGINAL ADVISORY: http://www.stratsec.net/Research/Advisories/TeeChart-Professional-Integer-Overflow OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 17:49:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 02:49:32 +0200 Subject: [SEC] [SA45570] Joomla! VPortfolio Component Unspecified File Disclosure Vulnerability Message-ID: <201108130049.p7D0nW3j031980@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Joomla! VPortfolio Component Unspecified File Disclosure Vulnerability SECUNIA ADVISORY ID: SA45570 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45570/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45570 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45570/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45570/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45570 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the VPortfolio component for Joomla!, which can be exploited by malicious users to disclose sensitive information. Certain unspecified input is not properly verified before being used. This can be exploited to disclose the contents of arbitrary files from local resources via directory traversal sequences. The vulnerability is reported in versions prior to 1.2. SOLUTION: Update to version 1.2. PROVIDED AND/OR DISCOVERED BY: Reported by the Joomla! VEL team. ORIGINAL ADVISORY: VPortfolio: http://vsmart-extensions.com/index.php?option=com_content&view=article&id=61:vportfolio-security-release-statement&catid=35:joomla-extensions&Itemid=137 Joomla!: http://docs.joomla.org/Vulnerable_Extensions_List#V-portfolio OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 18:14:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 03:14:28 +0200 Subject: [SEC] [SA45489] Linux Kernel "perf" Privilege Escalation Weakness Message-ID: <201108130114.p7D1ES0X021096@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Linux Kernel "perf" Privilege Escalation Weakness SECUNIA ADVISORY ID: SA45489 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45489/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45489 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45489/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45489/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45489 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges. The weakness is caused due to the perf utility loading the configuration file from the current directory, which can be exploited to e.g. gain escalated privileges by tricking a user into running the perf utility in a directory containing a malicious configuration file. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported by Christian Ohm in a Debian bug. ORIGINAL ADVISORY: Debian Bug #632923: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632923 GIT commit: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=aba8d056078e47350d85b06a9cabd5afcc4b72ea OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 18:49:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 03:49:28 +0200 Subject: [SEC] [SA45551] Phone Drive Directory Traversal Vulnerability Message-ID: <201108130149.p7D1nSsE010697@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Phone Drive Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA45551 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45551/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45551 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45551/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45551/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45551 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Khashayar Fereidani has discovered a vulnerability in Phone Drive, which can be exploited by malicious users to disclose potentially sensitive information. Input passed to the URL of the application is not properly sanitised before being used to access files. This can be exploited to access files outside of the application root and e.g. download an iPhone address book via directory traversal attacks. The vulnerability is confirmed in version 1.1.2. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Khashayar Fereidani ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17645/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 19:20:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 04:20:07 +0200 Subject: [SEC] [SA45591] SUSE update for flash-player Message-ID: <201108130220.p7D2K7rQ001685@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for flash-player SECUNIA ADVISORY ID: SA45591 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45591/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45591 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45591/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45591/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45591 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for flash-player. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA45583 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0897-1: https://hermes.opensuse.org/messages/11040919 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 19:49:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 04:49:25 +0200 Subject: [SEC] [SA45589] SUSE update for ecryptfs-utils Message-ID: <201108130249.p7D2nPhf023478@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for ecryptfs-utils SECUNIA ADVISORY ID: SA45589 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45589/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45589 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45589/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45589/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45589 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for ecryptfs-utils. This fixes multiple security issues, which can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA45563 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0898-1: https://hermes.opensuse.org/messages/11043404 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 12 20:14:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 13 Aug 2011 05:14:19 +0200 Subject: [SEC] [SA45568] Red Hat update for xorg-x11 Message-ID: <201108130314.p7D3EJ0M012585@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for xorg-x11 SECUNIA ADVISORY ID: SA45568 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45568 RELEASE DATE: 2011-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/45568/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45568/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45568 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for xorg-x11. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA45544 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1155-1: https://rhn.redhat.com/errata/RHSA-2011-1155.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 10:37:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 15 Aug 2011 19:37:02 +0200 Subject: [SEC] [SA45598] MPlayer SAMI Subtitle Parsing Buffer Overflow Vulnerability Message-ID: <201108151737.p7FHb2AS028208@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: MPlayer SAMI Subtitle Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45598 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45598/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45598 RELEASE DATE: 2011-08-15 DISCUSS ADVISORY: http://secunia.com/advisories/45598/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45598/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45598 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in MPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "sub_read_line_sami()" function in subreader.c and can be exploited to cause a stack-based buffer overflow via a specially crafted SAMI subtitle file. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in svn versions prior to 33471. SOLUTION: Update to svn version 33471 or later. PROVIDED AND/OR DISCOVERED BY: Originally addressed by the vendor (reimar) without being reported as a vulnerability. Later reported as a vulnerability by Jacques Louw, MWR InfoSecurity. ORIGINAL ADVISORY: MPlayer: http://mplayerhq.hu/pipermail/mplayer-cvslog/2011-May/042075.html MWR InfoSecurity: http://labs.mwrinfosecurity.com/files/Advisories/mwri_mplayer-sami-subtitles_2011-08-12.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 11:34:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 15 Aug 2011 20:34:17 +0200 Subject: [SEC] [SA45603] Joomla! RAXO All-mode PRO Module TimThumb Arbitrary File Upload Vulnerability Message-ID: <201108151834.p7FIYHHc018954@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Joomla! RAXO All-mode PRO Module TimThumb Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA45603 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45603 RELEASE DATE: 2011-08-15 DISCUSS ADVISORY: http://secunia.com/advisories/45603/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45603/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45603 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the RAXO All-mode PRO module for Joomla!, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a bundled vulnerable version of TimThumb. For more information see vulnerability #1 in: SA45416 SOLUTION: Update to version 1.5.0. PROVIDED AND/OR DISCOVERED BY: Reported by the Joomla! VEL team. ORIGINAL ADVISORY: Joomla!: http://docs.joomla.org/Vulnerable_Extensions_List#RAXO_All-mode_PRO RAXO: http://raxo.org/forum/viewtopic.php?f=2&t=60#p2056 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 12:37:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 15 Aug 2011 21:37:38 +0200 Subject: [SEC] [SA45576] Symantec Products Veritas Enterprise Administrator Service Buffer Overflows Message-ID: <201108151937.p7FJbccq009989@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Symantec Products Veritas Enterprise Administrator Service Buffer Overflows SECUNIA ADVISORY ID: SA45576 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45576/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45576 RELEASE DATE: 2011-08-15 DISCUSS ADVISORY: http://secunia.com/advisories/45576/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45576/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45576 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in various Symantec products, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to errors in the Veritas Enterprise Administrator service (vxsvc) and can be exploited to cause buffer overflows via specially crafted requests to port 2148. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply patches when available. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Luigi Auriemma via ZDI. ORIGINAL ADVISORY: SYM11-010: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110815_00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 13:33:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 15 Aug 2011 22:33:30 +0200 Subject: [SEC] [SA45531] ax25-tools ax25d Privilege Escalation Security Issue Message-ID: <201108152033.p7FKXUms000638@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: ax25-tools ax25d Privilege Escalation Security Issue SECUNIA ADVISORY ID: SA45531 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45531/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45531 RELEASE DATE: 2011-08-15 DISCUSS ADVISORY: http://secunia.com/advisories/45531/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45531/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45531 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in ax25-tools, which can be exploited by malicious users to perform certain actions with escalated privileges. The security issue is caused due to the ax25d daemon not properly checking the return value when dropping privileges, which can be exploited to perform certain actions with escalated privileges. The security issue is reported in version 0.0.10-rc2. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/08/10/3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 14:28:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 15 Aug 2011 23:28:19 +0200 Subject: [SEC] [SA45621] Gimp GIF Processing "LZWReadByte()" Buffer Overflow Vulnerability Message-ID: <201108152128.p7FLSJX9023716@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Gimp GIF Processing "LZWReadByte()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45621 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45621/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45621 RELEASE DATE: 2011-08-15 DISCUSS ADVISORY: http://secunia.com/advisories/45621/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45621/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45621 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Gimp, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in the "LZWReadByte()" function (plug-ins/common/file-gif-load.c) and can be exploited to cause a buffer overflow by tricking a user into opening a specially crafted GIF image. The vulnerability is reported in version 2.6.11. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Red Hat Security Response Team ORIGINAL ADVISORY: Gimp GIT commit: http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc Red Hat: https://bugzilla.redhat.com/show_bug.cgi?id=730338 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 14:49:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 15 Aug 2011 23:49:07 +0200 Subject: [SEC] [SA45641] Apache Tomcat Commons Daemon Jsvc Information Disclosure Weakness Message-ID: <201108152149.p7FLn7qP012603@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Apache Tomcat Commons Daemon Jsvc Information Disclosure Weakness SECUNIA ADVISORY ID: SA45641 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45641/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45641 RELEASE DATE: 2011-08-15 DISCUSS ADVISORY: http://secunia.com/advisories/45641/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45641/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45641 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Apache Tomcat, which can be exploited by malicious, local users to disclose sensitive information. The weakness is caused due to an error within the Jsvc library, which does not drop permissions for the application to access files and directories owned by the super user. This can lead to certain applications being able to access files and directories of the super user. The weakness is reported in versions 7.0.0 through 7.0.19, 6.0.30 through 6.0.32, and 5.5.32 through 5.5.33. SOLUTION: Update to version 7.0.20 or update to version 5.5.34 or 6.0.33 when available. Also fixed in the SVN repository and the vendor has also provided a proposed patch for Apache Tomcat version 5. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Wilfried Weissmann. ORIGINAL ADVISORY: http://tomcat.apache.org/security-7.html http://tomcat.apache.org/security-6.html http://tomcat.apache.org/security-5.html http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E45221D.1020306 at apache.org%3E OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 15:13:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 00:13:34 +0200 Subject: [SEC] [SA45572] Dropbox for Android Content Provider Security Bypass Message-ID: <201108152213.p7FMDYAU001651@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Dropbox for Android Content Provider Security Bypass SECUNIA ADVISORY ID: SA45572 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45572/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45572 RELEASE DATE: 2011-08-15 DISCUSS ADVISORY: http://secunia.com/advisories/45572/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45572/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45572 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Dropbox for Android, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the application providing the Dropbox content service to other applications, which can be exploited to e.g. upload files (including the Dropbox configuration files and content databases) to the user's Dropbox account. Successful exploitation requires that a malicious application is installed. The security issue is reported in version 1.1.3. Other versions may also be affected. SOLUTION: Update to version 1.2. PROVIDED AND/OR DISCOVERED BY: Tyrone Erasmus, MWR InfoSecurity ORIGINAL ADVISORY: http://labs.mwrinfosecurity.com/files/Advisories/mwri_dropbox_for_android_2011-08-12.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 15:47:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 00:47:51 +0200 Subject: [SEC] [SA45548] Contrexx CMS Shop Module "productId" SQL Injection Vulnerability Message-ID: <201108152247.p7FMlput023674@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Contrexx CMS Shop Module "productId" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45548 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45548/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45548 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45548/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45548/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45548 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Penguin has reported a vulnerability in the Shop module for Contrexx CMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "productId" parameter to index.php (when "section" is set to "shop") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Penguin ORIGINAL ADVISORY: http://blog.null-sector.info/?p=335 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 16:14:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 01:14:32 +0200 Subject: [SEC] [SA45597] Apache Tomcat XML Parser Vulnerability Message-ID: <201108152314.p7FNEW5G012888@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Apache Tomcat XML Parser Vulnerability SECUNIA ADVISORY ID: SA45597 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45597/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45597 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45597/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45597/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45597 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache Tomcat, which can be exploited by malicious users to disclose sensitive information or manipulate certain data. For more information see vulnerability #3 in: SA35326 The vulnerability is reported in versions 7.0.0 through 7.0.16. SOLUTION: Update to version 7.0.19. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://tomcat.apache.org/security-7.html http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E4526A7.60109 at apache.org%3E OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 16:47:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 01:47:53 +0200 Subject: [SEC] [SA45632] Debian update for freetype Message-ID: <201108152347.p7FNlrGx002374@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for freetype SECUNIA ADVISORY ID: SA45632 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45632/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45632 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45632/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45632/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45632 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA45167 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2294-1: http://lists.debian.org/debian-security-announce/2011/msg00168.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 17:15:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 02:15:54 +0200 Subject: [SEC] [SA45592] Novell eDirectory OpenSSL Ciphersuite Downgrade Vulnerability Message-ID: <201108160015.p7G0FsEb024088@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Novell eDirectory OpenSSL Ciphersuite Downgrade Vulnerability SECUNIA ADVISORY ID: SA45592 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45592/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45592 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45592/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45592/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45592 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA42473 SOLUTION: Update to version 8.8 SP6 Patch 3 (8.8.6.3). ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=3426981 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 17:48:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 02:48:02 +0200 Subject: [SEC] [SA45622] Xen DMA Requests IOMMU Denial of Service Weakness Message-ID: <201108160048.p7G0m2tV013572@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Xen DMA Requests IOMMU Denial of Service Weakness SECUNIA ADVISORY ID: SA45622 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45622/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45622 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45622/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45622/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45622 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service). The weakness is caused due to Xen not properly restricting bogus DMA requests to PCI/PCIE devices under direct control by the virtual machine, which can be exploited to cause IOMMU faults and a high CPU load or deadlock. The weakness is reported in version 4.1.1. Other versions may also be affected. SOLUTION: Fixed in the Mercurial repository. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://lists.xensource.com/archives/html/xen-devel/2011-06/msg01106.html http://xenbits.xen.org/hg/staging/xen-4.1-testing.hg/rev/84e3706df07a OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 18:14:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 03:14:54 +0200 Subject: [SEC] [SA45636] awiki "page" and "scriptname" File Disclosure Vulnerabilities Message-ID: <201108160114.p7G1EsEa002745@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: awiki "page" and "scriptname" File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA45636 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45636/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45636 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45636/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45636/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45636 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: muuratsalo has discovered two vulnerabilities in awiki, which can be exploited by malicious people to disclose sensitive information. 1) Input passed via the "page" parameter to index.php is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files from local resources. 2) Input passed via the "scriptname" parameter to index.php (when "action" is set to "Editar el Motor") is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files from local resources. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: muuratsalo OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 18:50:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 03:50:39 +0200 Subject: [SEC] [SA45623] Slackware update for bind Message-ID: <201108160150.p7G1odwU024819@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Slackware update for bind SECUNIA ADVISORY ID: SA45623 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45623/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45623 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45623/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45623/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45623 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for bind. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44719 SA45082 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: SSA:2011-224-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.662839 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 19:22:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 04:22:21 +0200 Subject: [SEC] [SA45599] Debian update for libxfont Message-ID: <201108160222.p7G2MLZw014755@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for libxfont SECUNIA ADVISORY ID: SA45599 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45599/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45599 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45599/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45599/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45599 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for libxfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA45544 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2293-1: http://lists.debian.org/debian-security-announce/2011/msg00167.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 15 19:47:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 04:47:48 +0200 Subject: [SEC] [SA45637] Fedora update for dbus Message-ID: <201108160247.p7G2lmrZ003858@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for dbus SECUNIA ADVISORY ID: SA45637 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45637/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45637 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45637/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45637/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45637 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for dbus. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA44896 SOLUTION: Apply updated packages via the yum utility ("yum update dbus"). ORIGINAL ADVISORY: FEDORA-2011-9817: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063731.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 10:35:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 19:35:26 +0200 Subject: [SEC] [SA45642] NetSaro Enterprise Messenger Information Disclosure Weaknesses Message-ID: <201108161735.p7GHZQtl007133@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: NetSaro Enterprise Messenger Information Disclosure Weaknesses SECUNIA ADVISORY ID: SA45642 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45642/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45642 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45642/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45642/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45642 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two weaknesses have been discovered in NetSaro Enterprise Messenger, which can be exploited by malicious, local users to disclose sensitive information. 1) The application stores the administrator's credentials in Base64-encoded format in the configuration.xml file. 2) The application stores user credentials in clear text in the Db/NetSaro.fdb file. The weaknesses are confirmed in version 2.1. Other versions may also be affected. SOLUTION: Restrict access to the system to trusted users only. PROVIDED AND/OR DISCOVERED BY: Jose Hernandez, Rob Kraus, and Solutionary Engineering Research Team (SERT) ORIGINAL ADVISORY: Solutionary (SERT-VDN-1010, SERT-VDN-1011): http://www.solutionary.com/index/SERT/Vuln-Disclosures/NetSaro-Enterprise-Messenger-Vuln-Password.html http://www.solutionary.com/index/SERT/Vuln-Disclosures/NetSaro-Enterprise-Messenger-Vulnerability.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 11:34:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 20:34:40 +0200 Subject: [SEC] [SA45628] Red Hat update for freetype Message-ID: <201108161834.p7GIYeev030395@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for freetype SECUNIA ADVISORY ID: SA45628 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45628/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45628 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45628/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45628/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45628 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library. The vulnerability is caused due to an error within the handling of compressed fonts, which can be exploited to cause a buffer overflow via specially crafted font files. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1161-01: https://rhn.redhat.com/errata/RHSA-2011-1161.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 12:40:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 21:40:45 +0200 Subject: [SEC] [SA45625] Aipo / Aipo ASP Unspecified SQL Injection Vulnerability Message-ID: <201108161940.p7GJejbg021598@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Aipo / Aipo ASP Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45625 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45625/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45625 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45625/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45625/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45625 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious users to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 5.1.1. SOLUTION: Update to version 5.1.1. PROVIDED AND/OR DISCOVERED BY: JVN credits Tsuyoshi Yamaguchi, Digiplate. ORIGINAL ADVISORY: JVN: http://jvn.jp/en/jp/JVN31506102/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000063.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 13:34:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 22:34:00 +0200 Subject: [SEC] [SA45614] Kolay PageRank Sorgulama Script "f_url" Cross-Site Scripting Vulnerability Message-ID: <201108162034.p7GKY0i9012128@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Kolay PageRank Sorgulama Script "f_url" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45614 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45614/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45614 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45614/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45614/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45614 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Kolay PageRank Sorgulama Script, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "f_url" parameter to index.php is not properly sanitised before being return to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: darkTR OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 14:29:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 23:29:27 +0200 Subject: [SEC] [SA45604] Fofou "Url" Script Insertion Vulnerability Message-ID: <201108162129.p7GLTR6I002775@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fofou "Url" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA45604 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45604/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45604 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45604/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45604/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45604 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Fofou, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "Url" parameter to /post is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Sony OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 14:48:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 16 Aug 2011 23:48:58 +0200 Subject: [SEC] [SA45630] Red Hat update for java-1.4.2-ibm Message-ID: <201108162148.p7GLmwmO024035@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.4.2-ibm SECUNIA ADVISORY ID: SA45630 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45630/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45630 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45630/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45630/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45630 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.4.2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA43295 SA45206 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1159-1: https://rhn.redhat.com/errata/RHSA-2011-1159.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 15:14:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 00:14:33 +0200 Subject: [SEC] [SA45571] Prediction Football Cross-Site Request Forgery Vulnerability Message-ID: <201108162214.p7GMEXtx013191@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Prediction Football Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA45571 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45571/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45571 RELEASE DATE: 2011-08-16 DISCUSS ADVISORY: http://secunia.com/advisories/45571/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45571/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45571 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Prediction Football, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. change a password of a user when the logged-in user visits a specially crafted web page. The vulnerability is reported in version 2.51. Prior versions may also be affected. SOLUTION: Update to version 2.52. PROVIDED AND/OR DISCOVERED BY: Smith Falcon ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17666/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 15:48:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 00:48:55 +0200 Subject: [SEC] [SA45638] Ubuntu update for libxfont Message-ID: <201108162248.p7GMmtT5002750@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for libxfont SECUNIA ADVISORY ID: SA45638 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45638/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45638 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45638/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45638/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45638 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libxfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA45544 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1191-1: http://www.ubuntu.com/usn/usn-1191-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 16:15:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 01:15:13 +0200 Subject: [SEC] [SA45573] MarkLogic Server CorelDRAW Parser Buffer Overflow Vulnerability Message-ID: <201108162315.p7GNFDdB024366@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: MarkLogic Server CorelDRAW Parser Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45573 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45573/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45573 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45573/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45573/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45573 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in MarkLogic Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the software bundling a vulnerable Outside In library. For more information see vulnerability #1: SA45297 The vulnerability is reported in versions 4.0, 4.1, and 4.2. SOLUTION: Update to version 4.1-11 or 4.2-6. PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: US-CERT VU#103425: http://www.kb.cert.org/vuls/id/103425 http://www.kb.cert.org/vuls/id/WDON-8J4JEE OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 16:49:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 01:49:09 +0200 Subject: [SEC] [SA45639] Ubuntu update for dhcp3 Message-ID: <201108162349.p7GNn9H9013936@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for dhcp3 SECUNIA ADVISORY ID: SA45639 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45639/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45639 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45639/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45639/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45639 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for dhcp3. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45582 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1190-1: http://www.ubuntu.com/usn/usn-1190-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 17:17:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 02:17:32 +0200 Subject: [SEC] [SA45533] Linux Kernel Event Overflows Denial of Service Vulnerability Message-ID: <201108170017.p7H0HWJm003205@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Linux Kernel Event Overflows Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45533 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45533/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45533 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45533/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45533/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45533 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the handling of software event overflows, which can be exploited to cause a crash via a specially crafted application. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Vince Weaver ORIGINAL ADVISORY: http://permalink.gmane.org/gmane.linux.kernel/1172269 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a8b0ca17b80e92faab46ee7179ba9e99ccb61233 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 16 17:49:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 02:49:12 +0200 Subject: [SEC] [SA45629] Red Hat update for dhcp Message-ID: <201108170049.p7H0nCIL025067@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for dhcp SECUNIA ADVISORY ID: SA45629 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45629/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45629 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45629/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45629/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45629 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for dhcp. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45582 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1160-1: http://rhn.redhat.com/errata/RHSA-2011-1160.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 10:35:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 19:35:43 +0200 Subject: [SEC] [SA45631] SoftwareDEP Classified Script "id" SQL Injection Vulnerability Message-ID: <201108171735.p7HHZh8E032233@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SoftwareDEP Classified Script "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45631 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45631/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45631 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45631/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45631/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45631 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SoftwareDEP Classified Script, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to ad_detail.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 2.5. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: V3n0m OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 11:37:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 20:37:14 +0200 Subject: [SEC] [SA45653] MasqMail Privilege Escalation Security Issues Message-ID: <201108171837.p7HIbESU023183@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: MasqMail Privilege Escalation Security Issues SECUNIA ADVISORY ID: SA45653 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45653/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45653 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45653/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45653/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45653 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some security issues have been reported in MasqMail, which can be exploited by malicious, local users to perform certain actions with escalated privileges. 1) Logic errors when changing the effective user and group IDs can lead to the application running with higher privileges than intended, which can be exploited to perform certain actions with escalated privileges. 2) The application does not properly verify the return value when changing privileges, which can be exploited to perform certain actions with escalated privileges. The security issues have been reported in version 0.2.29. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: John Lightsey ORIGINAL ADVISORY: http://article.gmane.org/gmane.mail.masqmail/301 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 12:37:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 21:37:07 +0200 Subject: [SEC] [SA45656] gdk-pixbuf "gdk_pixbuf__gif_image_load()" Denial of Service Weakness Message-ID: <201108171937.p7HJb7C0014069@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: gdk-pixbuf "gdk_pixbuf__gif_image_load()" Denial of Service Weakness SECUNIA ADVISORY ID: SA45656 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45656/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45656 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45656/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45656/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45656 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in gdk-pixbuf, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library. The weakness is caused due to an error in the "gdk_pixbuf__gif_image_load()" function (gdk-pixbuf/io-gif.c) and can be exploited to cause memory exhaustion by providing a specially crafted GIF image. The weakness is reported in versions prior to 2.23.5. SOLUTION: Fixed in the GIT repository. Also fixed in version 2.23.5. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Mark Doliner ORIGINAL ADVISORY: http://git.gnome.org/browse/gdk-pixbuf/commit/?id=f8569bb13e2aa1584dde61ca545144750f7a7c98 http://ftp.gnome.org/pub/GNOME/sources/gdk-pixbuf/2.23/gdk-pixbuf-2.23.5.news OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 13:34:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 22:34:08 +0200 Subject: [SEC] [SA45670] Fedora update for gdk-pixbuf2 Message-ID: <201108172034.p7HKY8og004785@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for gdk-pixbuf2 SECUNIA ADVISORY ID: SA45670 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45670/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45670 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45670/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45670/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45670 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for gdk-pixbuf2. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library. For more information: SA45656 SOLUTION: Apply updated packages using the yum utility. ORIGINAL ADVISORY: FEDORA-2011-8667: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063859.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 14:28:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 23:28:59 +0200 Subject: [SEC] [SA45668] Mac RealPlayer Two Vulnerabilities Message-ID: <201108172128.p7HLSxnT027822@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Mac RealPlayer Two Vulnerabilities SECUNIA ADVISORY ID: SA45668 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45668/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45668 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45668/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45668/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45668 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Mac RealPlayer, which can be exploited by malicious people to compromise a user's system. For more information see vulnerabilities #5 and #8 in: SA44014 The vulnerabilities are reported in version 12.0.0.1569. Other versions may also be affected. SOLUTION: Update to version 12.0.0.1701. ORIGINAL ADVISORY: RealNetworks: http://service.real.com/realplayer/security/08162011_player/en/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 14:48:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 17 Aug 2011 23:48:18 +0200 Subject: [SEC] [SA45608] RealPlayer Enterprise Multiple Vulnerabilities Message-ID: <201108172148.p7HLmIBJ016640@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: RealPlayer Enterprise Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45608 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45608/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45608 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45608/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45608/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45608 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in RealPlayer Enterprise, which can be exploited by malicious people to compromise a user's system. For more information see vulnerabilities #1, #3, #5, #6, #9, and #11 in: SA44014 The vulnerabilities are reported in versions 2.0 through 2.1.5. SOLUTION: Update to version 2.1.6. ORIGINAL ADVISORY: RealNetworks: http://service.real.com/realplayer/security/08162011_player/en/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 15:13:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 00:13:20 +0200 Subject: [SEC] [SA45616] Oracle Solaris Firefox Multiple Vulnerabilities Message-ID: <201108172213.p7HMDKQk005746@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Oracle Solaris Firefox Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45616 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45616/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45616 RELEASE DATE: 2011-08-17 DISCUSS ADVISORY: http://secunia.com/advisories/45616/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45616/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45616 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged multiple vulnerabilities in Firefox included in Solaris, which can be exploited by malicious people to compromise a user's system. For more information: SA43550 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2011_0053_multiple_vulnerabilities OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 15:48:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 00:48:55 +0200 Subject: [SEC] [SA45607] Oracle Solaris Adobe Flash Player Two Vulnerabilities Message-ID: <201108172248.p7HMmtTX027799@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Oracle Solaris Adobe Flash Player Two Vulnerabilities SECUNIA ADVISORY ID: SA45607 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45607/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45607 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45607/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45607/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45607 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged two vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to compromise a user's system. For more information: SA43751 SA44119 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2011_0609_vulnerability_in http://blogs.oracle.com/sunsecurity/entry/cve_2011_0611_vulnerability_in OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 16:14:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 01:14:57 +0200 Subject: [SEC] [SA45611] Nortel Media Application Server Packet Processing Buffer Overflow Message-ID: <201108172314.p7HNEvwg016953@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Nortel Media Application Server Packet Processing Buffer Overflow SECUNIA ADVISORY ID: SA45611 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45611/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45611 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45611/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45611/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45611 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Nortel Media Application Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the cstore.exe component when processing a CONTENT_STORE_ADMIN_REQ packet. This can be exploited to cause a stack-based buffer overflow via an overly long string passed via the "cs_anams" parameter to TCP port 52005. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 1.0 and 2.0. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: AbdulAziz Hariri, ThirdEyeTesters via ZDI ORIGINAL ADVISORY: Avaya: https://support.avaya.com/css/P8/documents/100146108 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-260/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 16:49:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 01:49:17 +0200 Subject: [SEC] [SA44014] RealPlayer Multiple Vulnerabilities Message-ID: <201108172349.p7HNnHxg006522@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: RealPlayer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44014 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44014/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44014 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/44014/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44014/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44014 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. 1) A use-after-free error exists in pngu3267.dll within the handling of displayed dialog boxes when navigating away from a web page. This can be exploited to dereference already freed memory by tricking a user into visiting a specially crafted web page and e.g. display the "Copyrights" or "Version Info" dialog box via the "About RealPlayer" context menu or open the "About This Presentation" dialog box. Successful exploitation of this vulnerability allows execution of arbitrary code. 2) An unspecified error related to SIPR can be exploited to cause a heap-based buffer overflow. 3) An unspecified error related to the RealPlayer ActiveX control can be exploited to execute arbitrary code. 4) The application allows the processing of local HTML files with scripting enabled, which can be exploited to execute arbitrary code by e.g. tricking a user into visiting a malicious website. 5) An error within the handling of "DEFINEFONT" fields when parsing Flash files can be exploited to cause a memory corruption. 6) A boundary error within the handling of certain ID3v2 tags in MP3 files can be exploited to cause a heap-based buffer overflow. 7) A boundary error within qcpfformat.dll when handling certain QCP media files can be exploited to cause a heap-based buffer overflow. 8) An error within the parsing of AAC raw_data_frame elements can be exploited to cause a buffer overflow. 9) An unspecified "Out of Bounds" error exists within the RealPlayer ActiveX control 10) An unspecified use-after-free error related to "Embedded AutoUpdate" exists within the RealPlayer ActiveX control. 11) An unspecified use-after-free error related to "Embedded Modal Dialog" exists within the RealPlayer ActiveX control. The vulnerabilities are reported in versions 14.0.0 through 14.0.5. Other versions may also be affected. SOLUTION: Update to version 14.0.6. PROVIDED AND/OR DISCOVERED BY: 1) Krystian Kloskowski (h07) via Secunia. 4) Martin Bartek via ZDI 5) Luigi Auriemma via ZDI 6, 7) Sean de Regge via ZDI 8) Donato Ferrante and Andrzej Dyjak via ZDI The vendor credits: 2) Omair via iDefense Labs 3) getB33, via iDefense Labs 9, 10, 11) Luigi Auriemma ORIGINAL ADVISORY: RealNetworks: http://service.real.com/realplayer/security/08162011_player/en/ ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-265/ http://www.zerodayinitiative.com/advisories/ZDI-11-266/ http://www.zerodayinitiative.com/advisories/ZDI-11-267/ http://www.zerodayinitiative.com/advisories/ZDI-11-268/ http://www.zerodayinitiative.com/advisories/ZDI-11-269/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 17:16:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 02:16:31 +0200 Subject: [SEC] [SA45610] Oracle Solaris PostgreSQL "gettoken()" Buffer Overflow Vulnerability Message-ID: <201108180016.p7I0GVQh028172@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Oracle Solaris PostgreSQL "gettoken()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45610 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45610/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45610 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45610/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45610/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45610 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in PostgreSQL included in Solaris, which can be exploited by malicious users to compromise a vulnerable system. For more information: SA43144 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2010_4015_buffer_overflow http://blogs.oracle.com/sunsecurity/entry/cve_2010_4015_buffer_overflow1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 17:49:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 02:49:00 +0200 Subject: [SEC] [SA45618] Oracle Solaris wget "Location" Header File Creation Weakness Message-ID: <201108180049.p7I0n0Vo017650@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Oracle Solaris wget "Location" Header File Creation Weakness SECUNIA ADVISORY ID: SA45618 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45618/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45618 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45618/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45618/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45618 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a weakness in wget included in Solaris, which can be exploited by malicious people to bypass certain security features. For more information: SA40861 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2010_2252_improper_input OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 18:14:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 03:14:08 +0200 Subject: [SEC] [SA45650] Red Hat update for firefox Message-ID: <201108180114.p7I1E8vs006759@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for firefox SECUNIA ADVISORY ID: SA45650 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45650/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45650 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45650/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45650/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45650 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1164-1: https://rhn.redhat.com/errata/RHSA-2011-1164.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 18:48:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 03:48:42 +0200 Subject: [SEC] [SA45627] Oracle Solaris libpango "hb_buffer_ensure()" Memory Reallocation Vulnerability Message-ID: <201108180148.p7I1mgF0028764@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Oracle Solaris libpango "hb_buffer_ensure()" Memory Reallocation Vulnerability SECUNIA ADVISORY ID: SA45627 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45627/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45627 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45627/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45627/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45627 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in libpango included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA43578 SOLUTION: Apply bug fix. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2011_0064_vulnerability_in OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 19:18:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 04:18:04 +0200 Subject: [SEC] [SA45669] Red Hat update for thunderbird Message-ID: <201108180218.p7I2I4dT018550@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for thunderbird SECUNIA ADVISORY ID: SA45669 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45669/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45669 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45669/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45669/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45669 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45666 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1166-1: https://rhn.redhat.com/errata/RHSA-2011-1166.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 19:49:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 04:49:32 +0200 Subject: [SEC] [SA45651] Red Hat update for seamonkey Message-ID: <201108180249.p7I2nWMb007967@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for seamonkey SECUNIA ADVISORY ID: SA45651 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45651/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45651 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45651/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45651/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45651 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for seamonkey. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45666 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1167-1: http://rhn.redhat.com/errata/RHSA-2011-1167.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 20:13:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 05:13:12 +0200 Subject: [SEC] [SA45652] Red Hat update for thunderbird Message-ID: <201108180313.p7I3DCTZ029431@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for thunderbird SECUNIA ADVISORY ID: SA45652 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45652/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45652 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45652/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45652/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45652 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for thunderbird. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45666 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1165-1: http://rhn.redhat.com/errata/RHSA-2011-1165.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 20:48:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 05:48:57 +0200 Subject: [SEC] [SA45609] Oracle Solaris Net-snmp fixproc Insecure Temporary File Creation Vulnerability Message-ID: <201108180348.p7I3mv9h019086@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Oracle Solaris Net-snmp fixproc Insecure Temporary File Creation Vulnerability SECUNIA ADVISORY ID: SA45609 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45609/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45609 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45609/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45609/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45609 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Net-snmp included in Solaris, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. For more information: SA15471 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2005_1740_vulnerability_in OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 21:14:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 06:14:13 +0200 Subject: [SEC] [SA45655] Fedora update for clamav Message-ID: <201108180414.p7I4EDWe008176@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for clamav SECUNIA ADVISORY ID: SA45655 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45655/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45655 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45655/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45655/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45655 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45382 SOLUTION: Apply updated packages via the yum utility ("yum update clamav"). ORIGINAL ADVISORY: FEDORA-2011-10053: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063870.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 21:50:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 06:50:05 +0200 Subject: [SEC] [SA45596] Elgg Multiple Vulnerabilities Message-ID: <201108180450.p7I4o5Ut030250@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Elgg Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45596 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45596/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45596 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45596/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45596/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45596 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and some vulnerabilities have been discovered in Elgg, which can be exploited by malicious people to disclose sensitive information and conduct cross-site scripting and SQL injection attacks. 1) A SQL error can be exploited to disclose certain sensitive information within a SQL error message. 2) Input passed to the "internalname" parameter in engine/handlers/pagehandler.php (when "handler is set to "embed" and "page" is set to "media") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that the Embed plug-in is enabled. 3) Input passed to the "container_guid" and "owner_guid" parameters in engine/handlers/pagehandler.php (when "handler" is set to "search") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The weakness and the vulnerabilities are confirmed in version 1.7.10. Prior versions may also be affected. SOLUTION: Update to version 1.7.11. PROVIDED AND/OR DISCOVERED BY: 1, 2) The vendor credits Aung Khant, YGN Ethical Hacker Group. 3) Lostmon Lords. ORIGINAL ADVISORY: Elgg Blog: http://blog.elgg.org/pg/blog/brett/read/189/elgg-1711-released Lostmon Lords: http://lostmon.blogspot.com/2011/08/elgg-18-beta2-and-prior-to-1711.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 17 22:14:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 07:14:15 +0200 Subject: [SEC] [SA45613] Oracle Solaris Certificate IP Address Wildcard Matching Vulnerability Message-ID: <201108180514.p7I5EFjH019316@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Oracle Solaris Certificate IP Address Wildcard Matching Vulnerability SECUNIA ADVISORY ID: SA45613 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45613/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45613 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45613/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45613/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45613 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in libldap included in Solaris, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA41237 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/cve_2010_3170_browser_wildcard OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 10:35:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 19:35:26 +0200 Subject: [SEC] [SA45679] MantisBT "project_id" Cross-Site Scripting Vulnerability Message-ID: <201108181735.p7IHZQW5012491@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: MantisBT "project_id" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45679 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45679/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45679 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45679/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45679/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45679 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MantisBT, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "project_id" parameter to search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.2.6. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Cyrus and Net.Edit0r ORIGINAL ADVISORY: http://www.mantisbt.org/bugs/view.php?id=13245 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 11:37:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 20:37:30 +0200 Subject: [SEC] [SA45605] RoundCube Webmail "_mbox" Cross-Site Scripting Vulnerability Message-ID: <201108181837.p7IIbU0r003471@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: RoundCube Webmail "_mbox" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45605 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45605/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45605 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45605/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45605/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45605 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "_mbox" parameter to various scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 0.5.4. SOLUTION: Update to version 0.5.4. PROVIDED AND/OR DISCOVERED BY: Reported by abyszko in a bug report. ORIGINAL ADVISORY: http://trac.roundcube.net/browser/tags/roundcubemail/v0.5.4/CHANGELOG http://trac.roundcube.net/ticket/1488030 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 12:39:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 21:39:05 +0200 Subject: [SEC] [SA45660] SUSE update for libpng Message-ID: <201108181939.p7IJd5Ql026846@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for libpng SECUNIA ADVISORY ID: SA45660 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45660/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45660 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45660/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45660/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45660 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA32418 SA45046 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0919-1: https://hermes.opensuse.org/messages/11279547 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 13:36:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 22:36:31 +0200 Subject: [SEC] [SA45682] WordPress Fast Secure Contact Form Plugin URL Cross-Site Scripting Vulnerability Message-ID: <201108182036.p7IKaVh7017583@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Fast Secure Contact Form Plugin URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45682 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45682/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45682 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45682/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45682/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45682 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in the Fast Secure Contact Form plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after wp-content/plugins/si-contact-form/captcha/test/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.0.3.1. Prior versions may also be affected. SOLUTION: Update to version 3.0.3.2. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23036: http://www.htbridge.ch/advisory/xss_in_fast_secure_contact_form.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 14:30:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 18 Aug 2011 23:30:38 +0200 Subject: [SEC] [SA45681] WordPress WP-Stats-Dashboard Plugin Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201108182130.p7ILUcDl008146@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress WP-Stats-Dashboard Plugin Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45681 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45681/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45681 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45681/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45681/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45681 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in the WP-Stats-Dashboard plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "icon", "url", "name", "type", "code", and "username" parameters to wp-content/plugins/wp-stats-dashboard/view/admin/admin_profile_type.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "submenu" and "url" parameters to wp-content/plugins/wp-stats-dashboard/view/admin/blocks/submenu.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that "register_globals" is enabled. The vulnerabilities are confirmed in version 2.6.5.1. Prior versions may also be affected. SOLUTION: Update to version 2.6.6.1. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23035: http://www.htbridge.ch/advisory/multiple_xss_in_wp_stats_dashboard.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 15:11:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 00:11:35 +0200 Subject: [SEC] [SA45680] StudioLine Photo Basic NMSDVDX ActiveX Control Insecure Methods Message-ID: <201108182211.p7IMBZrM017742@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: StudioLine Photo Basic NMSDVDX ActiveX Control Insecure Methods SECUNIA ADVISORY ID: SA45680 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45680/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45680 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45680/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45680/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45680 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in StudioLine Photo Basic, which can be exploited by malicious people to potentially compromise a user's system. For more information: SA31936 The vulnerability is reported in version 3.70.34.0. Other versions may also be affected. SOLUTION: Update to version 3.70.38.0 and set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Originally reported by bruiser, Nine Situations Group. Reported in StudioLine Photo Basic by High-Tech Bridge SA. ORIGINAL ADVISORY: http://www.htbridge.ch/advisory/studioline_photo_basic_3_activex_control_insecure_method.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 15:11:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 00:11:48 +0200 Subject: [SEC] [SA45673] WordPress File Groups Plugin "fgid" SQL Injection Vulnerability Message-ID: <201108182211.p7IMBmPU018007@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress File Groups Plugin "fgid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45673 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45673/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45673 RELEASE DATE: 2011-08-18 DISCUSS ADVISORY: http://secunia.com/advisories/45673/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45673/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45673 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the File Groups plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "fgid" parameter to wp-content/plugins/file-groups/download.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.1.2. Prior versions may also be affected. SOLUTION: Update to version 1.1.3. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/wordpress-file-groups-plugin-112-sql.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 15:50:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 00:50:23 +0200 Subject: [SEC] [SA45672] WordPress Contus HD FLV Player Plugin "playid" and "listItem" SQL Injection Vulnerabilities Message-ID: <201108182250.p7IMoNvT008111@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Contus HD FLV Player Plugin "playid" and "listItem" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45672 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45672/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45672 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45672/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45672/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45672 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered multiple vulnerabilities in the Contus HD FLV Player plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "playid" and "listItem" parameters to wp-content/plugins/contus-hd-flv-player/process-sortable.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 1.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/wordpress-contus-hd-flv-player-plugin.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 16:15:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 01:15:10 +0200 Subject: [SEC] [SA45677] Fedora update for zabbix Message-ID: <201108182315.p7INFAtk029622@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for zabbix SECUNIA ADVISORY ID: SA45677 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45677/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45677 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45677/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45677/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45677 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for zabbix. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA45502 SOLUTION: Apply updated packages via the yum utility ("yum update zabbix"). ORIGINAL ADVISORY: FEDORA-2011-10601: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063904.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 16:49:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 01:49:37 +0200 Subject: [SEC] [SA45687] WordPress WP-Stats-Dashboard Plugin "onchange" Cross-Site Scripting Vulnerability Message-ID: <201108182349.p7INnbrj019198@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress WP-Stats-Dashboard Plugin "onchange" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45687 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45687/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45687 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45687/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45687/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45687 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in the WP-Stats-Dashboard plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "onchange" parameter to wp-content/plugins/wp-stats-dashboard/view/admin/blocks/select-trend.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that "register_globals" is enabled. The vulnerability is confirmed in version 2.6.6.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23035: http://www.htbridge.ch/advisory/multiple_xss_in_wp_stats_dashboard.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 17:17:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 02:17:00 +0200 Subject: [SEC] [SA45640] WordPress WP DS FAQ Plugin "id" SQL Injection Vulnerability Message-ID: <201108190017.p7J0H0ZB008414@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress WP DS FAQ Plugin "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45640 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45640/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45640 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45640/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45640/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45640 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the WP DS FAQ plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to wp-content/plugins/wp-ds-faq/ajax.php (when "action" is set to "delete_faqbook") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.3.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/wordpress-wp-ds-faq-plugin-132-sql.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 17:50:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 02:50:11 +0200 Subject: [SEC] [SA45615] FlexNet Publisher License Manager Log File Upload Vulnerability Message-ID: <201108190050.p7J0oBgl030331@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: FlexNet Publisher License Manager Log File Upload Vulnerability SECUNIA ADVISORY ID: SA45615 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45615/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45615 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45615/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45615/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45615 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in FlexNet Publisher, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to unspecified errors within the License Server Managers and vendor daemons related to saving and loading log files. This can be exploited to upload malicious files to an arbitrary location via directory traversal sequences. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 11.10. Other versions may also be affected. SOLUTION: Restrict access to the affected service to trusted hosts only. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma via ZDI. ORIGINAL ADVISORY: FlexNet: http://www.flexerasoftware.com/pl/13057.htm ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-272/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 18:14:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 03:14:54 +0200 Subject: [SEC] [SA45643] WordPress Odihost Newsletter Plugin "id" SQL Injection Vulnerability Message-ID: <201108190114.p7J1Esg1019420@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Odihost Newsletter Plugin "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45643 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45643/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45643 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45643/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45643/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45643 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the Odihost Newsletter plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to wp-content/plugins/odihost-newsletter-plugin/includes/openstat.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/wordpress-odihost-newsletter-plugin-10.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 18:49:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 03:49:08 +0200 Subject: [SEC] [SA45624] Debian update for iceape Message-ID: <201108190149.p7J1n8ie008989@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for iceape SECUNIA ADVISORY ID: SA45624 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45624/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45624 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45624/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45624/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45624 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for iceape. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45667 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2295-1: http://lists.debian.org/debian-security-announce/2011/msg00169.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 19:19:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 04:19:38 +0200 Subject: [SEC] [SA45646] SUSE update for libpng14-14 Message-ID: <201108190219.p7J2Jcnw031257@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for libpng14-14 SECUNIA ADVISORY ID: SA45646 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45646/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45646 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45646/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45646/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45646 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libpng14-14. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA45046 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0915-1: https://hermes.opensuse.org/messages/11255439 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 19:48:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 04:48:45 +0200 Subject: [SEC] [SA45612] Debian update for iceweasel and xulrunner Message-ID: <201108190248.p7J2mjjE020559@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for iceweasel and xulrunner SECUNIA ADVISORY ID: SA45612 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45612/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45612 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45612/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45612/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45612 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for iceweasel and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2296-1: http://lists.debian.org/debian-security-announce/2011/msg00170.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 20:14:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 05:14:27 +0200 Subject: [SEC] [SA45635] SUSE update for libpng12-0 Message-ID: <201108190314.p7J3ER1K009689@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for libpng12-0 SECUNIA ADVISORY ID: SA45635 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45635/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45635 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45635/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45635/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45635 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libpng12-0. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA32418 SA45046 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0916-1: https://hermes.opensuse.org/messages/11259948 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 20:50:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 05:50:19 +0200 Subject: [SEC] [SA45689] Drupal Addresses Module Script Insertion Vulnerability Message-ID: <201108190350.p7J3oJCm031756@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Drupal Addresses Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA45689 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45689/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45689 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45689/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45689/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45689 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Addresses module for Drupal, which can be exploited by malicious people to conduct script insertion attacks. Input passed via certain fields in the account creation form is not properly sanitised in addresses.inc before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires that single line display is enabled. The vulnerability is reported in versions prior to 6.x-1.10. SOLUTION: Update to version 6.x-1.10. PROVIDED AND/OR DISCOVERED BY: The vendor credits David Kinzer. ORIGINAL ADVISORY: SA-CONTRIB-2011-036: http://drupal.org/node/1252392 Drupal: http://drupalcode.org/project/addresses.git/commitdiff/9abcff78c4c0e1dcde822b34987e89f576824107?hp=97e9814b7fd2877c8f85cc82fe46daa9138661d3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 21:15:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 06:15:04 +0200 Subject: [SEC] [SA45683] RSA Adaptive Authentication On-Premise Replay Vulnerability Message-ID: <201108190415.p7J4F4JI020851@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: RSA Adaptive Authentication On-Premise Replay Vulnerability SECUNIA ADVISORY ID: SA45683 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45683/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45683 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45683/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45683/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45683 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RSA Adaptive Authentication, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism, which reuses certain session information. This can be exploited to gain access to a session via replay attacks. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply hot fixes. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-08/att-0127/ESA-2011-027.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 21:48:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 06:48:59 +0200 Subject: [SEC] [SA45634] Free Help Desk Multiple Unspecified Vulnerabilities Message-ID: <201108190448.p7J4mxdj010388@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Free Help Desk Multiple Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA45634 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45634/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45634 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45634/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45634/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45634 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities with an unknown impact have been reported in Free Help Desk. The vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in versions prior to 1.1g. SOLUTION: Update to version 1.1g. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://freshmeat.net/projects/freehelpdesk/tags/fixes OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 18 22:14:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 07:14:57 +0200 Subject: [SEC] [SA45658] Fedora update for libmodplug Message-ID: <201108190514.p7J5EvX8031952@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for libmodplug SECUNIA ADVISORY ID: SA45658 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45658/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45658 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45658/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45658/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45658 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libmodplug. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA45131 SOLUTION: Apply updated packages via the yum utility ("yum update libmodplug"). ORIGINAL ADVISORY: FEDORA-2011-10503: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063786.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 10:34:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 19:34:59 +0200 Subject: [SEC] [SA45647] Ubuntu update for firefox and xulrunner Message-ID: <201108191734.p7JHYxJ2019268@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for firefox and xulrunner SECUNIA ADVISORY ID: SA45647 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45647/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45647 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45647/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45647/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45647 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1184-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-August/001397.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 11:34:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 20:34:24 +0200 Subject: [SEC] [SA45662] Notepad++ NppFTP Plugin "LIST" Processing Vulnerability Message-ID: <201108191834.p7JIYO6U010117@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Notepad++ NppFTP Plugin "LIST" Processing Vulnerability SECUNIA ADVISORY ID: SA45662 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45662/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45662 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45662/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45662/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45662 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Notepad++, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the NppFTP plugin when handling "LIST" responses, which can be exploited by tricking a user into connecting to a malicious FTP server. The vulnerability is confirmed in NppFTP version 0.2.3.0 included in Notepad++ 5.9.3. Other versions may also be affected. SOLUTION: Connect to trusted FTP servers only. PROVIDED AND/OR DISCOVERED BY: 0in (Maksymilian Motyl) ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17676/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 12:37:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 21:37:04 +0200 Subject: [SEC] [SA45602] BACnet Operator Workstation TeeChart Pro ActiveX Control Array Indexing Vulnerability Message-ID: <201108191937.p7JJb4Ml001090@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: BACnet Operator Workstation TeeChart Pro ActiveX Control Array Indexing Vulnerability SECUNIA ADVISORY ID: SA45602 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45602/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45602 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45602/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45602/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45602 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BACnet Operator Workstation, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the TeeChart Pro ActiveX control. For more information: SA45547 The vulnerability is reported in version 1.0.76. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Steven Seeley, stratsec ORIGINAL ADVISORY: http://www.stratsec.net/Research/Advisories/TeeChart-Professional-Integer-Overflow OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 13:35:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 22:35:36 +0200 Subject: [SEC] [SA45702] BusyBox "unpack_Z_stream()" Buffer Underflow Vulnerability Message-ID: <201108192035.p7JKZawI024361@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: BusyBox "unpack_Z_stream()" Buffer Underflow Vulnerability SECUNIA ADVISORY ID: SA45702 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45702/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45702 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45702/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45702/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45702 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BusyBox, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. The vulnerability is caused due to a boundary error within the "unpack_Z_stream()" function (archival/libarchive/decompress_uncompress.c) and can be exploited to cause a buffer underflow via a specially crafted datastream. This is related to: SA21427 The vulnerability is reported in version 1.18.5. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Originally reported in ncompress by Tavis Ormandy. ORIGINAL ADVISORY: http://git.busybox.net/busybox/diff/archival/libarchive/decompress_uncompress.c?id=251fc70e9722f931eec23a34030d05ba5f747b0e OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 14:29:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 23:29:04 +0200 Subject: [SEC] [SA45705] Stunnel Unspecified Heap Corruption Vulnerability Message-ID: <201108192129.p7JLT4pd014899@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Stunnel Unspecified Heap Corruption Vulnerability SECUNIA ADVISORY ID: SA45705 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45705/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45705 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45705/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45705/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45705 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Stunnel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an unspecified error and can be exploited to corrupt heap memory. The vulnerability is reported in versions 4.40 and 4.41. SOLUTION: Update to version 4.42. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.stunnel.org/pipermail/stunnel-announce/2011-August/000059.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 14:50:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 19 Aug 2011 23:50:25 +0200 Subject: [SEC] [SA45620] Adobe ColdFusion "name" Cross-Site Scripting Vulnerability Message-ID: <201108192150.p7JLoPMm003816@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Adobe ColdFusion "name" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45620 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45620/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45620 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45620/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45620/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45620 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: G.R0b1n has discovered a vulnerability in Adobe ColdFusion, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "name" parameter to probe.cfm is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the victim uses the system hosting the application. The vulnerability is confirmed in version 9.0.1.274733. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while using the application. PROVIDED AND/OR DISCOVERED BY: G.R0b1n ORIGINAL ADVISORY: http://www.focusecurity.org/2011/08/ColdFusion-Local-Parameter-Xss-Exploit.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 15:15:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 00:15:19 +0200 Subject: [SEC] [SA45684] WordPress Global Content Blocks Plugin "gcb" SQL Injection Vulnerability Message-ID: <201108192215.p7JMFJ79025330@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Global Content Blocks Plugin "gcb" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45684 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45684/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45684 RELEASE DATE: 2011-08-19 DISCUSS ADVISORY: http://secunia.com/advisories/45684/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45684/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45684 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the Global Content Blocks plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "gcb" parameter to wp-content/plugins/global-content-blocks/gcb/gcb_export.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.2. Prior versions may also be affected. SOLUTION: Update to version 1.3. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: Global Content Blocks: http://wordpress.org/extend/plugins/global-content-blocks/changelog/ Miroslav Stampar: http://unconciousmind.blogspot.com/2011/08/wordpress-global-content-blocks-plugin.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 15:49:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 00:49:55 +0200 Subject: [SEC] [SA45674] WordPress Menu Creator Plugin "menu_id" SQL Injection Vulnerability Message-ID: <201108192249.p7JMntZp014917@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Menu Creator Plugin "menu_id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45674 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45674/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45674 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45674/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45674/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45674 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the Menu Creator plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "menu_id" parameter to wp-content/plugins/wp-menu-creator/updateSortOrder.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.1.7. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/wordpress-menu-creator-plugin-117-sql.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 16:15:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 01:15:26 +0200 Subject: [SEC] [SA45701] OTRS AdminPackageManager.pm File Disclosure Vulnerability Message-ID: <201108192315.p7JNFQSd004027@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: OTRS AdminPackageManager.pm File Disclosure Vulnerability SECUNIA ADVISORY ID: SA45701 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45701/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45701 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45701/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45701/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45701 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in OTRS, which can be exploited by malicious users to disclose potentially sensitive information. The vulnerability is caused due to an error within the Kernel/Modules/AdminPackageManager.pm script, which can be exploited to disclose arbitrary local files. Successful exploitation requires administrator permissions and that at least one OTRS package is installed. The vulnerability is reported in versions prior to 2.4.11 and 3.0.10. SOLUTION: Update to versions 2.4.11 or 3.0.10. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://otrs.org/advisory/OSA-2011-03-en/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 16:49:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 01:49:47 +0200 Subject: [SEC] [SA45645] phpMyRealty "seed" SQL Injection Vulnerability Message-ID: <201108192349.p7JNnleZ026030@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: phpMyRealty "seed" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45645 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45645/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45645 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45645/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45645/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45645 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in phpMyRealty, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "seed" parameter to search.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 3.3.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: H4T$A OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 17:17:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 02:17:20 +0200 Subject: [SEC] [SA45691] SRWare Iron Multiple Vulnerabilities Message-ID: <201108200017.p7K0HKj0015280@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SRWare Iron Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45691 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45691/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45691 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45691/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45691/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45691 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in SRWare Iron, where some have an unknown impact while others can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, and compromise a user's system. For more information: SA45498 SOLUTION: Update to version 13.0.800.0. ORIGINAL ADVISORY: http://www.srware.net/forum/viewtopic.php?f=18&t=2552 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 17:50:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 02:50:08 +0200 Subject: [SEC] [SA45699] Red Hat update for dovecot Message-ID: <201108200050.p7K0o8Em004748@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for dovecot SECUNIA ADVISORY ID: SA45699 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45699/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45699 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45699/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45699/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45699 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44683 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1187-1: http://rhn.redhat.com/errata/RHSA-2011-1187.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 18:13:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 03:13:56 +0200 Subject: [SEC] [SA45703] EMC AutoStart Multiple Buffer Overflow Vulnerabilities Message-ID: <201108200113.p7K1Dut0026217@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: EMC AutoStart Multiple Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA45703 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45703/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45703 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45703/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45703/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45703 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in EMC Autostart, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerabilities are caused due to unspecified errors and can be exploited to cause buffer overflows via specially crafted messages. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 5.4.1. SOLUTION: Update to version 5.4.1 available via Powerlink. PROVIDED AND/OR DISCOVERED BY: The vendor credits Sebastian Apelt via ZDI. ORIGINAL ADVISORY: ESA-2011-025: http://archives.neohapsis.com/archives/bugtraq/2011-08/att-0144/ESA-2011-025.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 18:49:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 03:49:05 +0200 Subject: [SEC] [SA45654] Fedora update for foomatic Message-ID: <201108200149.p7K1n5FE015842@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for foomatic SECUNIA ADVISORY ID: SA45654 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45654/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45654 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45654/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45654/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45654 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for foomatic. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45196 SOLUTION: Apply updated packages via the yum utility ("yum update foomatic"). ORIGINAL ADVISORY: FEDORA-2011-9575: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063874.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 19:27:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 04:27:04 +0200 Subject: [SEC] [SA45619] Multiple Question - Multiple Choice Online Questionaire (ASP) "Q" and "A" SQL Injections Message-ID: <201108200227.p7K2R4Od006078@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Multiple Question - Multiple Choice Online Questionaire (ASP) "Q" and "A" SQL Injections SECUNIA ADVISORY ID: SA45619 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45619/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45619 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45619/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45619/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45619 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Multiple Question - Multiple Choice Online Questionaire (ASP), which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "Q" and "A" parameters in index.asp is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: L0rd CrusAd3r aka VSN ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104105/cwmq-sql.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 19:53:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 04:53:37 +0200 Subject: [SEC] [SA45648] Ruby on Rails Multiple Vulnerabilities Message-ID: <201108200253.p7K2rbsB027670@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ruby on Rails Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45648 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45648/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45648 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45648/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45648/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45648 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Ruby on Rails, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP response splitting attacks, and conduct SQL injection attacks. 1) Input passed to the "quote_table_name" method is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary code. 2) An error within the template selection mechanism can be exploited to force the application to render using a restricted view. Successful exploitation requires that the application uses "action:" within its routes. Note: This vulnerability only affects version 3.0.0 and later. 3) The content type handling does not properly sanitise certain input before returning it to the user. This can be exploited to insert arbitrary HTTP headers, which are included in a response sent to the user. Note: This vulnerability only affects version 2.3.x. 4) The "strip_tags" function does not properly sanitise certain input, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 5) The escaping mechanism does not properly handle certain Unicode sequences, which can be exploited to bypass the escaping mechanism and e.g. conduct cross-site scripting attacks. SOLUTION: Update to version 2.3.14 or 3.0.10. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. The vendor credits: 2) Jan M. Faber, supersaas 3) Brent Miller, New Relic 4) Sascha Depold 5) Akira Matsuda and Falk K?ppe ORIGINAL ADVISORY: http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6a1e473744bc389b http://groups.google.com/group/rubyonrails-security/browse_thread/thread/3420ac71aed312d6 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6ffc93bde0298768 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b9130749b74ea12 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/56bffb5923ab1195 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 20:17:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 05:17:45 +0200 Subject: [SEC] [SA45657] Fedora update for samba Message-ID: <201108200317.p7K3Hj5p016743@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for samba SECUNIA ADVISORY ID: SA45657 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45657/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45657 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45657/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45657/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45657 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for samba. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. For more information: SA45393 SOLUTION: Apply updated packages via the yum utility ("yum update samba"). ORIGINAL ADVISORY: FEDORA-2011-10367: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063791.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 20:51:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 05:51:56 +0200 Subject: [SEC] [SA45659] Fedora update for cgit Message-ID: <201108200351.p7K3puKE006280@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for cgit SECUNIA ADVISORY ID: SA45659 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45659/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45659 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45659/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45659/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45659 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for cgit. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks. For more information: SA45358 SOLUTION: Apply updated packages via the yum utility ("yum update cgit"). ORIGINAL ADVISORY: FEDORA-2011-9588: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063762.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 21:17:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 06:17:36 +0200 Subject: [SEC] [SA45667] Mozilla SeaMonkey Multiple Vulnerabilities Message-ID: <201108200417.p7K4HaSa027844@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Mozilla SeaMonkey Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45667 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45667/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45667 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45667/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45667/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45667 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45581 The vulnerabilities are reported in versions prior to 2.3. SOLUTION: Update to version 2.3. PROVIDED AND/OR DISCOVERED BY: 3, 4) James Forshaw, Context Information Security Ltd 5) regenrecht via ZDI The vendor credits: 1) Aral Yaman, Vivekanand Bolajwar, and Bert Hubert and Theo Snelleman, Fox-IT 2) Rafael Gieschke 6) Mike Cardwell and Daniel Veditz 7) nasalislarvatus3000 ORIGINAL ADVISORY: Mozilla (MFSA 2011-33): http://www.mozilla.org/security/announce/2011/mfsa2011-33.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-270/ Context Information Security Ltd: http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0200.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 21:55:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 06:55:29 +0200 Subject: [SEC] [SA45581] Mozilla Firefox / Thunderbird Multiple Vulnerabilities Message-ID: <201108200455.p7K4tTQo017581@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Mozilla Firefox / Thunderbird Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45581 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45581/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45581 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45581/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45581/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45581 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. 1) Some unspecified errors can be exploited to corrupt memory. No further information is currently available. 2) An error in the handling of JAR file permissions can be exploited to manipulate signed JAR files and execute arbitrary JavaScript code in the context of another site. NOTE: This vulnerability does not affect Mozilla Thunderbird. 3) An error within WebGL can be exploited to cause a heap-based buffer overflow by passing an overly string to the ShaderSource method. 4) An error within the shader pre-processor of WebGL's ANGLE library can be exploited to cause a heap-based buffer overflow via programs with a large amount of pre-processing elements. 5) A use-after-free error exists within the "SVGTextElement.getCharNumAtPosition()" function when traversing the SVG container hierarchy. 6) An error within Content Security Policy can lead to proxy authorization credentials being leaked or hosts being resolved incorrectly. NOTE: This vulnerability does not affect Mozilla Thunderbird. 7) An error within Windows D2D hardware acceleration can be exploited to bypass the same-origin policy and read data from a different domain. SOLUTION: Upgrade to version 6. PROVIDED AND/OR DISCOVERED BY: 3, 4) James Forshaw, Context Information Security Ltd 5) regenrecht via ZDI The vendor credits: 1) Aral Yaman, Vivekanand Bolajwar, and Bert Hubert and Theo Snelleman, Fox-IT 2) Rafael Gieschke 6) Mike Cardwell and Daniel Veditz 7) nasalislarvatus3000 ORIGINAL ADVISORY: Mozilla (MFSA 2011-29, MFSA 2011-31): http://www.mozilla.org/security/announce/2011/mfsa2011-29.html http://www.mozilla.org/security/announce/2011/mfsa2011-31.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-270/ Context Information Security Ltd: http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0200.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 19 22:18:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 20 Aug 2011 07:18:15 +0200 Subject: [SEC] [SA45666] Mozilla Firefox / Thunderbird Multiple Vulnerabilities Message-ID: <201108200518.p7K5IFto006561@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Mozilla Firefox / Thunderbird Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45666 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45666/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45666 RELEASE DATE: 2011-08-20 DISCUSS ADVISORY: http://secunia.com/advisories/45666/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45666/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45666 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. 1) Some unspecified errors can be exploited to corrupt memory. No further information is currently available. 2) An error exists within the "SVGTextElement.getCharNumAtPosition()" function. For more information see vulnerability #5 in: SA45581 3) An error within the event management code can be exploited to execute arbitrary JavaScript with chrome privileges. 4) A use-after-free error within the handling of the ".appendChild()" method when importing certain objects can be exploited to can be exploited to dereference an invalid pointer. 5) An error when dropping a tab element in content areas can be exploited to execute arbitrary code with chrome privileges. 6) The "ThinkPadSensor::Startup()" function loads libraries in an insecure manner and can be exploited to load arbitrary libraries by tricking a user into opening a specially crafted file located on a remote WebDAV or SMB share. 7) An error when handling the "RegExp.input()" function can be exploited to read data from other domains. The vulnerabilities are reported in the following products: * Mozilla Firefox versions prior to 3.6.20 * Mozilla Thunderbird versions prior to 3.1.12. SOLUTION: Update to Firefox version 3.6.20 or Thunderbird version 3.1.12. PROVIDED AND/OR DISCOVERED BY: 2, 4) regenrecht via ZDI 6) Mitja Kolsek, ACROS Security The vendor credits: 1) Gary Kwong, Igor Bukanov, Nils, and Bob Clary 3, 5) moz_bug_r_a_4 7) shutdown ORIGINAL ADVISORY: Mozilla (MFSA 2011-30, MFSA 2011-32): http://www.mozilla.org/security/announce/2011/mfsa2011-30.html http://www.mozilla.org/security/announce/2011/mfsa2011-32.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-270/ http://www.zerodayinitiative.com/advisories/ZDI-11-271/ ACROS Security: http://www.acrossecurity.com/aspr/ASPR-2011-08-18-1-PUB.txt http://www.acrossecurity.com/aspr/ASPR-2011-08-18-2-PUB.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 10:36:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 22 Aug 2011 19:36:00 +0200 Subject: [SEC] [SA45730] WordPress UnGallery Plugin "pic", "zip", and "movie" File Disclosure Vulnerabilities Message-ID: <201108221736.p7MHa0NC015754@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress UnGallery Plugin "pic", "zip", and "movie" File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA45730 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45730/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45730 RELEASE DATE: 2011-08-22 DISCUSS ADVISORY: http://secunia.com/advisories/45730/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45730/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45730 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities has been discovered in the UnGallery plugin for WordPress, which can be exploited by malicious people to disclose potentially sensitive information. 1) Input passed to the "zip" parameter in source.php is not properly verified before being used to read files. This can be exploited to disclose arbitrary files from local resources. The vulnerability is confirmed in version 1.5.7. Prior versions may also be affected. 2) Input passed to the "pic" and "movie" parameters in source.php is not properly verified before being used to read files. This can be exploited to disclose arbitrary files from local resources. The vulnerabilities are confirmed in version 1.5.8. Prior versions may also be affected. SOLUTION: Update to version 1.5.9. PROVIDED AND/OR DISCOVERED BY: 1) Disclosed in a repository commit 2) Miroslav Stampar ORIGINAL ADVISORY: Miroslav Stampar: http://www.exploit-db.com/exploits/17704/ UnGallery Repository: http://plugins.trac.wordpress.org/changeset?reponame=&new=400553%40ungallery&old=397601%40ungallery http://plugins.trac.wordpress.org/changeset?reponame=&new=426578%40ungallery&old=400553%40ungallery UnGallery Changelog: http://wordpress.org/extend/plugins/ungallery/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 11:33:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 22 Aug 2011 20:33:48 +0200 Subject: [SEC] [SA45706] WordPress WP Symposium Plugin "uid" SQL Injection Vulnerability Message-ID: <201108221833.p7MIXm49006515@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress WP Symposium Plugin "uid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45706 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45706/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45706 RELEASE DATE: 2011-08-22 DISCUSS ADVISORY: http://secunia.com/advisories/45706/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45706/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45706 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been confirmed in the WP Symposium plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "uid" parameter in uploadify/get_profile_avatar.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 0.64. Prior versions may also be affected. SOLUTION: Update to version 11.8.18. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: Miroslav Stampar: http://www.exploit-db.com/exploits/17679 WP Symposion Changelog: http://wordpress.org/extend/plugins/wp-symposium/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 12:33:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 22 Aug 2011 21:33:49 +0200 Subject: [SEC] [SA45688] Debian icedove Multiple Vulnerabilities Message-ID: <201108221933.p7MJXn2n029826@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian icedove Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45688 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45688/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45688 RELEASE DATE: 2011-08-22 DISCUSS ADVISORY: http://secunia.com/advisories/45688/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45688/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45688 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has acknowledged multiple vulnerabilities in icedove, which an be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: The vendor recommends an upgrade to Debian GNU/Linux 6.0 (squeeze) or the use of a different mail client. ORIGINAL ADVISORY: DSA-2297-1: http://lists.debian.org/debian-security-announce/2011/msg00171.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 13:33:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 22 Aug 2011 22:33:53 +0200 Subject: [SEC] [SA45718] Debian update for icedove Message-ID: <201108222033.p7MKXrRG020722@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for icedove SECUNIA ADVISORY ID: SA45718 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45718/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45718 RELEASE DATE: 2011-08-22 DISCUSS ADVISORY: http://secunia.com/advisories/45718/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45718/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45718 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for icedove. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2297-1: http://lists.debian.org/debian-security-announce/2011/msg00171.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 14:28:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 22 Aug 2011 23:28:57 +0200 Subject: [SEC] [SA45693] Total Shop UK eCommerce URL SQL Injection Vulnerability Message-ID: <201108222128.p7MLSvxc011350@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Total Shop UK eCommerce URL SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45693 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45693/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45693 RELEASE DATE: 2011-08-22 DISCUSS ADVISORY: http://secunia.com/advisories/45693/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45693/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45693 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Total Shop UK eCommerce, which can be exploited by malicious people to conduct SQL injection attacks. Input appended to the URL is not properly sanitised in the "c()" function in application/controllers/products.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104247/totalshopuk-sql.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 14:49:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 22 Aug 2011 23:49:19 +0200 Subject: [SEC] [SA45678] PHP "crypt()" MD5 Salt Security Issue Message-ID: <201108222149.p7MLnJ3t032643@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: PHP "crypt()" MD5 Salt Security Issue SECUNIA ADVISORY ID: SA45678 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45678/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45678 RELEASE DATE: 2011-08-22 DISCUSS ADVISORY: http://secunia.com/advisories/45678/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45678/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45678 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in PHP, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the "crypt()" function only returning the salt when generating salted MD5 hashes and may render e.g. authentication mechanisms relying on the correctness of the "crypt()" function ineffective. The security issue is reported in version 5.3.7. SOLUTION: Fixed in the SVN repository. PROVIDED AND/OR DISCOVERED BY: jo, feuersee.de ORIGINAL ADVISORY: http://www.php.net/archive/2011.php#id2011-08-22-1 https://bugs.php.net/bug.php?id=55439 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 15:16:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 00:16:41 +0200 Subject: [SEC] [SA45731] WordPress SEO Ultimate Plugin "_su_rich_snippet_review_item" Script Insertion Vulnerability Message-ID: <201108222216.p7MMGfEf021871@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress SEO Ultimate Plugin "_su_rich_snippet_review_item" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA45731 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45731/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45731 RELEASE DATE: 2011-08-22 DISCUSS ADVISORY: http://secunia.com/advisories/45731/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45731/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45731 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the SEO Ultimate plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the "_su_rich_snippet_review_item" parameter to wp-admin/post.php (when editing a post) is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires permission to edit posts. The vulnerability is confirmed in version 6.9.1. Prior versions may also be affected. SOLUTION: Update to version 6.9.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://wordpress.org/extend/plugins/seo-ultimate/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 15:48:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 00:48:07 +0200 Subject: [SEC] [SA45649] LedgerSMB Unspecified SQL Injection Vulnerability Message-ID: <201108222248.p7MMm79N011298@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: LedgerSMB Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45649 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45649/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45649 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45649/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45649/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45649 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in LedgerSMB, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.2.24 and prior. SOLUTION: Update to version 1.2.25. Scheduled to be released August 22, 2011. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ledgersmb.org/node/460601 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 16:14:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 01:14:55 +0200 Subject: [SEC] [SA45724] OneFileCMS "p" Cross-Site Scripting Vulnerability Message-ID: <201108222314.p7MNEt13000468@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: OneFileCMS "p" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45724 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45724/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45724 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45724/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45724/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45724 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: mr.pr0n has discovered a vulnerability in OneFileCMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "p" parameter to onefilecms.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.1.1. Prior versions may also be affected. SOLUTION: Update to version 1.1.2. PROVIDED AND/OR DISCOVERED BY: mr.pr0n ORIGINAL ADVISORY: http://ghostinthelab.wordpress.com/2011/08/21/onefilecms-v-1-1-1-from-xss-to-shell/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 16:48:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 01:48:36 +0200 Subject: [SEC] [SA45739] DV Cart "keyword" SQL Injection Vulnerability Message-ID: <201108222348.p7MNma0I022479@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: DV Cart "keyword" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45739 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45739/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45739 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45739/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45739/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45739 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in DV Cart, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "keyword" parameter to index.php (when "mod" is set to "search") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 17:16:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 02:16:00 +0200 Subject: [SEC] [SA45704] SUSE update for xen Message-ID: <201108230016.p7N0G0db011704@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for xen SECUNIA ADVISORY ID: SA45704 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45704/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45704 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45704/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45704/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45704 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for xen. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the Xen hypervisor implementation and can be exploited to crash a guest virtual machine. Note: This vulnerability only affects Intel x86 processors with enabled Intel VT-x extension. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0925-1: https://hermes.opensuse.org/messages/11336538 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 17:48:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 02:48:25 +0200 Subject: [SEC] [SA45707] Ubuntu update for kernel Message-ID: <201108230048.p7N0mPBf001157@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA45707 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45707/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45707 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45707/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45707/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45707 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive and certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA43496 SA43537 SA43576 SA43841 SA43846 SA44466 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1189-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-August/001398.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 18:13:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 03:13:52 +0200 Subject: [SEC] [SA45566] Domain Technologie Control Multiple Vulnerabilities Message-ID: <201108230113.p7N1Dqo1022771@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Domain Technologie Control Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45566 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45566/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45566 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45566/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45566/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45566 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple security issues and vulnerabilities have been reported in Domain Technologie Control, which can be exploited by malicious, local users to disclose sensitive information and gain escalated privileges, and by malicious users to conduct script insertion attacks, conduct SQL injection attacks, and compromise a vulnerable system. 1) Input passed via the "tunable_name" parameter in shared/inc/sql/lists.php is not properly sanitised before being used in a call to "exec()". This can be exploited to inject and execute arbitrary shell commands. 2) The setup script does not properly change the permissions of the "/etc/apache2/apache2.conf" file, which can be exploited to e.g. disclose the password of the "dtcdaemons" MySQL user. 3) Input passed via the "addrlink" parameter in shared/inc/forms/domain_info.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 4) The application passes passwords as command line parameter to the "htpasswd" utility. This can be exploited to disclose the password via e.g. the "ps" command. 5) Certain input is not properly sanitised before being displayed to the user in the DNS and MX screen. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 6) Input passed via the "pkg" parameter to the package installer is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks. 7) Input passed via the "vps_node" parameter to admin/logPushlet.php and client/logPushlet.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 8) The installer script incorrectly gives sudo access to the "dtc" user, which can be exploited to gain escalated privileges. SOLUTION: Update to version 0.34.1. PROVIDED AND/OR DISCOVERED BY: 1, 2, 3, 4, 5, 6) Ansgar Burchardt 7, 8) Mike O'Connor ORIGINAL ADVISORY: http://www.gplhost.sg/lists/dtcdev/msg02345.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637477 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637485 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637537 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637584 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637629 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637618 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 18:48:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 03:48:21 +0200 Subject: [SEC] [SA45720] Fedora update for bugzilla Message-ID: <201108230148.p7N1mLqQ012351@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for bugzilla SECUNIA ADVISORY ID: SA45720 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45720/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45720 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45720/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45720/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45720 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for bugzilla. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain access to potentially sensitive information and by malicious users to disclose potentially sensitive information, conduct script insertion and spoofing attacks. For more information: SA45501 SOLUTION: Apply updated packages via the yum utility ("yum update bugzilla"). ORIGINAL ADVISORY: FEDORA-2011-10413: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063967.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 19:21:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 04:21:54 +0200 Subject: [SEC] [SA45663] Pidgin Denial of Service Weaknesses and "file://" Security Issue Message-ID: <201108230221.p7N2LsF8002353@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Pidgin Denial of Service Weaknesses and "file://" Security Issue SECUNIA ADVISORY ID: SA45663 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45663/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45663 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45663/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45663/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45663 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two weaknesses and a security issue have been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. 1) An error within the IRC protocol plugin when handling WHO responses with certain characters in the nickname can be exploited to cause a NULL pointer dereference. 2) An error within the MSN protocol plugin when parsing HTTP 100 responses can be exploited to crash the application. Successful exploitation of this weakness requires that the HTTP connection method is enabled (disabled by default) and that a malicious server is used. 3) The application executes "file://" URIs when clicked, which can be exploited by e.g. tricking a user into clicking a "file://" URI pointing to a malicious executable on a remote network share. Note: This security issue affects the Windows platform only. SOLUTION: Update to version 2.10.0. PROVIDED AND/OR DISCOVERED BY: 3) James Burton, Insomnia Security The vendor credits: 1) Djego Ibanez, Gamistry 2) Marius Wachtler ORIGINAL ADVISORY: Pidgin: http://pidgin.im/news/security/?id=53 http://pidgin.im/news/security/?id=54 http://pidgin.im/news/security/?id=55 Insomnia Security: http://www.insomniasec.com/advisories/ISVA-110822.1.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 19:48:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 04:48:51 +0200 Subject: [SEC] [SA45708] SAP NetWeaver "server" Cross-Site Scripting Vulnerability Message-ID: <201108230248.p7N2mplB024011@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SAP NetWeaver "server" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45708 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45708/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45708 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45708/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45708/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45708 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Dmitriy Evdokimov has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "server" parameter to the RetrieveMailExamples servlet is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Apply fixes. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Dmitriy Evdokimov, Digital Security Research Group (DSecRG). ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1553292 Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=330 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 20:13:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 05:13:35 +0200 Subject: [SEC] [SA45723] EasySiteEdit "langval" Remote File Inclusion Vulnerability Message-ID: <201108230313.p7N3DZ47013130@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: EasySiteEdit "langval" Remote File Inclusion Vulnerability SECUNIA ADVISORY ID: SA45723 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45723/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45723 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45723/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45723/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45723 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in EasySiteEdit, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "langval" parameter in sublink.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or remote resources. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: koskesh jakesh ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17705/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 22 20:48:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 05:48:07 +0200 Subject: [SEC] [SA45676] HP Easy Printer Care HPTicketMgr ActiveX Control "SaveXML()" Insecure Method Message-ID: <201108230348.p7N3m7Hh002682@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: HP Easy Printer Care HPTicketMgr ActiveX Control "SaveXML()" Insecure Method SECUNIA ADVISORY ID: SA45676 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45676/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45676 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45676/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45676/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45676 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Easy Printer Care Software, which can be exploited by malicious people to compromise a user' system. The vulnerability is caused due an input validation error in the "SaveXML()" method of the XMLSimpleAccessor class (HPTicketMgr.dll). This can be exploited to create arbitrary files using directory traversal sequences by e.g. tricking a user into visiting a specially crafted website. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 2.5 and prior bundling HPTicketMgr.dll. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi aka rgod via ZDI. ORIGINAL ADVISORY: HPSBPI02698 SSRT100404: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02949847 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-261/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 10:40:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 19:40:47 +0200 Subject: [SEC] [SA45722] Cisco IOS Data-Link Switching Denial of Service Vulnerability Message-ID: <201108231740.p7NHelCR000471@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco IOS Data-Link Switching Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45722 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45722/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45722 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45722/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45722/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45722 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error related to Data-Link Switching and can be exploited to cause a crash by sending a series of specially crafted packets within a narrow time frame. Successful exploitation requires certain unspecified conditions to be set. The vulnerability is reported in version 12.2, 12.3, 12.4, 15.0, and 15.1. SOLUTION: Update to a fixed version. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco (CSCtf74999): http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtf74999 http://www.cisco.com/en/US/docs/cable/cmts/release/notes/12_2sc/uBR7200/122_33_SCF/caveats.html http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SY/release/notes/ol_20679.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 11:38:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 20:38:52 +0200 Subject: [SEC] [SA45633] AzeoTech DAQFactory Unspecified Denial of Service Vulnerability Message-ID: <201108231838.p7NIcqmY023772@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: AzeoTech DAQFactory Unspecified Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45633 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45633/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45633 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45633/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45633/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45633 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in AzeoTech DAQFactory, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error related to certain network features and can be exploited to cause a crash. The vulnerability is reported in versions prior to 5.85 build 1842. SOLUTION: Update to version 5.85 build 1842. PROVIDED AND/OR DISCOVERED BY: nSense via ICS-CERT. ORIGINAL ADVISORY: AzeoTech: http://www.azeotech.com/revisionhistory.php ISC-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-11-122-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 12:36:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 21:36:08 +0200 Subject: [SEC] [SA45729] Yaxal URL Cross-Site Scripting Vulnerability Message-ID: <201108231936.p7NJa8ju014564@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Yaxal URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45729 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45729/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45729 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45729/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45729/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45729 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Yaxal, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after yaxal_products.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104311/yaxalshop-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 13:37:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 22:37:49 +0200 Subject: [SEC] [SA45686] IBM WebSphere Service Registry and Repository "User-Agent" HTTP Header Script Insertion Message-ID: <201108232037.p7NKbnCS005572@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: IBM WebSphere Service Registry and Repository "User-Agent" HTTP Header Script Insertion SECUNIA ADVISORY ID: SA45686 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45686/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45686 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45686/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45686/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45686 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere Service Registry and Repository, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "User-Agent" HTTP header to agentDetect.jsp is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is reported in versions prior to 6.3.0.5, 7.0.0.5, and 7.5.0.1. SOLUTION: Update to version 6.3.0.5 or later, 7.0.0.5 or later, or 7.5.0.1 or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: ISS X-Force: http://xforce.iss.net/xforce/xfdb/69040 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 14:28:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 23:28:29 +0200 Subject: [SEC] [SA45757] Fedora update for nip2 and vips Message-ID: <201108232128.p7NLSTHY028450@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for nip2 and vips SECUNIA ADVISORY ID: SA45757 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45757/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45757 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45757/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45757/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45757 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for nip2 and vips. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA41997 SOLUTION: Apply updated packages via the yum utility ("yum update nip2 vips"). ORIGINAL ADVISORY: FEDORA-2011-10781: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064372.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064373.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 14:51:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 23 Aug 2011 23:51:03 +0200 Subject: [SEC] [SA45761] Cisco IOS SSH2 Sessions Denial of Service Security Issue Message-ID: <201108232151.p7NLp3VP017501@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco IOS SSH2 Sessions Denial of Service Security Issue SECUNIA ADVISORY ID: SA45761 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45761/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45761 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45761/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45761/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45761 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The security issue is caused due to an unspecified error related to a custom login banner and SSH2 sessions. This can be exploited to reload the device by establishing two SSH2 sessions. Successful exploitation requires that a customized login banner is configured by using the banner login message global configuration command. The security issue is reported in version 12.2(58)SE. SOLUTION: Update to version 12.2(58)SE1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco (CSCto62631): http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCto62631 http://www.cisco.com/en/US/docs/switches/lan/cisco_ie3000/software/release/12.2_58_se/release/notes/OL24335.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 15:14:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 00:14:53 +0200 Subject: [SEC] [SA45750] Fedora update for gimp Message-ID: <201108232214.p7NMEr7a006598@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for gimp SECUNIA ADVISORY ID: SA45750 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45750/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45750 RELEASE DATE: 2011-08-23 DISCUSS ADVISORY: http://secunia.com/advisories/45750/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45750/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45750 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system. For more information: SA45621 SOLUTION: Apply updated packages via the yum utility ("yum update gimp"). ORIGINAL ADVISORY: FEDORA-2011-10782: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064398.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 15:51:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 00:51:57 +0200 Subject: [SEC] [SA45617] Allomani Audio & Video Library "msg_id" SQL Injection Vulnerability Message-ID: <201108232251.p7NMpvoD028785@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Allomani Audio & Video Library "msg_id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45617 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45617/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45617 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45617/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45617/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45617 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Allomani Audio & Video Library, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "msg_id" parameter to usercp.php (when "action" is set to "msg_reply") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires a user account. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: ahwak2000 ORIGINAL ADVISORY: http://www.exploit-id.com/web-applications/allomani-songs-clips-2-x-msg_id-blind-sql-injection-exploit OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 16:17:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 01:17:10 +0200 Subject: [SEC] [SA45717] WordPress WP Events Calendar Plugin "EC_id" Cross-Site Scripting Vulnerability Message-ID: <201108232317.p7NNHA6g017979@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress WP Events Calendar Plugin "EC_id" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45717 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45717/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45717 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45717/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45717/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45717 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the WP Events Calendar plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "EC_id" parameter to wp-admin/admin.php (when "page" is set to "events-calendar" and "EC_action" is set to "edit") is not properly sanitised in wp-content/plugins/events-calendar/ec_management.class.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 6.7.11. Prior versions may also be affected. SOLUTION: Update to version 6.7.12a. PROVIDED AND/OR DISCOVERED BY: The vendor credits High-Tech Bridge SA. ORIGINAL ADVISORY: WP Events Calendar: http://www.wp-eventscalendar.com/2011/08/22/security-update/ http://wordpress.org/extend/plugins/events-calendar/changelog/ http://plugins.trac.wordpress.org/changeset?reponame=&new=427121%40events-calendar&old=425000%40events-calendar OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 16:49:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 01:49:16 +0200 Subject: [SEC] [SA45694] Ubuntu update for libwebkit Message-ID: <201108232349.p7NNnG2K007496@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for libwebkit SECUNIA ADVISORY ID: SA45694 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45694/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45694 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45694/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45694/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45694 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libwebkit. This fixes a weakness and multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA40479 SA40743 SA41014 SA41242 SA41390 SA41888 SA42109 SA42264 SA42472 SA42605 SA42850 SA43193 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1195-1: http://www.ubuntu.com/usn/usn-1195-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 17:17:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 02:17:14 +0200 Subject: [SEC] [SA45751] Fedora update for kernel Message-ID: <201108240017.p7O0HEJC029254@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA45751 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45751/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45751 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45751/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45751/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45751 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and to potentially gain escalated privileges and by malicious people to potentially compromise a vulnerable system. For more information: SA44220 SA45193 SA45489 SA44754 SOLUTION: Apply updated packages via the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2011-11103: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064393.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 17:51:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 02:51:24 +0200 Subject: [SEC] [SA45755] Fedora update for firefox, thunderbird, thunderbird-lightning, and xulrunner Message-ID: <201108240051.p7O0pOCG018886@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for firefox, thunderbird, thunderbird-lightning, and xulrunner SECUNIA ADVISORY ID: SA45755 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45755/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45755 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45755/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45755/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45755 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued updates for firefox, thunderbird, thunderbird-lightning, and xulrunner. These fix multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Apply updated packages via the yum utility ("yum update firefox thunderbird thunderbird-lightning Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: FEDORA-2011-11084: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064383.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064390.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064386.html http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064384.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 18:15:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 03:15:57 +0200 Subject: [SEC] [SA45661] CodeWidgets.com Pop-Over Login Form (ASP) "Email" and "Password" SQL Injection Vulnerabilities Message-ID: <201108240115.p7O1Fv0E008025@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: CodeWidgets.com Pop-Over Login Form (ASP) "Email" and "Password" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45661 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45661/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45661 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45661/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45661/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45661 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: L0rd CrusAd3r has reported two vulnerabilities in CodeWidgets.com Pop-Over Login Form (ASP), which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "Email" and "Password" parameters to login.asp is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: L0rd CrusAd3r ORIGINAL ADVISORY: http://www.exploit-id.com/web-applications/code-widget-pop-over-login-form-asp-authentication-bypass OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 18:49:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 03:49:50 +0200 Subject: [SEC] [SA45716] Ubuntu update for foomatic-filters Message-ID: <201108240149.p7O1noFv030073@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for foomatic-filters SECUNIA ADVISORY ID: SA45716 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45716/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45716 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45716/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45716/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45716 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for foomatic-filters. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45196 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1194-1: http://www.ubuntu.com/usn/usn-1194-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 19:26:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 04:26:16 +0200 Subject: [SEC] [SA45752] WordPress U Extended Comment Plugin "fileurl" Arbitrary File Download Vulnerability Message-ID: <201108240226.p7O2QGnZ020297@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress U Extended Comment Plugin "fileurl" Arbitrary File Download Vulnerability SECUNIA ADVISORY ID: SA45752 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45752/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45752 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45752/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45752/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45752 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the U Extended Comment plugin for WordPress, which can be exploited by malicious users to disclose sensitive information. Input passed via the "fileurl" parameter to index.php (when "_wpnonce" is set and "uexc_attach_download" is set to "true") is not properly verified in wp-content/plugins/u-extended-comment/includes/attachment.php before being used to download files. This can be exploited to download arbitrary files from local resources via directory traversal sequences. Successful exploitation requires "Attachment" permissions. The vulnerability is confirmed in version 1.0.1. Prior versions may also be affected. SOLUTION: Update to version 1.0.2 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Julio Potier. ORIGINAL ADVISORY: http://wordpress.org/extend/plugins/u-extended-comment/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 19:48:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 04:48:35 +0200 Subject: [SEC] [SA45664] WordPress U BuddyPress Forum Attachment "fileurl" File Disclosure Vulnerability Message-ID: <201108240248.p7O2mZU6009330@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress U BuddyPress Forum Attachment "fileurl" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA45664 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45664/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45664 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45664/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45664/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45664 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the U BuddyPress Forum Attachment plugin for WordPress, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "fileurl" parameter is not properly verified before being used to read files. This can be exploited to read arbitrary files from local resources via directory traversal sequences. The vulnerability is reported in versions prior to 1.1.2. SOLUTION: Update to version 1.1.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Julio Potier. ORIGINAL ADVISORY: http://wordpress.org/extend/plugins/u-buddypress-forum-attachment/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 23 20:15:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 05:15:02 +0200 Subject: [SEC] [SA45698] Google Chrome Multiple Vulnerabilities Message-ID: <201108240315.p7O3F2Gd031009@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45698 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45698/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45698 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45698/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45698/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45698 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system. 1) An error related to the command line can lead to "URL parsing confusion". Note: This vulnerability affects the Windows platform only. 2) A use-after-free error exists within the handling of line boxes. 3) A use-after-free error exists within the handling of counter nodes. 4) A use-after-free error exists within the handling of custom fonts. 5) A double-free error exists within the libxml XPath handling. 6) An error related to empty origins can be exploited to violate the cross-origin policy. 7) An error related to the vertex handing can be exploited to cause a memory corruption. Note: This vulnerability affects the Windows platform only. 8) A use-after-free error exists within the text searching. 9) An error within v8 can be exploited to cause an out-of-bounds write. 10) An integer overflow exists related uniform arrays. Note: This vulnerability affects 32bit only. 11) An error exists related to "memset()" and PDF. Note: This vulnerability affects the Linux platform only. SOLUTION: Update to version 13.0.782.215. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Vladimir Vorontsov, ONsec company 2) SkyLined, Google Chrome Security Team and independently discovered by miaubiz 3, 8) miaubiz 4) wushi, team509 via ZDI and independently discovered by miaubiz 5) Yang Dingning, NCNIPC Graduate University of Chinese Academy of Sciences 6, 10) Sergey Glazunov 7) Michael Braithwaite, Turbulenz Limited 9) SkyLined, Google Chrome Security Team 11) Aki Helin, OUSPG ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 10:33:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 19:33:43 +0200 Subject: [SEC] [SA45765] Shopzilla Comparison Shopping Script "s" Cross-Site Scripting Vulnerability Message-ID: <201108241733.p7OHXho4030271@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Shopzilla Comparison Shopping Script "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45765 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45765/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45765 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45765/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45765/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45765 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Eyup CELIK has discovered a vulnerability in Shopzilla Comparison Shopping Script, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "s" parameter in search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.2 free. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104357/eshoppingmadness-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 11:34:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 20:34:00 +0200 Subject: [SEC] [SA45712] Free Help Desk Cross-Site Request Forgery Vulnerability Message-ID: <201108241834.p7OIY0II021351@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Free Help Desk Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA45712 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45712/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45712 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45712/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45712/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45712 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Free Help Desk, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add an administrator by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 1.1g. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: G13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 12:36:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 21:36:24 +0200 Subject: [SEC] [SA45740] F-Secure Gadget Resource Handler ActiveX Control "initialize()" Buffer Overflow Message-ID: <201108241936.p7OJaOBr012512@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: F-Secure Gadget Resource Handler ActiveX Control "initialize()" Buffer Overflow SECUNIA ADVISORY ID: SA45740 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45740/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45740 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45740/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45740/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45740 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Anil Aphale has reported a vulnerability in the F-Secure Gadget Resource Handler ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the handling of the "initialize()" method and can be exploited to cause a stack-based buffer overflow via a specially crafted web page. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 1.00.192. Other versions may also be affected. SOLUTION: Apply patches available via the automatic update channel. PROVIDED AND/OR DISCOVERED BY: Anil Aphale ORIGINAL ADVISORY: F-Secure: http://www.f-secure.com/en_EMEA-Labs/news-info/security-advisories/fsc-2011-3.html Anil Aphale: http://www.garage4hackers.com/f43/f-secure-multiple-products-activex-seh-overwrite-vulnerability-heap-spray-1390.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 13:34:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 22:34:05 +0200 Subject: [SEC] [SA45675] ManageEngine ServiceDesk Plus Multiple Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201108242034.p7OKY5eH003455@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: ManageEngine ServiceDesk Plus Multiple Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA45675 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45675/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45675 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45675/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45675/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45675 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in ManageEngine ServiceDesk Plus, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "select" parameter to AnnounceShow.do, the "module" parameter to calendar/MiniCalendar.jsp, and the "serviceId" parameter to HomePage.do and jsp/ServiceCatalog.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "reqName" parameter to WorkOrder.do is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires "Requester" permissions. The vulnerabilities are confirmed in version 8.0.0 Build 8013. Other versions may also be affected. SOLUTION: Update to version 8.0.0 Build 8015. PROVIDED AND/OR DISCOVERED BY: 1) Gjoko 'LiquidWorm' Krstic 2) Juan Manuel Garcia, CYBSEC Labs. ORIGINAL ADVISORY: ServiceDesk Plus: http://www.manageengine.com/products/service-desk/readme-8.0.html ZSL-2011-5039: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5039.php CYBSEC Labs: http://www.cybsec.com/vuln/Cybsec_Advisory_2011_0801_Multiple_XSS_in_AdventNet_ManageEngine_ServiceDesk_Plus.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 14:29:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 23:29:20 +0200 Subject: [SEC] [SA45606] Apache HTTP Server ByteRange Filter Denial of Service Vulnerability Message-ID: <201108242129.p7OLTKdl026717@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Apache HTTP Server ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45606 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45606/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45606 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45606/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45606/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45606 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Kingcope has discovered a vulnerability in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the ByteRange filter when processing requests containing a large amount of ranges, which can be exploited to exhaust memory via specially crafted HTTP requests sent to the server. The vulnerability is confirmed in version 2.2.19. Other versions may also be affected. SOLUTION: Use a proxy to filter requests containing a large number of ranges. PROVIDED AND/OR DISCOVERED BY: Kingcope ORIGINAL ADVISORY: Kingcope: http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0203.html https://issues.apache.org/bugzilla/show_bug.cgi?id=51714 http://mail-archives.apache.org/mod_mbox/httpd-dev/201108.mbox/%3Calpine.DEB.2.00.1108231306230.24177 at eru.sfritsch.de%3E OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 14:49:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 24 Aug 2011 23:49:11 +0200 Subject: [SEC] [SA45764] Tourismscripts Hotel Portal Script "hotel_city" Cross-Site Scripting Vulnerability Message-ID: <201108242149.p7OLnBn5015749@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Tourismscripts Hotel Portal Script "hotel_city" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45764 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45764/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45764 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45764/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45764/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45764 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Tourismscripts Hotel Portal Script, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "hotel_city" parameter to city.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104358/tourismscriptshps-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 15:14:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 00:14:02 +0200 Subject: [SEC] [SA45747] Ubuntu update for ecryptfs-utils Message-ID: <201108242214.p7OME2cS005037@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for ecryptfs-utils SECUNIA ADVISORY ID: SA45747 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45747/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45747 RELEASE DATE: 2011-08-24 DISCUSS ADVISORY: http://secunia.com/advisories/45747/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45747/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45747 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for ecryptfs-utils. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the use of incorrect permissions when updating the mtab file, which can be exploited to manipulate the mtab file and e.g. unmount arbitrary locations. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1196-1: http://www.ubuntu.com/usn/usn-1196-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 15:49:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 00:49:11 +0200 Subject: [SEC] [SA45746] Red Hat update for kernel Message-ID: <201108242249.p7OMnBo4027270@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA45746 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45746/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45746 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45746/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45746/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45746 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to potentially compromise a vulnerable system. For more information: SA43806 SA44164 SA44466 SA44754 SA45193 SA45253 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1189-1: https://rhn.redhat.com/errata/RHSA-2011-1189.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 16:15:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 01:15:02 +0200 Subject: [SEC] [SA45744] Red Hat update for system-config-printer Message-ID: <201108242315.p7ONF2v2016634@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for system-config-printer SECUNIA ADVISORY ID: SA45744 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45744/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45744 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45744/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45744/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45744 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for system-config-printer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input sanitation error when processing NetBIOS names while searching for network printers, which can be exploited to inject and execute shell commands. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1196-1: https://rhn.redhat.com/errata/RHSA-2011-1196.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 16:49:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 01:49:07 +0200 Subject: [SEC] [SA45745] Red Hat update for libvirt Message-ID: <201108242349.p7ONn7Kx006411@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for libvirt SECUNIA ADVISORY ID: SA45745 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45745/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45745 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45745/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45745/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45745 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA44988 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1197-1: https://rhn.redhat.com/errata/RHSA-2011-1197.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 17:17:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 02:17:53 +0200 Subject: [SEC] [SA45766] CommodityRentals Real Estate Script "txtsearch" Cross-Site Scripting Vulnerability Message-ID: <201108250017.p7P0HrLL028331@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: CommodityRentals Real Estate Script "txtsearch" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45766 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45766/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45766 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45766/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45766/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45766 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CommodityRentals Real Estate Script, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "txtsearch" parameter to searchproperty/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104356/commodityrealestate-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 17:49:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 02:49:24 +0200 Subject: [SEC] [SA45695] Linux Kernel "CIFSFindNext()" Signedness Error Denial of Service Vulnerability Message-ID: <201108250049.p7P0nO1B018008@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Linux Kernel "CIFSFindNext()" Signedness Error Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45695 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45695/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45695 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45695/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45695/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45695 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a signedness error within the "CIFSFindNext()" function (fs/cifs/cifssmb.c), which can be exploited to e.g. crash a client by sending specially crafted CIFS messages. Successful exploitation requires that a malicious server is used. SOLUTION: Do not connect to untrusted servers. PROVIDED AND/OR DISCOVERED BY: Red Hat credits Darren Lavender. ORIGINAL ADVISORY: https://patchwork.kernel.org/patch/1088082/ Red Hat Bug #732869: https://bugzilla.redhat.com/show_bug.cgi?id=732869 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 18:15:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 03:15:05 +0200 Subject: [SEC] [SA45726] Citrix Access Gateway Unspecified Cross-Site Scripting Vulnerability Message-ID: <201108250115.p7P1F5J3007348@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Citrix Access Gateway Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45726 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45726/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45726 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45726/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45726/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45726 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Citrix Access Gateway, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input related to the logon portal is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in the Enterprise Edition version 9.2-49.8 and prior. SOLUTION: Apply update. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://support.citrix.com/article/CTX129971 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 18:50:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 03:50:22 +0200 Subject: [SEC] [SA45727] Apache Wicket Multi Window Support Cross-Site Scripting Vulnerability Message-ID: <201108250150.p7P1oMdY029627@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Apache Wicket Multi Window Support Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45727 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45727/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45727 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45727/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45727/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45727 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache Wicket, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain input passed to the multi window support is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website. The vulnerability is reported in versions 1.4.x prior to 1.4.18. SOLUTION: Update to version 1.4.18. PROVIDED AND/OR DISCOVERED BY: The vendor credits Sven Krewitt, T?V Rheinland i-sec GmbH. ORIGINAL ADVISORY: http://wicket.apache.org/2011/08/23/cve-2011-2712.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 19:18:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 04:18:40 +0200 Subject: [SEC] [SA45692] neolao FLV Player Multi / Maxi Cross-Site Scripting Vulnerabilities Message-ID: <201108250218.p7P2IeNU019588@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: neolao FLV Player Multi / Maxi Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45692 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45692/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45692 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45692/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45692/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45692 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: MustLive has discovered two vulnerabilities in neolao FLV Player Multi / Maxi, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "onclick" and "ondoubleclick" configuration options is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in FLV Player Multi version 1.5.0 and FLV Player Maxi version 1.6.0. Other versions may also be affected. SOLUTION: Use a proxy to filter malicious characters and character sequences. PROVIDED AND/OR DISCOVERED BY: MustLive ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0225.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 24 19:50:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 04:50:13 +0200 Subject: [SEC] [SA45733] IBM Rational ClearCase / ClearQuest Java Double Literal Denial of Service Vulnerability Message-ID: <201108250250.p7P2oD4u009250@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: IBM Rational ClearCase / ClearQuest Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45733 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45733/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45733 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45733/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45733/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45733 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM Rational ClearCase / ClearQuest, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA43262 The vulnerability is reported in versions prior to 7.1.1.5 and 7.1.2.2. SOLUTION: Update to fix pack 7.1.1.5 or 7.1.2.2. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21509635 http://www.ibm.com/support/docview.wss?uid=swg21468287 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 10:35:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 19:35:44 +0200 Subject: [SEC] [SA45743] Cisco Intercompany Media Engine Service Advertisement Framework Denial of Service Message-ID: <201108251735.p7PHZiJV004726@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco Intercompany Media Engine Service Advertisement Framework Denial of Service SECUNIA ADVISORY ID: SA45743 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45743/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45743 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45743/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45743/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45743 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cisco Intercompany Media Engine, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #3 in: SA45738 The vulnerabilities are reported in version 8.0.x. SOLUTION: Update to version 8.5.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110824-ime.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 11:36:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 20:36:54 +0200 Subject: [SEC] [SA45741] Cisco Unified Communications Manager Packet Capture Service Denial of Service Message-ID: <201108251836.p7PIasG6028451@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco Unified Communications Manager Packet Capture Service Denial of Service SECUNIA ADVISORY ID: SA45741 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45741/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45741 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45741/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45741/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45741 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Packet Capture Service not properly timing out or closing idle TCP connections. This can be exploited to restart the application by opening multiple connections. Successful exploitation requires the Packet Capture Service to be enabled (enabled by default). SOLUTION: Disable the Packet Capture Service in the Cisco Unified Communications Manager Administration Interface by setting the service parameter to False. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110824-cucm.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 12:36:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 21:36:44 +0200 Subject: [SEC] [SA45772] Cisco Products Open Query Interface Information Disclosure Security Issue Message-ID: <201108251936.p7PJaim5019690@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco Products Open Query Interface Information Disclosure Security Issue SECUNIA ADVISORY ID: SA45772 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45772/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45772 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45772/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45772/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45772 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Cisco Unified Communications Manager and Cisco Unified Presence Server, which can be exploited by malicious people to disclose sensitive information. The security issue is caused due to access not being restricted to an open query interface and can be exploited to disclose sensitive information from underlying databases including authentication credentials. Successful exploitation may further allow administrative access to the web-based management interface. The security issue is reported in versions 6.x, 7.x, 8.0, and 8.5. SOLUTION: Apply updates. Please see vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: The vendor credits kxlzx. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110824-cucm-cups.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 13:34:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 22:34:30 +0200 Subject: [SEC] [SA45738] Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities Message-ID: <201108252034.p7PKYUJ6010817@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA45738 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45738/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45738 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45738/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45738/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45738 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error related to Media Termination Points when processing the Session Description Protocol of a SIP call can be exploited to cause a crash. Note: This vulnerability only affects version 7.0.x and later. 2) An unspecified error when processing certain SIP INVITE messages can be exploited to cause a crash. 3) Two unspecified errors related to the Service Advertisement Framework can be exploited to cause the device to reload by sending specially crafted SAF packets. Note: This vulnerability only affects version 8.x. The vulnerabilities are reported in versions 6.x, 7.x, and 8.x. SOLUTION: Update to version 6.1(5)SU3, 7.1(5b)SU4, 8.0(3a)SU2, 8.5(1)SU2, or 8.6(1). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110824-cucm.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 14:28:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 23:28:52 +0200 Subject: [SEC] [SA45742] SUSE update for libmodplug Message-ID: <201108252128.p7PLSqeg001745@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for libmodplug SECUNIA ADVISORY ID: SA45742 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45742/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45742 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45742/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45742/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45742 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libmodplug. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA44388 SA45131 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0943-1: http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00019.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 14:50:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 25 Aug 2011 23:50:41 +0200 Subject: [SEC] [SA45709] phpMyAdmin Multiple Script Insertion Vulnerabilities Message-ID: <201108252150.p7PLofpS023523@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: phpMyAdmin Multiple Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA45709 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45709/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45709 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45709/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45709/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45709 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed to table, column, and index names is not properly sanitised before being used in the Tracking feature. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in versions 3.3.0 through 3.4.3.2. SOLUTION: Update to 3.3.10.4 or 3.4.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits Norman Hippert, The-Wildcat.de. ORIGINAL ADVISORY: PMASA-2011-13: http://www.phpmyadmin.net/home_page/security/PMASA-2011-13.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 15:15:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 00:15:06 +0200 Subject: [SEC] [SA45773] SUSE update for clamav Message-ID: <201108252215.p7PMF6Ud012970@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for clamav SECUNIA ADVISORY ID: SA45773 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45773/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45773 RELEASE DATE: 2011-08-25 DISCUSS ADVISORY: http://secunia.com/advisories/45773/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45773/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45773 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45382 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0940-1: http://lwn.net/Articles/456236/ SUSE-SU-2011:0948-1: https://hermes.opensuse.org/messages/11564156 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 15:51:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 00:51:43 +0200 Subject: [SEC] [SA45725] WordPress WordPress-Amazon-Associate Plugin Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201108252251.p7PMph4E003008@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress WordPress-Amazon-Associate Plugin Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45725 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45725/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45725 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45725/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45725/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45725 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in the WordPress-Amazon-Associate plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain input passed to the "container", "container_class", and "container_style" attributes is not properly sanitised within the preview servlet before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 1.7.4. SOLUTION: Update to version 1.7.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: WordPress-Amazon-Associate Update: http://wordpress.org/extend/plugins/wordpress-amazon-associate/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 16:16:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 01:16:19 +0200 Subject: [SEC] [SA45782] WordPress Redirection Plugin "id" Cross-Site Scripting Vulnerability Message-ID: <201108252316.p7PNGJcu024895@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Redirection Plugin "id" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45782 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45782/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45782 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45782/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45782/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45782 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Redirection plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "id" parameter to wp-admin/tools.php (when "page" is set to "redirection.php") is not properly sanitised in wp-content/plugins/redirection/view/admin/submenu.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.2.8. Prior versions may also be affected. SOLUTION: Update to version 2.2.9. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Redirection: http://wordpress.org/extend/plugins/redirection/changelog/ http://plugins.trac.wordpress.org/changeset/421720/redirection/trunk/view/admin/item_list.php?old=374831&old_path=redirection%2Ftrunk%2Fview%2Fadmin%2Fitem_list.php http://plugins.trac.wordpress.org/changeset/421720/redirection/trunk/view/admin/submenu.php?old=313736&old_path=redirection%2Ftrunk%2Fview%2Fadmin%2Fsubmenu.php http://plugins.trac.wordpress.org/changeset/421720/redirection/trunk/view/admin/group_list.php?old=321565&old_path=redirection%2Ftrunk%2Fview%2Fadmin%2Fgroup_list.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 16:50:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 01:50:29 +0200 Subject: [SEC] [SA45767] CommodityRentals Books/eBooks Rentals Script Search Module Cross-Site Scripting Vulnerability Message-ID: <201108252350.p7PNoTV4014831@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: CommodityRentals Books/eBooks Rentals Script Search Module Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45767 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45767/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45767 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45767/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45767/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45767 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CommodityRentals Books/eBooks Rentals Script, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "txtSearch" parameter to index.php (when "view" is set to "search) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104355/booksrentalshop-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 17:17:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 02:17:48 +0200 Subject: [SEC] [SA45769] VicBlog "tag" SQL Injection Vulnerability Message-ID: <201108260017.p7Q0Hmug004416@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: VicBlog "tag" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45769 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45769/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45769 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45769/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45769/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45769 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in VicBlog, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "tag" parameter to index.php (when "page" is set to "posts") is not properly sanitised in the "prepare_input()" function in include/functions.inc.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 0.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104402/vicblog-sql.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 17:49:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 02:49:54 +0200 Subject: [SEC] [SA45768] AlstraSoft E-Friends "mode" Cross-Site Scripting Vulnerability Message-ID: <201108260049.p7Q0nsaF026682@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: AlstraSoft E-Friends "mode" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45768 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45768/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45768 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45768/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45768/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45768 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in AlstraSoft E-Friends, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "mode" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 5.00. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Eyup CELIK OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Aug 25 18:14:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 03:14:30 +0200 Subject: [SEC] [SA45714] ASUS RT-N56U Wireless Router "QIS_wizard.htm" Information Disclosure Message-ID: <201108260114.p7Q1EUIr016128@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: ASUS RT-N56U Wireless Router "QIS_wizard.htm" Information Disclosure SECUNIA ADVISORY ID: SA45714 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45714/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45714 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45714/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45714/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45714 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the Asus RT-N56U Wireless Router, which can be exploited by malicious people to disclose sensitive information. The security issue is caused due to the router not restricting access to a page displaying the device's configuration (QIS_wizard.htm?flag=detect) and can be exploited to disclose sensitive information including the device's administrative password. The security issue is reported in firmware version 1.0.1.4. SOLUTION: Update to firmware version 1.0.1.4o PROVIDED AND/OR DISCOVERED BY: Plucky via US-CERT. ORIGINAL ADVISORY: US-CERT: http://www.kb.cert.org/vuls/id/200814 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 10:39:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 19:39:33 +0200 Subject: [SEC] [SA45728] JagoanStore CMS manage/fckeditor File Upload Vulnerability Message-ID: <201108261739.p7QHdXDF022577@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: JagoanStore CMS manage/fckeditor File Upload Vulnerability SECUNIA ADVISORY ID: SA45728 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45728/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45728 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45728/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45728/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45728 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: eidelweiss has reported a vulnerability in JagoanStore CMS, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an improper check for allowed filetypes in the manage/fckeditor section if e.g. multiple file extensions are being used. This can be exploited to upload arbitrary PHP files. This may be related to SA18767. SOLUTION: Reportedly fixed in the latest version. PROVIDED AND/OR DISCOVERED BY: eidelweiss ORIGINAL ADVISORY: http://eidelweiss-advisories.blogspot.com/2011/08/jagoanstore-cms-arbitary-file-upload.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 11:41:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 20:41:05 +0200 Subject: [SEC] [SA45713] CUPS "gif_read_lzw()" Buffer Overflow Vulnerability Message-ID: <201108261841.p7QIf5Br013932@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: CUPS "gif_read_lzw()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45713 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45713/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45713 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45713/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45713/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45713 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in CUPS, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "gif_read_lzw()" function (filter/image-gif.c) and can be exploited to cause a heap-based buffer overflow via specially crafted GIF images. The vulnerability is confirmed in version 1.4.6. Prior versions may also be affected. SOLUTION: Update to version 1.4.7. PROVIDED AND/OR DISCOVERED BY: Red Hat Security Response Team ORIGINAL ADVISORY: CUPS Bug #3867: http://cups.org/str.php?L3867 Red Hat Bug #727800: https://bugzilla.redhat.com/show_bug.cgi?id=727800 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 12:38:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 21:38:21 +0200 Subject: [SEC] [SA45796] CUPS "gif_read_lzw()" Buffer Overflow Vulnerability Message-ID: <201108261938.p7QJcL8w005048@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: CUPS "gif_read_lzw()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45796 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45796/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45796 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45796/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45796/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45796 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in CUPS, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "gif_read_lzw()" function (filter/image-gif.c) and can be exploited to cause a heap-based buffer overflow via specially crafted GIF images. This is related to: SA45713 The vulnerability is confirmed in version 1.4.8. Other versions may also be affected. SOLUTION: Fixed in the SVN repository. PROVIDED AND/OR DISCOVERED BY: Red Hat Security Response Team ORIGINAL ADVISORY: CUPS Bug #3914: http://cups.org/str.php?L3914 Red Hat Bug #732106: https://bugzilla.redhat.com/show_bug.cgi?id=732106 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 13:36:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 22:36:21 +0200 Subject: [SEC] [SA45756] SUSE update for hplip Message-ID: <201108262036.p7QKaLcf028642@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for hplip SECUNIA ADVISORY ID: SA45756 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45756/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45756 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45756/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45756/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45756 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for hplip. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a vulnerable system. For more information: SA12557 SA45196 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0951-1: https://hermes.opensuse.org/messages/11591627 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 14:28:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 23:28:42 +0200 Subject: [SEC] [SA45790] SUSE update for hplip Message-ID: <201108262128.p7QLSgPd019510@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for hplip SECUNIA ADVISORY ID: SA45790 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45790/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45790 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45790/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45790/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45790 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA12557 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0950-1: http://lists.opensuse.org/opensuse-updates/2011-08/msg00036.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 14:50:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 26 Aug 2011 23:50:30 +0200 Subject: [SEC] [SA45786] RSA enVision Unspecified File Disclosure Vulnerability Message-ID: <201108262150.p7QLoUif008840@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: RSA enVision Unspecified File Disclosure Vulnerability SECUNIA ADVISORY ID: SA45786 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45786/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45786 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45786/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45786/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45786 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RSA enVision, which can be exploited by malicious people to disclose sensitive information. For more information see vulnerability #2 in: SA45779 The vulnerability is reported in version 3.x. SOLUTION: Upgrade to version 4 SP4 P3. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-08/att-0149/ESA-2011-030.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 15:16:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 00:16:06 +0200 Subject: [SEC] [SA45734] WordPress WP CSS Plugin "f" Local File Inclusion Vulnerability Message-ID: <201108262216.p7QMG66I030784@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress WP CSS Plugin "f" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA45734 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45734/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45734 RELEASE DATE: 2011-08-26 DISCUSS ADVISORY: http://secunia.com/advisories/45734/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45734/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45734 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the WP CSS plugin for WordPress, which can be exploited by malicious people to disclose sensitive information. Input passed via the "f" parameter to wp-content/plugins/wp-css/wp-css-compress.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks. The vulnerability is confirmed in version 2.0.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Angel Injection ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/104467/wpyoast-disclose.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 15:50:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 00:50:42 +0200 Subject: [SEC] [SA45710] Hitachi JP1/Cm2/Network Node Manager Multiple Unspecified Vulnerabilities Message-ID: <201108262250.p7QMogbF020763@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Hitachi JP1/Cm2/Network Node Manager Multiple Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA45710 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45710/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45710 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45710/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45710/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45710 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Hitachi JP1/Cm2/Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerabilities are caused due to unspecified errors and can be exploited to cause a crash or potentially execute arbitrary code. Please see the vendor's advisory for a list of affected products and versions. SOLUTION: Apply updates (Please see vendor's advisory for details). Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-017/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 16:15:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 01:15:59 +0200 Subject: [SEC] [SA45780] SQL-Ledger Unspecified SQL Injection Vulnerability Message-ID: <201108262315.p7QNFx1s010265@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SQL-Ledger Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45780 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45780/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45780 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45780/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45780/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45780 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SQL-Ledger, which can be exploited by malicious users to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This is related to: SA45649 The vulnerability is reported in versions prior to 2.8.34. SOLUTION: Update to version 2.8.34. PROVIDED AND/OR DISCOVERED BY: Reported by the LedgerSMB Development Team. ORIGINAL ADVISORY: SQL-Ledger: http://sql-ledger.com/cgi-bin/nav.pl?page=misc/changelog.html&title=Changelog LedgerSMB: http://www.ledgersmb.org/node/460601 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 16:51:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 01:51:00 +0200 Subject: [SEC] [SA45788] HP-UX update for Veritas Enterprise Administrator Message-ID: <201108262351.p7QNp0hM032679@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: HP-UX update for Veritas Enterprise Administrator SECUNIA ADVISORY ID: SA45788 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45788/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45788 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45788/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45788/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45788 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for Veritas Enterprise Administrator in HP-UX. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA45576 The vulnerabilities are reported in HP-UX versions B.11.11, B.11.23, and B.11.31 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: HPSBUX02700 SSRT100506: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02962262 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 17:17:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 02:17:52 +0200 Subject: [SEC] [SA45600] DotNetNuke Module Permission Check Security Bypass Vulnerability Message-ID: <201108270017.p7R0HqRI022266@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: DotNetNuke Module Permission Check Security Bypass Vulnerability SECUNIA ADVISORY ID: SA45600 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45600/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45600 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45600/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45600/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45600 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in DotNetNuke, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to a logical error within the permission checks for modules can be exploited to gain escalated privileges by providing a specially crafted URL. Successful exploitation requires "edit module" permissions to at least one module. The vulnerability is reported in all 5.x versions. SOLUTION: Upgrade to version 6.0.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Brian Dukes. ORIGINAL ADVISORY: http://www.dotnetnuke.com/News/Security-Policy/Security-bulletin-no.57.aspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 17:50:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 02:50:33 +0200 Subject: [SEC] [SA45715] SAP NetWeaver "EPS_DELETE_FILE" Arbitrary File Deletion Vulnerability Message-ID: <201108270050.p7R0oX8g012155@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SAP NetWeaver "EPS_DELETE_FILE" Arbitrary File Deletion Vulnerability SECUNIA ADVISORY ID: SA45715 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45715/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45715 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45715/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45715/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45715 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Alexey Sintsov has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious users to manipulate certain data. The vulnerability is caused due an input validation error in the "EPS_DELETE_FILE" function and can be exploited to delete arbitrary files via directory traversal sequences. Successful exploitation requires access to a default SAP account e.g. TMSADM or SAPCPIC. SOLUTION: Apply fixes. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Alexey Sintsov, Digital Security Research Group (DSecRG). ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1554030 Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=331 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 18:15:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 03:15:39 +0200 Subject: [SEC] [SA45779] RSA enVision Information and File Disclosure Vulnerabilities Message-ID: <201108270115.p7R1Fdsr001606@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: RSA enVision Information and File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA45779 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45779/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45779 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45779/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45779/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45779 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in RSA enVision, which can be exploited by malicious users and malicious people to disclose sensitive information. 1) An unspecified error related to Test Escalation emails can be exploited to disclose clear text credentials. 2) An unspecified error can be exploited to disclose the contents of arbitrary files. The vulnerabilities are reported in versions prior to 4 SP4 P3. SOLUTION: Update to version 4 SP4 P3. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-08/att-0149/ESA-2011-030.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 18:49:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 03:49:45 +0200 Subject: [SEC] [SA45762] Slackware update for php Message-ID: <201108270149.p7R1njoZ024028@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Slackware update for php SECUNIA ADVISORY ID: SA45762 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45762/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45762 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45762/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45762/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45762 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA44874 SA45678 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: SSA:2011-237-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.575575 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 19:20:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 04:20:09 +0200 Subject: [SEC] [SA45711] DotNetNuke Module Permission Check Security Bypass Vulnerability Message-ID: <201108270220.p7R2K8AV014266@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: DotNetNuke Module Permission Check Security Bypass Vulnerability SECUNIA ADVISORY ID: SA45711 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45711/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45711 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45711/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45711/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45711 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in DotNetNuke, which can be exploited by malicious users to bypass certain security restrictions. For more information: SA45600 The vulnerability is reported in version 6.0. SOLUTION: Update to version 6.0.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Brian Dukes. ORIGINAL ADVISORY: http://www.dotnetnuke.com/News/Security-Policy/Security-bulletin-no.57.aspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 19:49:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 04:49:59 +0200 Subject: [SEC] [SA45774] SmartCMS "pageid" Cross-Site Scripting Vulnerability Message-ID: <201108270249.p7R2nxTm003987@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SmartCMS "pageid" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45774 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45774/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45774 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45774/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45774/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45774 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sony has reported a vulnerability in SmartCMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "pageid" parameter to userauthentication.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Sony ORIGINAL ADVISORY: http://st2tea.blogspot.com/2011/08/smartcms-cross-site-scripting.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 20:15:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 05:15:08 +0200 Subject: [SEC] [SA45783] WordPress Custom Post Type UI Plugin "return" Cross-Site Scripting Vulnerability Message-ID: <201108270315.p7R3F8go025916@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Custom Post Type UI Plugin "return" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45783 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45783/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45783 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45783/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45783/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45783 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Custom Post Type UI plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "return" parameter to wp-admin/admin.php (when "page" is set to "cpt_sub_add_new" and "cpt_msg" is set to "1") is not properly sanitised in wp-content/plugins/custom-post-type-ui/custom-post-type-ui.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 0.7. Prior versions may also be affected. SOLUTION: Update to version 0.7.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Duck. ORIGINAL ADVISORY: Custom Post Type UI: http://wordpress.org/extend/plugins/custom-post-type-ui/changelog/ http://plugins.trac.wordpress.org/changeset/425013/custom-post-type-ui/trunk/custom-post-type-ui.php?old=351289&old_path=custom-post-type-ui%2Ftrunk%2Fcustom-post-type-ui.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 20:51:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 05:51:17 +0200 Subject: [SEC] [SA45776] Ubuntu update for thunderbird Message-ID: <201108270351.p7R3pHvN015969@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ubuntu update for thunderbird SECUNIA ADVISORY ID: SA45776 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45776/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45776 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45776/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45776/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45776 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1185-1: http://www.ubuntu.com/usn/usn-1185-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 21:15:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 06:15:04 +0200 Subject: [SEC] [SA45763] Zazavi Cross-Site Request Forgery Vulnerability Message-ID: <201108270415.p7R4F41w005389@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Zazavi Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA45763 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45763/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45763 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45763/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45763/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45763 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: KedAns-Dz has discovered a vulnerability in Zazavi, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add an administrator by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 1.2.1. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: KedAns-Dz ORIGINAL ADVISORY: http://www.exploit-id.com/web-applications/zazavi OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Aug 26 21:49:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 27 Aug 2011 06:49:28 +0200 Subject: [SEC] [SA45700] IBM Tivoli Storage Productivity Center Products Java Double Literal Denial of Service Message-ID: <201108270449.p7R4nSAX027772@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: IBM Tivoli Storage Productivity Center Products Java Double Literal Denial of Service SECUNIA ADVISORY ID: SA45700 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45700/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45700 RELEASE DATE: 2011-08-27 DISCUSS ADVISORY: http://secunia.com/advisories/45700/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45700/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45700 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM Tivoli Storage Productivity Center Standard Edition and IBM Tivoli Storage Productivity Center for Replication, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA43262 The vulnerability is reported in versions prior to 4.2.1 Fix Pack 4. SOLUTION: Update to version 4.2.1 Fix Pack 4. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg24030795 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 10:34:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 29 Aug 2011 19:34:31 +0200 Subject: [SEC] [SA45736] SUSE update for java-1_4_2-ibm Message-ID: <201108291734.p7THYVJF007564@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for java-1_4_2-ibm SECUNIA ADVISORY ID: SA45736 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45736/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45736 RELEASE DATE: 2011-08-29 DISCUSS ADVISORY: http://secunia.com/advisories/45736/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45736/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45736 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_4_2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA45206 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SA:2011:036: http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 11:40:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 29 Aug 2011 20:40:48 +0200 Subject: [SEC] [SA45814] WordPress Js-appointment Plugin "cat" SQL Injection Vulnerability Message-ID: <201108291840.p7TIemhg031662@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress Js-appointment Plugin "cat" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45814 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45814/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45814 RELEASE DATE: 2011-08-29 DISCUSS ADVISORY: http://secunia.com/advisories/45814/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45814/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45814 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in Js-appointment Plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "cat" parameter in wp-content/plugins/js-appointment/searchdata.php (when "search_action" is set to "searchadv") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability has been confirmed in version 1.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17724/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 12:37:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 29 Aug 2011 21:37:06 +0200 Subject: [SEC] [SA45264] KMPlayer Playlist Processing Buffer Overflow Vulnerability Message-ID: <201108291937.p7TJb6Pa022832@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: KMPlayer Playlist Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45264 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45264/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45264 RELEASE DATE: 2011-08-29 DISCUSS ADVISORY: http://secunia.com/advisories/45264/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45264/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45264 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: ADLab has discovered a vulnerability in KMPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing the "Title" entry within playlist files. This can be exploited to cause a heap-based buffer overflow via a specially crafted KPL file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.0.0.1441. Other versions may also be affected. SOLUTION: Do not open untrusted playlist (".kpl") files. PROVIDED AND/OR DISCOVERED BY: ADLab, VenusTech via Secunia. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 13:39:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 29 Aug 2011 22:39:55 +0200 Subject: [SEC] [SA45792] Joomla! Simple File Lister Module "sflDir" Directory Traversal Vulnerability Message-ID: <201108292039.p7TKdttY014345@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Joomla! Simple File Lister Module "sflDir" Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA45792 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45792/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45792 RELEASE DATE: 2011-08-29 DISCUSS ADVISORY: http://secunia.com/advisories/45792/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45792/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45792 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Simple File Lister module for Joomla!, which can be exploited by malicious people to disclose system information. Input passed via the "sflDir" parameter to index.php (when "option" is set to "com_content", "view" is set to "article", and "id" is set) is not properly verified in modules/mod_simplefilelisterv1.0/helper.php before being used to list files. This can be exploited to disclose the contents of arbitrary directories via directory traversal attacks. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: evilsocket ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17736/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 14:30:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 29 Aug 2011 23:30:37 +0200 Subject: [SEC] [SA45787] Phorum "real_name" Cross-Site Scripting Vulnerability Message-ID: <201108292130.p7TLUbPI005223@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Phorum "real_name" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45787 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45787/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45787 RELEASE DATE: 2011-08-29 DISCUSS ADVISORY: http://secunia.com/advisories/45787/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45787/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45787 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Russ McRee has discovered a vulnerability in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "real_name" POST parameter in control.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 5.2.16. Prior versions may also be affected. SOLUTION: Update to version 5.2.17. PROVIDED AND/OR DISCOVERED BY: Russ McRee ORIGINAL ADVISORY: HIO-2011-0822: http://holisticinfosec.org/content/view/184/45/ Phorum Release: http://www.phorum.org/phorum5/read.php?64,149490,149490#msg-149490 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 14:49:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 29 Aug 2011 23:49:05 +0200 Subject: [SEC] [SA45721] HP SiteScope Administrative Interface Security Bypass Security Issue Message-ID: <201108292149.p7TLn5C6026900@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: HP SiteScope Administrative Interface Security Bypass Security Issue SECUNIA ADVISORY ID: SA45721 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45721/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45721 RELEASE DATE: 2011-08-29 DISCUSS ADVISORY: http://secunia.com/advisories/45721/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45721/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45721 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a security issue in HP SiteScope, which can be exploited by malicious users to bypass certain security restrictions. The security issue is caused due to the administrative web interface not properly validating certain requests and can be exploited to perform administrative tasks e.g. create an arbitrary user. The security issue is confirmed in version 11.10 Build 2929. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/sitescope_2-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 15:13:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 00:13:56 +0200 Subject: [SEC] [SA45808] SUSE update for seamonkey Message-ID: <201108292213.p7TMDuUd016491@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for seamonkey SECUNIA ADVISORY ID: SA45808 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45808/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45808 RELEASE DATE: 2011-08-29 DISCUSS ADVISORY: http://secunia.com/advisories/45808/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45808/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45808 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45667 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0957-1: http://lists.opensuse.org/opensuse-updates/2011-08/msg00039.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 15:49:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 00:49:38 +0200 Subject: [SEC] [SA45805] Squid Gopher Response Processing Buffer Overflow Vulnerability Message-ID: <201108292249.p7TMncBw006602@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Squid Gopher Response Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45805 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45805/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45805 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45805/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45805/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45805 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error when processing Gopher responses and can be exploited to cause a buffer overflow via an overly long string. Successful exploitation may allow execution of arbitrary code. This is related to vulnerability #2 in: SA13825 The vulnerability is reported in versions 3.0.x prior to 3.0.STABLE25 and 3.1.x prior to 3.1.14 SOLUTION: Update to version 3.0.STABLE26 or 3.1.15. PROVIDED AND/OR DISCOVERED BY: The vendor credits Ben Hawkes, Google Security Team. ORIGINAL ADVISORY: http://www.squid-cache.org/Advisories/SQUID-2011_3.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 16:14:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 01:14:02 +0200 Subject: [SEC] [SA45778] Omnistar Mailer "op" Cross-Site Scripting Vulnerability Message-ID: <201108292314.p7TNE2NA028603@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Omnistar Mailer "op" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45778 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45778/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45778 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45778/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45778/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45778 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Omnistar Mailer, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "op" parameter in admin/contacts.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Sid3^effects OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 16:48:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 01:48:42 +0200 Subject: [SEC] [SA45803] Xerox FreeFlow Print Server Multiple Vulnerabilities Message-ID: <201108292348.p7TNmgla018681@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Xerox FreeFlow Print Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45803 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45803/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45803 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45803/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45803/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45803 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Xerox has acknowledged multiple vulnerabilities in Xerox FreeFlow Print Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges, malicious users to cause a DoS (Denial of Service), and malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service) or potentially compromise a vulnerable system, and compromise a user's system. For more information: SA44590 SA44719 SA44784 SA45313 The vulnerabilities are reported in versions 73.A3.31 and 73.B0.73. SOLUTION: Apply updates. Please see the vendor's advisory for more details. ORIGINAL ADVISORY: http://www.xerox.com/download/security/security-bulletin/127e996-10b83-4ab94539ab540/cert_XRX11-003_V1.0.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 17:16:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 02:16:56 +0200 Subject: [SEC] [SA45843] Fedora update for mingw32-libpng Message-ID: <201108300016.p7U0GugQ008437@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for mingw32-libpng SECUNIA ADVISORY ID: SA45843 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45843/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45843 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45843/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45843/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45843 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mingw32-libpng. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA45046 SOLUTION: Apply updated packages via the yum utility ("yum update mingw32-libpng"). ORIGINAL ADVISORY: FEDORA-2011-10954: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064547.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 17:48:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 02:48:45 +0200 Subject: [SEC] [SA45830] Ipswitch WhatsUp Gold LDAP Authentication Security Bypass Security Issue Message-ID: <201108300048.p7U0mjVj030791@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Ipswitch WhatsUp Gold LDAP Authentication Security Bypass Security Issue SECUNIA ADVISORY ID: SA45830 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45830/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45830 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45830/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45830/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45830 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Ipswitch WhatsUp Gold, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an unspecified error when handling authentication via LDAP and can be exploited to login without a valid password. The security issue is reported in versions prior to 15.0.1. SOLUTION: Update to version 15.0.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.whatsupgold.com/support/patch-upgrades/wug1501.aspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 18:13:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 03:13:59 +0200 Subject: [SEC] [SA45816] WordPress MM Forms Community Parameter Key SQL Injection Vulnerability Message-ID: <201108300113.p7U1Dx18020386@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress MM Forms Community Parameter Key SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45816 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45816/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45816 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45816/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45816/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45816 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the MM Forms Community plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the parameter keys to wp-content/plugins/mm-forms-community/includes/edit_details.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.2.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/wordpress-mm-forms-community-plugin-123.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Aug 29 18:49:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 03:49:55 +0200 Subject: [SEC] [SA45844] SUSE update for MozillaFirefox Message-ID: <201108300149.p7U1ntD5010520@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox SECUNIA ADVISORY ID: SA45844 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45844/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45844 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45844/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45844/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45844 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0958-1: http://lists.opensuse.org/opensuse-updates/2011-08/msg00040.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 10:37:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 19:37:21 +0200 Subject: [SEC] [SA45735] JAMF Products "username" Cross-Site Scripting Vulnerability Message-ID: <201108301737.p7UHbLSW015136@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: JAMF Products "username" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45735 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45735/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45735 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45735/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45735/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45735 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Jose Carlos de Arriba has reported a vulnerability in JAMF Casper Suite, JAMF Recon Suite, and JAMF Imaging Suite, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "username" POST parameter to index.html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 8.1 and prior. SOLUTION: Update to version 8.2. PROVIDED AND/OR DISCOVERED BY: Jose Carlos de Arriba, Foreground Security. ORIGINAL ADVISORY: http://seclists.org/fulldisclosure/2011/Aug/328 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 11:35:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 20:35:56 +0200 Subject: [SEC] [SA45798] Red Hat update for samba3x Message-ID: <201108301835.p7UIZucQ006430@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for samba3x SECUNIA ADVISORY ID: SA45798 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45798/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45798 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45798/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45798/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45798 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for samba3x. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting and request forgery attacks. For more information: SA45371 SA45393 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1220-1: https://rhn.redhat.com/errata/RHSA-2011-1220.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 12:37:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 21:37:22 +0200 Subject: [SEC] [SA45806] Red Hat update for samba Message-ID: <201108301937.p7UJbMT7030283@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for samba SECUNIA ADVISORY ID: SA45806 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45806/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45806 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45806/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45806/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45806 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for samba. This fixes a weakness and multiple security issues and vulnerabilities, which can be exploited by malicious local users to cause a DoS (Denial of Service), disclose potentially sensitive information and potentially gain escalated privileges and by malicious people to conduct cross-site scripting and request forgery attacks. For more information: SA38286 SA38811 SA45371 SA45393 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1219-1: https://rhn.redhat.com/errata/RHSA-2011-1219.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 13:36:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 22:36:09 +0200 Subject: [SEC] [SA45754] SUSE update for SUSE Studio Onsite Message-ID: <201108302036.p7UKa9Il021621@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for SUSE Studio Onsite SECUNIA ADVISORY ID: SA45754 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45754/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45754 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45754/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45754/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45754 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for SUSE Studio Onsite, which can be exploited by malicious people to conduct script insertion attacks and compromise a vulnerable system. 1) Certain unspecified input related to overlay directory paths is not properly sanitised before being used and can be exploited to inject arbitrary shell commands. 2) Certain unspecified input related to pattern listings, RPM info display, pattern names and archive file lists is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 3) Some errors exist when handling filenames in a file browser, filenames for a custom RPM, filenames and archive names in a testdrive's modified files list, and filters in a modified file. 4) An error exists within an unspecified FileUtils function when expanding shell metacharacters. Successful exploitation of vulnerabilities #1, #3, and #4 may allow execution of arbitrary code. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00013.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 14:29:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 23:29:37 +0200 Subject: [SEC] [SA45696] Debian update for apache2 Message-ID: <201108302129.p7ULTbSf012650@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Debian update for apache2 SECUNIA ADVISORY ID: SA45696 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45696/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45696 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45696/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45696/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45696 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for apache2. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA40206 SA45606 NOTE: Debian GNU/Linux 6.0 (squeeze) is only affected by CVE-2011-3192. SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2298-1: http://www.debian.org/security/2011/dsa-2298 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 14:51:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 30 Aug 2011 23:51:56 +0200 Subject: [SEC] [SA45626] babelweb "user" Privilege Escalation Weakness Message-ID: <201108302151.p7ULpu4C002070@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: babelweb "user" Privilege Escalation Weakness SECUNIA ADVISORY ID: SA45626 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45626/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45626 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45626/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45626/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45626 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in babelweb, which can be exploited by malicious, local users to potentially perform certain actions with escalated privileges. The weakness is caused due to an error when checking if the "user" option is set correctly and leads to babelweb running with root privileges. The weakness is reported in version 0.2.1. Prior versions may also be affected. SOLUTION: Update to version 0.2.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://github.com/kerneis/babelweb/commit/093d2e5abc0ac918fae8cadc1f6fe2de8aab32f0#server.js OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 15:16:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 00:16:29 +0200 Subject: [SEC] [SA45804] Joomla! Almond Classifieds Component Insecure Directory Permissions Weakness Message-ID: <201108302216.p7UMGTS7024122@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Joomla! Almond Classifieds Component Insecure Directory Permissions Weakness SECUNIA ADVISORY ID: SA45804 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45804/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45804 RELEASE DATE: 2011-08-30 DISCUSS ADVISORY: http://secunia.com/advisories/45804/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45804/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45804 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in the Almond Classifieds component for Joomla!, which can be exploited by malicious, local users to manipulate certain data and potentially gain escalated privileges. The weakness is caused due to the component setting insecure permissions (777) for folders before being used. This can be exploited to e.g. modify, create, or delete files contained in the folders. The weakness is reported in version 7.5. Other versions may also be affected. SOLUTION: Update to the latest version. PROVIDED AND/OR DISCOVERED BY: Reported by the Joomla! VEL team. ORIGINAL ADVISORY: http://docs.joomla.org/Vulnerable_Extensions_List#Almond_Classifieds OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 15:51:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 00:51:46 +0200 Subject: [SEC] [SA45759] WordPress SH Slideshow Plugin "id" SQL Injection Vulnerability Message-ID: <201108302251.p7UMpkxQ014243@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress SH Slideshow Plugin "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45759 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45759/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45759 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45759/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45759/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45759 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the SH Slideshow plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" POST parameter to wp-content/plugins/sh-slideshow/ajax.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 3.1.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/wordpress-sh-slideshow-plugin-314-sql.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 16:16:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 01:16:52 +0200 Subject: [SEC] [SA45785] SUSE update for MozillaFirefox Message-ID: <201108302316.p7UNGqJu003848@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox SECUNIA ADVISORY ID: SA45785 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45785/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45785 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45785/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45785/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45785 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system. For more information: SA45581 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0957-2: http://lists.opensuse.org/opensuse-updates/2011-08/msg00043.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 16:49:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 01:49:49 +0200 Subject: [SEC] [SA45794] SUSE update for java-1_4_2-ibm Message-ID: <201108302349.p7UNnnJU026274@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for java-1_4_2-ibm SECUNIA ADVISORY ID: SA45794 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45794/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45794 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45794/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45794/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45794 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_4_2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA44784 SOLUTION: Apply updated packages via YaST Online Update or the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0966-1: https://hermes.opensuse.org/messages/11622943 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 17:17:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 02:17:10 +0200 Subject: [SEC] [SA45825] SUSE update for MozillaThunderbird Message-ID: <201108310017.p7V0HAIM016020@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for MozillaThunderbird SECUNIA ADVISORY ID: SA45825 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45825/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45825 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45825/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45825/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45825 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaThunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Apply updated packages via YaST Online Update or the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0935-2: http://lists.opensuse.org/opensuse-updates/2011-08/msg00042.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 17:49:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 02:49:52 +0200 Subject: [SEC] [SA45802] SUSE update for MozillaFirefox, MozillaThunderbird, and seamonkey Message-ID: <201108310049.p7V0nqCu005982@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox, MozillaThunderbird, and seamonkey SECUNIA ADVISORY ID: SA45802 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45802/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45802 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45802/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45802/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45802 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45581 SA45666 SOLUTION: Apply updated packages via YaST Online Update or the zypper package manager. ORIGINAL ADVISORY: SUSE-SA:2011:037: http://www.suse.com/support/security/advisories/2011_37_firefox.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 18:14:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 03:14:05 +0200 Subject: [SEC] [SA45831] SUSE update for MozillaFirefox Message-ID: <201108310114.p7V1E5c1027982@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox SECUNIA ADVISORY ID: SA45831 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45831/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45831 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45831/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45831/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45831 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a vulnerable system. For more information: SA45666 SOLUTION: Apply updated packages via YaST Online Update or the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0967-1: https://hermes.opensuse.org/messages/11623434 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 18:50:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 03:50:35 +0200 Subject: [SEC] [SA45749] IBM WebSphere Application Server Administration Console Information Disclosure Message-ID: <201108310150.p7V1oZSt018175@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server Administration Console Information Disclosure SECUNIA ADVISORY ID: SA45749 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45749/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45749 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45749/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45749/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45749 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere Application Server, which can be exploited by malicious users to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error in the administration console and can be exploited to view restricted files. The vulnerability is reported in versions 6.1.0.0 through 6.1.0.39, 7.0.0.0 through 7.0.0.18, and 8.0.0.0. SOLUTION: Apply fixes. Please see vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21509257 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 19:25:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 04:25:45 +0200 Subject: [SEC] [SA45748] Apache Tomcat AJP Message Injection Vulnerability Message-ID: <201108310225.p7V2Pja1008737@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Apache Tomcat AJP Message Injection Vulnerability SECUNIA ADVISORY ID: SA45748 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45748/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45748 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45748/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45748/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45748 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache Tomcat, which can be exploited by malicious people to disclose potentially sensitive information and bypass certain security restrictions. The vulnerability is caused due to Apache Tomcat incorrectly processing certain requests, which can be exploited to inject arbitrary AJP messages and e.g. disclose potentially sensitive information or bypass the authentication mechanism. Successful exploitation requires that the org.apache.jk.server.JkCoyoteHandler AJP connector is not used, POST requests are accepted, and the request body is not processed. The vulnerability is reported in versions 5.5.0 through 5.5.33, 6.0.0 through 6.0.33, and 7.0.0 through 7.0.20. SOLUTION: Fixed in the SVN repository. Update to versions 5.5.34, 6.0.34, or 7.0.21 when available. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported in an Apache bug by zhh. ORIGINAL ADVISORY: Apache Bug #51698: https://issues.apache.org/bugzilla/show_bug.cgi?id=51698 http://tomcat.apache.org/#Fixed_in_Apache_Tomcat_6.0.34_%28not_yet_released%29 http://tomcat.apache.org/#Fixed_in_Apache_Tomcat_7.0.21_%28not_yet_released%29 http://mail-archives.apache.org/mod_mbox/tomcat-announce/201108.mbox/%3C4E5BEDE0.8010604 at apache.org%3E OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 19:48:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 04:48:53 +0200 Subject: [SEC] [SA45697] Jcow "g" Cross-Site Scripting Vulnerability Message-ID: <201108310248.p7V2mrdh030677@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Jcow "g" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45697 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45697/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45697 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45697/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45697/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45697 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Aung Khant has discovered a vulnerability in Jcow, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "g" parameter to index.php (when "p" is set to "member/signup") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 4.2.1. Prior versions may also be affected. SOLUTION: Update to version 4.3.1ce. PROVIDED AND/OR DISCOVERED BY: Aung Khant ORIGINAL ADVISORY: http://yehg.net/lab/pr0js/advisories/%5Bjcow_4.2%5D_cross_site_scripting OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Aug 30 20:13:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 05:13:34 +0200 Subject: [SEC] [SA45760] Red Hat update for samba and cifs-utils Message-ID: <201108310313.p7V3DYu2020282@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for samba and cifs-utils SECUNIA ADVISORY ID: SA45760 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45760/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45760 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45760/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45760/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45760 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for samba and cifs-utils. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting and request forgery attacks. For more information: SA45371 SA45393 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1221-1: https://rhn.redhat.com/errata/RHSA-2011-1221.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 10:37:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 19:37:02 +0200 Subject: [SEC] [SA45753] Gigaset A580 IP SIP "Contact" Header Username Disclosure Weakness Message-ID: <201108311737.p7VHb2sN023382@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Gigaset A580 IP SIP "Contact" Header Username Disclosure Weakness SECUNIA ADVISORY ID: SA45753 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45753/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45753 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45753/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45753/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45753 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Gigaset A580 IP, which can be exploited by malicious people to disclose sensitive information. The weakness is caused due to an error when processing the SIP OPTIONS request and can be exploited to disclose the username by sending a "From" header with an empty SIP username field. SOLUTION: Filter malicious requests using a proxy. PROVIDED AND/OR DISCOVERED BY: Francesco Tornieri OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 11:48:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 20:48:23 +0200 Subject: [SEC] [SA45791] Opera Two Vulnerabilities Message-ID: <201108311848.p7VImNr4015355@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Opera Two Vulnerabilities SECUNIA ADVISORY ID: SA45791 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45791/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45791 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45791/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45791/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45791 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Opera, where one has unknown impacts and the other one can be exploited by malicious people to bypass certain security features. 1) An error when loading content can be exploited to cause Opera to display the security information of e.g. a trusted or secure website instead of the actual, untrusted website by loading and manipulating content in a certain sequence. 2) An unspecified error exists. No more information is currently available. SOLUTION: Update to version 11.51. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Roland Reck 2) Thai Duong and Juliano Rizzo ORIGINAL ADVISORY: http://www.opera.com/docs/changelogs/windows/1151/ http://www.opera.com/support/kb/view/1000/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 12:41:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 21:41:19 +0200 Subject: [SEC] [SA45809] Axway SecureTransport "/icons/" Directory Traversal Vulnerability Message-ID: <201108311941.p7VJfJMK006388@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Axway SecureTransport "/icons/" Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA45809 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45809/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45809 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45809/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45809/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45809 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Axway SecureTransport, which can be exploited by malicious people to disclose sensitive information. Certain input related to the /icons/ directory is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. Successful exploitation requires that SecureTransport runs on a Windows platform. The vulnerability is reported in versions 4.8.1 and 4.8.2. Other versions may also be affected. SOLUTION: Update to version 4.8.2 Patch 12. PROVIDED AND/OR DISCOVERED BY: sxkeebler and r at b13$, Digital Defense, Inc. Vulnerability Research Team. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-08/0201.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 13:35:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 22:35:14 +0200 Subject: [SEC] [SA45833] vAuthenticate Multiple SQL Injection Vulnerabilities Message-ID: <201108312035.p7VKZEgJ029876@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: vAuthenticate Multiple SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45833 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45833/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45833 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45833/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45833/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45833 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in vAuthenticate, which can be exploited by malicious users and malicious people to conduct SQL injection attacks. 1) Input passed to the "username" and "password" POST parameters in vAuthenticate.php is not properly sanitised before being used in the "authenticate()" function (auth.php) in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed to the "USERNAME" and "PASSWORD" cookie parameters in e.g. admin/index.php is not properly sanitised before being used in the "page_check()" function (auth.php) in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 3) Input passed to the "USERNAME" and "PASSWORD" cookie parameters in chgpwd.php (when "submit" is set) is not properly sanitised before being used in a SQL query. This can be exploited by malicious users to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can be exploited in combination with vulnerability #2. 4) Input passed to the "newpasswd" POST parameter in chgpwd.php (when "submit" is set) is not properly sanitised before being used in a SQL query. This can be exploited by malicious users to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can be exploited in combination with vulnerability #3. The vulnerabilities are confirmed in version 3.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: 1-3) bd0rk 4) An anonymous person ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17752/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 14:27:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 23:27:28 +0200 Subject: [SEC] [SA45850] Cisco Wireless Control System HTTP Server ByteRange Filter Denial of Service Vulnerability Message-ID: <201108312127.p7VLRSGE020896@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco Wireless Control System HTTP Server ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45850 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45850/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45850 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45850/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45850/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45850 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Cisco has acknowledged a vulnerability in Cisco Wireless Control System (WCS), which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 SOLUTION: Restrict access to trusted hosts only. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 14:48:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 31 Aug 2011 23:48:42 +0200 Subject: [SEC] [SA45826] SUSE update for apache2-mod_auth_mysql Message-ID: <201108312148.p7VLmgLq010307@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: SUSE update for apache2-mod_auth_mysql SECUNIA ADVISORY ID: SA45826 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45826/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45826 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45826/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45826/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45826 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for apache2-mod_auth_mysql. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks. For more information: SA33627 SOLUTION: Apply updated packages via YaST Online Update or the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0973-1: https://hermes.opensuse.org/messages/11629822 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 15:14:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Sep 2011 00:14:57 +0200 Subject: [SEC] [SA45801] WordPress yolink Search Plugin Two SQL Injection Vulnerabilities Message-ID: <201108312214.p7VMEvGH032403@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: WordPress yolink Search Plugin Two SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45801 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45801/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45801 RELEASE DATE: 2011-08-31 DISCUSS ADVISORY: http://secunia.com/advisories/45801/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45801/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45801 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered two vulnerabilities in the yolink Search plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "from_id" and "batch_size" POST parameters to wp-content/plugins/yolink-search/includes/bulkcrawl.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 1.1.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: http://unconciousmind.blogspot.com/2011/08/wordpress-yolink-search-plugin-114-sql.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 15:52:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Sep 2011 00:52:37 +0200 Subject: [SEC] [SA45771] Cisco NX-OS HTTP Server ByteRange Filter Denial of Service Vulnerability Message-ID: <201108312252.p7VMqbsS022691@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco NX-OS HTTP Server ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45771 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45771/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45771 RELEASE DATE: 2011-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/45771/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45771/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45771 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Cisco has acknowledged a vulnerability in Cisco NX-OS, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 The vulnerability is reported in versions prior to 4.2.x for the following products: * Cisco MDS 9000 Series * Cisco Nexus 7000 Series Switches SOLUTION: Update to version 4.2.x or later. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 16:14:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Sep 2011 01:14:34 +0200 Subject: [SEC] [SA45851] Cisco Video Products HTTP Server ByteRange Filter Denial of Service Vulnerability Message-ID: <201108312314.p7VNEYYi012141@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Cisco Video Products HTTP Server ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45851 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45851/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45851 RELEASE DATE: 2011-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/45851/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45851/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45851 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Cisco has acknowledged a vulnerability in some Cisco video products, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 The vulnerability is reported in the following products: * Cisco TelePresence Video Communication Server (VCS) * Cisco Video Surveillance Manager (VSM) * Cisco Video Surveillance Operations Manager (VSOM) SOLUTION: Restrict access to trusted hosts only. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 16:51:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Sep 2011 01:51:52 +0200 Subject: [SEC] [SA45837] Fedora update for freetype Message-ID: <201108312351.p7VNpqTI002366@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Fedora update for freetype SECUNIA ADVISORY ID: SA45837 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45837/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45837 RELEASE DATE: 2011-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/45837/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45837/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45837 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA45167 SOLUTION: Apply updated packages via the yum utility ("yum update freetype"). ORIGINAL ADVISORY: FEDORA-2011-9525: http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064934.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Aug 31 17:27:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 1 Sep 2011 02:27:49 +0200 Subject: [SEC] [SA45840] IBM WebSphere Application Server Community Edition Unspecified Vulnerability Message-ID: <201109010027.p810RnLF024989@CRON-IX-2.intnet> ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server Community Edition Unspecified Vulnerability SECUNIA ADVISORY ID: SA45840 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45840/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45840 RELEASE DATE: 2011-09-01 DISCUSS ADVISORY: http://secunia.com/advisories/45840/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45840/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45840 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with an unknown impact has been reported in IBM WebSphere Application Server Community Edition. The vulnerability is caused due to an unspecified error in the implementation of the Tomcat Webdav Servlet. No further information is currently available. Successful exploitation requires the servlet to be write-enabled. The vulnerability is reported in version 1.1.0.2. SOLUTION: Update the Tomcat Webdav Servlet to version 5.5.15-142. Please see vendor's advisory for further details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21292875 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ----------------------------------------------------------------------